Browser Redirect on Windows 7 laptop

Toshiba Satellite L755 running Windows 7 Home Premium with service pack 1 64 bit OS

All search providers (Google, Bing, Yahoo, etc.) on Firefox (v 17.0.1) and IE (v 9.0.8112.16421) have a variable chance of re-directing the search, based on how long it's been since I tried to clean the problem off, ranging from 1 in 3 up to all of the searches. No discernible pattern to redirects in my tests. Firefox Addons include: AdAware security Addon 2.2, AdBlock Plus 2.2.1, AdBlock Plus Popup helper 0.5, BetterPrivacy 1.68, Block Site 1.0.3, BrowserProtect 1.1.3, Ghostery 2.8.3, Lavasoft search plugin 0.6(no idea why she has that one), NoRedirect 1.3.2.13 and WOT 20120926 (Most of which wouldn't help this problem but might be significant.) All of these were added after the problem started except BetterPrivacy and WOT.

Procedures tried so far. In Safe Mode, I ran RKill and TDDSkiller followed by full scans from Malwarebytes AntiMalware, SuperAntiSpyware, AdAware and the AntiVirus on her computer (Avast). Not in Safe Mode I've tried manual checks of known locations for the Google Redirect Virus, Malwarebytes Anti-Rootkit and Re-Image Repair (Not a perfect program but the only one I've found of it's kind and it always helps.) Each time the problem starts again before the day is out and is in full force within a couple days. I suspect a Backdoor Trojan with Rootkit based on my research but you will know better than I do if that's the case.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421
Run by admin at 12:43:13 on 2012-12-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.1939 [GMT -5:00]
.
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\taskhost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\SysWOW64\svchost.exe -k Akamai
C:\windows\system32\spool\DRIVERS\x64\3\lxebserv.exe
C:\windows\system32\lxebcoms.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe
C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe
C:\Users\admin\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\admin\AppData\Local\Akamai\netsession_win.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\real\realplayer\Update\realsched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=10363A2B5C0E90878B166850BE2080FE
uDefault_Page_URL = hxxp://start.toshiba.com
uProxyOverride = <local>
uURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned>
uURLSearchHooks: NetAssistant: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files (x86)\Freeze.com\NetAssistant\NetAssistant.dll
mWinlogon: Userinit = userinit.exe
BHO: AutorunsDisabled - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: TBSB01620 Class: {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Lexmark Printable Web: {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: NetAssistant: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files (x86)\Freeze.com\NetAssistant\NetAssistant.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
TB: IMinent Toolbar: {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
uRun: [Akamai NetSession Interface] "C:\Users\admin\AppData\Local\Akamai\netsession_win.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRunOnce: [Z1] C:\Users\admin\Downloads\mbar-1.01.0.1011\mbar\mbar.exe /cleanup /s
StartupFolder: C:\Users\admin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{9A0AC69A-540D-47FA-B522-DADF24517D23} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9A0AC69A-540D-47FA-B522-DADF24517D23}\3427F6F6B63713 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{9A0AC69A-540D-47FA-B522-DADF24517D23}\77162736C6F677E6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{9A0AC69A-540D-47FA-B522-DADF24517D23}\8416D696C647F6E60284F6D656 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{9A0AC69A-540D-47FA-B522-DADF24517D23}\84F6D65602E4564777F627B6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9A0AC69A-540D-47FA-B522-DADF24517D23}\D616C6F6E65602C696E6B6379737 : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [lxebmon.exe] "C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe"
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe"
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\
FF - prefs.js: browser.search.selectedEngine - Reimage Search
FF - prefs.js: browser.startup.homepage - hxxp://safesearch.lavasoft.com/?pr=blekko&source=3336ca5f&tbp=homepage&id=adawaretb&v=2_2&u=10363A2B5C0E90878B166850BE2080FE
FF - prefs.js: keyword.URL - hxxp://search.reimageplus.com/?sp=reimb&q=
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
FF - ExtSQL: 2012-11-11 16:50; {c1970c0d-dbe6-4d91-804f-c9c0de643a57}; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{c1970c0d-dbe6-4d91-804f-c9c0de643a57}.xpi
FF - ExtSQL: 2012-11-11 16:54; {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF - ExtSQL: 2012-11-11 17:07; {dd3d7613-0246-469d-bc65-2a3cc1668adc}; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi
FF - ExtSQL: 2012-11-11 17:08; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2012-11-26 14:56; infoatoms@infoatoms.com; C:\Program Files (x86)\Mozilla Firefox\extensions\infoatoms@infoatoms.com
FF - ExtSQL: 2012-12-04 10:54; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-12-04 10:55; adblockpopups@jessehakanen.net; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\adblockpopups@jessehakanen.net.xpi
FF - ExtSQL: 2012-12-04 11:10; {87934c42-161d-45bc-8cef-ef18abe2a30c}; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
FF - ExtSQL: 2012-12-04 11:10; jid1-yZwVFzbsyfMrqQ@jetpack; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
FF - ExtSQL: 2012-12-12 05:09; {cd617375-6743-4ee8-bac4-fbf10f35729e}; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
FF - ExtSQL: 2012-12-12 05:09; {ada4b710-8346-4b82-8199-5de2b400a6ae}; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF - ExtSQL: 2012-12-12 05:09; {5546F97E-11A5-46b0-9082-32AD74AAA920}; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{5546F97E-11A5-46b0-9082-32AD74AAA920}.xpi
FF - ExtSQL: 2012-12-12 05:09; {3d7eb24f-2740-49df-8937-200b1cc08f8a}; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
FF - ExtSQL: 2012-12-12 05:09; firefox@ghostery.com; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\firefox@ghostery.com
FF - ExtSQL: 2012-12-12 05:09; en-US@dictionaries.addons.mozilla.org; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\en-US@dictionaries.addons.mozilla.org
FF - ExtSQL: 2012-12-12 05:09; browserprotect@browserprotect.com; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\browserprotect@browserprotect.com.xpi
FF - ExtSQL: 2012-12-12 05:09; abine@abine.com; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\abine@abine.com
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;C:\windows\System32\drivers\aswNdis.sys [2012-2-13 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service;C:\windows\System32\drivers\aswNdis2.sys [2012-2-13 262656]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2009-6-24 482384]
R1 aswFW;avast! TDI Firewall driver;C:\windows\System32\drivers\aswFW.sys [2012-2-13 132864]
R1 aswKbd;aswKbd;C:\windows\System32\drivers\aswKbd.sys [2012-2-26 21136]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2012-2-13 984144]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2012-2-13 370288]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 140672]
R2 Akamai;Akamai NetSession Interface;C:\windows\System32\svchost.exe -k Akamai [2011-11-3 27136]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2012-2-13 25232]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-2-13 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-8 44808]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-11-8 133912]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 lxeb_device;lxeb_device;C:\windows\System32\lxebcoms.exe -service --> C:\windows\System32\lxebcoms.exe -service [?]
R2 lxebCATSCustConnectService;lxebCATSCustConnectService;C:\windows\System32\spool\drivers\x64\3\lxebserv.exe [2012-2-11 45736]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2011-11-30 126392]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-7-5 3048136]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-5-24 294848]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-11-30 2656280]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-10-15 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-11-8 76912]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-11-30 38096]
R3 QIOMem;Generic IO & Memory Access;C:\windows\System32\drivers\QIOMem.sys [2009-6-15 12800]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2011-11-30 1109096]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-11-30 57216]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-9 138152]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-7-1 828856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-11-30 250984]
S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;C:\windows\System32\drivers\rtsuvstor.sys [2011-11-30 307304]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-2-11 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-12-12 13:01:53 12872 ----a-w- C:\windows\System32\bootdelete.exe
2012-12-12 12:53:15 -------- d-----w- C:\ProgramData\HitmanPro
2012-12-12 10:25:34 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2012-12-12 10:09:50 -------- d-----w- C:\Users\admin\AppData\Roaming\Abine
2012-12-12 03:23:41 301568 ----a-w- C:\Program Files\Microsoft Games\More Games\MoreGames.dll
2012-12-12 03:21:40 145792 ----a-w- C:\windows\System32\drivers\E1G6032E.sys
2012-12-12 02:19:42 9728 ----a-w- C:\windows\System32\Native.exe
2012-12-11 19:41:04 41984 ----a-w- C:\windows\SysWow64\agremove.exe
2012-12-07 15:33:55 230400 ----a-w- C:\windows\System32\Spool\prtprocs\x64\hpzppw71.dll
2012-12-06 01:26:57 -------- d-----w- C:\Users\admin\AppData\Local\{6106B576-3279-4B19-984A-0D43736FA974}
2012-12-04 16:21:08 -------- d-----w- C:\ProgramData\Ad-Aware Antivirus
2012-12-04 16:13:57 -------- d-----w- C:\Users\admin\AppData\Roaming\LavasoftStatistics
2012-12-04 16:11:32 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus
2012-12-04 16:10:54 -------- d-----w- C:\ProgramData\Search Protection
2012-12-04 16:10:53 -------- d-----w- C:\Users\admin\AppData\Local\adawarebp
2012-12-04 16:10:53 -------- d-----w- C:\ProgramData\blekko toolbars
2012-12-04 16:10:52 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
2012-12-04 16:10:46 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner
2012-12-04 16:10:38 -------- d-----w- C:\Program Files (x86)\adawaretb
2012-12-04 16:09:28 -------- d-----w- C:\Users\admin\AppData\Roaming\Ad-Aware Antivirus
2012-12-03 03:20:55 -------- d-----w- C:\Users\admin\AppData\Local\{7234033E-4E03-4167-A4C8-E450E4856995}
2012-12-03 03:10:51 -------- d-----w- C:\Program Files\Lexmark Tools for Office
2012-12-03 03:09:54 557568 ----a-w- C:\windows\System32\lxebinpa.dll
2012-12-03 03:09:54 515584 ----a-w- C:\windows\System32\lxebiesc.dll
2012-12-03 03:09:54 1331712 ----a-w- C:\windows\System32\lxebusb1.dll
2012-12-03 03:09:53 892416 ----a-w- C:\windows\System32\lxeblmpm.dll
2012-12-03 03:09:53 1631744 ----a-w- C:\windows\System32\lxebserv.dll
2012-12-03 03:09:53 1371648 ----a-w- C:\windows\System32\lxebcomc.dll
2012-12-03 03:09:53 1104384 ----a-w- C:\windows\System32\lxebhbn3.dll
2012-12-03 03:09:53 1052328 ----a-w- C:\windows\System32\lxebcoms.exe
2012-11-28 03:24:29 -------- d-----w- C:\Users\admin\AppData\Local\{CF7E36B5-A415-494B-9DD5-AE8BD36B9AAF}
2012-11-26 20:16:09 -------- d-----w- C:\TDSSKiller_Quarantine
2012-11-24 02:40:05 -------- d-----w- C:\Recovery
2012-11-24 02:40:05 -------- d-----w- C:\PerfLogs
2012-11-24 02:04:00 -------- d-----w- C:\ReimageUndo
2012-11-24 01:44:27 -------- d-----w- C:\rei
2012-11-24 01:44:22 -------- d-----w- C:\Program Files\Reimage
2012-11-16 05:20:11 2560 ----a-w- C:\windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-16 05:20:10 9728 ----a-w- C:\windows\System32\Wdfres.dll
2012-11-16 05:20:10 654928 ----a-w- C:\windows\System32\drivers\Wdf01000.sys
2012-11-16 05:20:10 42064 ----a-w- C:\windows\System32\drivers\WdfLdr.sys
2012-11-16 05:11:25 172544 ----a-w- C:\windows\System32\drivers\WUDFRd.sys
2012-11-16 05:11:24 78848 ----a-w- C:\windows\System32\WUDFSvc.dll
2012-11-16 05:11:24 182784 ----a-w- C:\windows\System32\WUDFPlatform.dll
2012-11-16 05:11:24 112128 ----a-w- C:\windows\System32\drivers\WUDFPf.sys
2012-11-16 05:11:22 681472 ----a-w- C:\windows\System32\WUDFx.dll
2012-11-16 05:11:22 44544 ----a-w- C:\windows\System32\WUDFCoinstaller.dll
2012-11-16 05:11:22 226816 ----a-w- C:\windows\System32\WUDFHost.exe
2012-11-15 04:28:47 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2012-11-15 04:27:50 499712 ----a-w- C:\windows\SysWow64\msvcp71.dll
2012-11-15 04:27:50 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll
2012-11-13 22:28:44 -------- d-----w- C:\Users\admin\AppData\Local\jZip
.
==================== Find3M ====================
.
2012-12-11 19:39:31 17920 ----a-w- C:\windows\System32\rpcnetp.exe
2012-11-13 13:01:25 73656 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-13 13:01:25 697272 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-11-10 08:42:26 0 ----a-w- C:\windows\SysWow64\sho9F57.tmp
2012-10-30 23:51:55 984144 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2012-10-30 23:51:55 71600 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2012-10-30 23:51:55 262656 ----a-w- C:\windows\System32\drivers\aswNdis2.sys
2012-10-30 23:51:55 21136 ----a-w- C:\windows\System32\drivers\aswKbd.sys
2012-10-30 23:51:53 132864 ----a-w- C:\windows\System32\drivers\aswFW.sys
2012-10-30 23:51:07 41224 ----a-w- C:\windows\avastSS.scr
2012-10-15 16:59:28 54072 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2012-09-29 23:54:26 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-09-19 12:19:42 13160 ----a-w- C:\windows\SysWow64\Upgrd.exe
.
============= FINISH: 12:43:51.21 ===============

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

• Please do not run any tools unless instructed to do so.
  
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
• Please do not attach logs or use code boxes, just copy and paste the text.
  
  • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
• Please read every post completely before doing anything.
  
  • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
• Please provide feedback about your experience as we go.
  
  • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

• Download Security Check by screen317 from here.
• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

• Please download AdwCleaner by Xplode onto your desktop.
  
• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
• Click on Delete.
• Confirm each time with Ok.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

• Download & SAVE to your Desktop RogueKiller or from here
  
• Quit all programs that you may have started.
• Please disconnect any USB or external drives from the computer before you run this scan!
• For Vista or Windows 7, right-click and select "Run as Administrator to start"
• For Windows XP, double-click to start.
• Wait until Prescan has finished ...
• Then Click on "Scan" button
• Wait until the Status box shows "Scan Finished"
• click on "delete"
• Wait until the Status box shows "Deleting Finished"
• Click on "Report" and copy/paste the content of the Notepad into your next reply.
• The log should be found in RKreport[1].txt on your Desktop
• Exit/Close RogueKiller+

Gringo

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Java™ 6 Update 22
Java™ 6 Update 25
Java version out of Date!
Adobe Flash Player 11.5.502.110
Adobe Reader 10.1.4 Adobe Reader out of Date!
Mozilla Firefox (17.0.1)
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast afwServ.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````



# AdwCleaner v2.100 - Logfile created 12/12/2012 at 14:36:21
# Updated 09/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : admin - ADMIN-PC
# Boot Mode : Normal
# Running from : C:\Users\admin\Desktop\Troubleshooting logs\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\Users\admin\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\IMinent toolbar
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\iWin
Folder Deleted : C:\ProgramData\search protection
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\admin\AppData\Local\APN
Folder Deleted : C:\Users\admin\AppData\Local\Conduit
Folder Deleted : C:\Users\admin\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\admin\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\admin\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620
Key Deleted : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

Profile name : default
File : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\prefs.js

Deleted : user_pref("BlockSite.blacklist", "63.209.69.107|||8.26.70.252|||r.looksmart.com|||searchreno.com|||c[...]
Deleted : user_pref("browser.startup.homepage", "hxxp://safesearch.lavasoft.com/?pr=blekko&source=3336ca5f&tbp[...]
Deleted : user_pref("extensions.browserprotect.homepage", "hxxp://safesearch.lavasoft.com/?pr=blekko&source=33[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [23043 octets] - [12/12/2012 14:36:21]

########## EOF - C:\AdwCleaner[S1].txt - [23104 octets] ##########


RogueKiller V8.4.0 [Dec 12 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : admin [Admin rights]
Mode : Remove -- Date : 12/12/2012 14:42:25

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK6475GSX +++++
--- User ---
[MBR] c37b2373e2a5a0751b447a3a264d949c
[BSP] b6c42b31da762093b9383edb4f45f094 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 593953 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 1219489792 | Size: 15026 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_12122012_02d1442.txt >>
RKreport[1]_S_12122012_02d1442.txt ; RKreport[2]_D_12122012_02d1442.txt

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

• In your next post I need the following
  
• Log from Combofix
• let me know of any problems you may have had
  
• How is the computer doing now?

Gringo

Before running ComboFix, I had about 1 search in 10 redirecting, After running I tried again and had 1 search redirect, out of about 80 tries. Definitely an improvement. I can't say if that redirect was the link (in Yahoo) or the virus but the link was supposed to be to a Wikpedia page. If it is still the virus it will get worse again within a few days.



ComboFix 12-12-10.01 - admin 12/12/2012 15:47:54.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.2557 [GMT -5:00]
Running from: c:\users\admin\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Vid-Saver
c:\program files (x86)\Vid-Saver\Vid-Saver.exe
c:\program files (x86)\Vid-Saver\Vid-Saver.ico
c:\program files (x86)\Vid-Saver\Vid-Saver.ini
c:\program files (x86)\Vid-Saver\Vid-SaverGui.exe
c:\program files (x86)\Vid-Saver\Vid-SaverInstaller.log
c:\users\admin\AppData\Local\Vid-Saver
c:\users\admin\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx
c:\users\admin\AppData\Roaming\Roaming
c:\users\admin\AppData\Roaming\Roaming\Nevosoft\Vampireville\settings.txt
.
.
((((((((((((((((((((((((( Files Created from 2012-11-12 to 2012-12-12 )))))))))))))))))))))))))))))))
.
.
2012-12-12 20:54 . 2012-12-12 20:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-12 13:01 . 2012-12-12 13:01 12872 ----a-w- c:\windows\system32\bootdelete.exe
2012-12-12 12:53 . 2012-12-12 13:02 -------- d-----w- c:\programdata\HitmanPro
2012-12-12 10:25 . 2012-12-12 10:25 -------- d-----w- c:\program files (x86)\VS Revo Group
2012-12-12 10:09 . 2012-12-12 10:16 -------- d-----w- c:\users\admin\AppData\Roaming\Abine
2012-12-12 03:23 . 2009-07-13 22:41 301568 ----a-w- c:\program files\Microsoft Games\More Games\MoreGames.dll
2012-12-12 03:21 . 2009-06-10 20:35 145792 ----a-w- c:\windows\system32\drivers\E1G6032E.sys
2012-12-12 02:19 . 2012-12-12 02:19 9728 ----a-w- c:\windows\system32\Native.exe
2012-12-11 19:41 . 2012-12-11 19:41 41984 ----a-w- c:\windows\SysWow64\agremove.exe
2012-12-11 12:52 . 2012-12-11 12:58 -------- d-----w- c:\program files\Google
2012-12-07 15:33 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2012-12-06 15:42 . 2012-12-06 15:42 -------- d-----w- c:\program files\Uninstall Information
2012-12-04 16:21 . 2012-12-04 16:31 -------- d-----w- c:\programdata\Ad-Aware Antivirus
2012-12-04 16:13 . 2012-12-04 16:13 -------- d-----w- c:\users\admin\AppData\Roaming\LavasoftStatistics
2012-12-04 16:11 . 2012-12-11 19:38 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
2012-12-04 16:11 . 2012-12-04 16:11 -------- d-----w- c:\programdata\Lavasoft
2012-12-04 16:10 . 2012-12-04 16:10 -------- d-----w- c:\users\admin\AppData\Local\adawarebp
2012-12-04 16:10 . 2012-12-11 19:35 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2012-12-04 16:10 . 2012-12-11 19:36 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2012-12-04 16:10 . 2012-12-11 19:36 -------- d-----w- c:\program files (x86)\adawaretb
2012-12-04 16:09 . 2012-12-06 02:23 -------- d-----w- c:\users\admin\AppData\Roaming\Ad-Aware Antivirus
2012-12-03 03:10 . 2012-12-11 19:35 -------- d-----w- c:\program files\Lexmark Tools for Office
2012-12-03 03:09 . 2009-12-09 20:26 1331712 ----a-w- c:\windows\system32\lxebusb1.dll
2012-12-03 03:09 . 2009-12-09 20:23 515584 ----a-w- c:\windows\system32\lxebiesc.dll
2012-12-03 03:09 . 2009-12-09 20:23 557568 ----a-w- c:\windows\system32\lxebinpa.dll
2012-12-03 03:09 . 2010-04-14 19:56 1052328 ----a-w- c:\windows\system32\lxebcoms.exe
2012-12-03 03:09 . 2009-12-09 20:28 1631744 ----a-w- c:\windows\system32\lxebserv.dll
2012-12-03 03:09 . 2009-12-09 20:27 1104384 ----a-w- c:\windows\system32\lxebhbn3.dll
2012-12-03 03:09 . 2009-12-09 20:24 892416 ----a-w- c:\windows\system32\lxeblmpm.dll
2012-12-03 03:09 . 2009-12-09 20:24 1371648 ----a-w- c:\windows\system32\lxebcomc.dll
2012-11-26 20:16 . 2012-11-26 20:19 -------- d-----w- C:\TDSSKiller_Quarantine
2012-11-24 02:40 . 2012-11-24 02:40 -------- d-----w- C:\Recovery
2012-11-24 02:40 . 2012-11-24 02:40 -------- d-----w- C:\PerfLogs
2012-11-24 02:04 . 2012-12-12 02:19 -------- d-----w- C:\ReimageUndo
2012-11-24 01:44 . 2012-12-12 03:29 -------- d-----w- C:\rei
2012-11-24 01:44 . 2012-11-24 01:44 -------- d-----w- c:\program files\Reimage
2012-11-16 05:20 . 2010-11-21 04:06 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-16 05:20 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-16 05:20 . 2009-07-13 22:45 654928 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-16 05:20 . 2009-07-13 22:45 42064 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-16 05:11 . 2010-11-21 00:23 172544 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-16 05:11 . 2010-11-21 00:23 78848 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-16 05:11 . 2010-11-21 00:23 112128 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-16 05:11 . 2010-11-21 00:23 182784 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-16 05:11 . 2010-11-21 00:23 681472 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-16 05:11 . 2010-11-21 00:23 44544 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 05:11 . 2010-11-21 00:23 226816 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 04:28 . 2012-11-15 04:28 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2012-11-15 04:27 . 2012-11-15 04:27 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-11-15 04:27 . 2012-11-15 04:27 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-11-13 22:28 . 2012-11-13 22:28 -------- d-----w- c:\users\admin\AppData\Local\jZip
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-11 19:39 . 2012-06-13 20:29 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2012-11-13 13:01 . 2012-03-31 17:08 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-13 13:01 . 2011-11-03 06:12 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-10 08:42 . 2012-11-10 08:42 0 ----a-w- c:\windows\SysWow64\sho9F57.tmp
2012-10-30 23:51 . 2012-02-13 12:05 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 23:51 . 2012-02-26 05:15 21136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-10-30 23:51 . 2012-02-13 12:06 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 23:51 . 2012-02-13 12:06 262656 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-10-30 23:51 . 2012-02-13 12:05 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 23:51 . 2012-02-13 12:05 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 23:51 . 2012-02-13 12:06 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 23:51 . 2012-02-13 12:06 132864 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-10-30 23:51 . 2012-02-13 12:05 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 23:50 . 2012-02-13 12:05 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-30 23:50 . 2012-02-13 12:05 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-15 16:59 . 2012-02-26 05:15 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-09-29 23:54 . 2012-03-08 02:57 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-19 12:19 . 2012-06-13 20:31 13160 ----a-w- c:\windows\SysWow64\Upgrd.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\admin\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-07-12 1298816]
"NortonOnlineBackupReminder"="c:\program files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" [2011-06-22 3218864]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2012-11-15 296096]
.
c:\users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2011-05-24 294848]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-02 250984]
R3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2011-07-09 307304]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-11 1255736]
R4 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R4 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R4 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R4 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2011-11-28 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-06-24 482384]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-12-12 140672]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-13 27136]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2012-10-30 133912]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 lxeb_device;lxeb_device;c:\windows\system32\lxebcoms.exe [2010-04-14 1052328]
S2 lxebCATSCustConnectService;lxebCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe [2010-04-14 45736]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2011-07-19 126392]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2009-06-15 12800]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-01-05 1109096]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-12 57216]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-10 138152]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 13:01]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-09 20:46]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-09 20:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-09 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-09 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-09 416024]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2011-03-25 310912]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-07-01 562304]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2011-06-10 710560]
"lxebmon.exe"="c:\program files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe" [2010-05-05 770728]
"EzPrint"="c:\program files (x86)\Lexmark Pro200-S500 Series\ezprint.exe" [2010-05-05 148280]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=10363A2B5C0E90878B166850BE2080FE
mLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\
FF - prefs.js: browser.search.selectedEngine - Reimage Search
FF - prefs.js: keyword.URL - hxxp://search.reimageplus.com/?sp=reimb&q=
FF - ExtSQL: 2012-11-11 16:50; {c1970c0d-dbe6-4d91-804f-c9c0de643a57}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{c1970c0d-dbe6-4d91-804f-c9c0de643a57}.xpi
FF - ExtSQL: 2012-11-11 16:54; {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF - ExtSQL: 2012-11-11 17:07; {dd3d7613-0246-469d-bc65-2a3cc1668adc}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi
FF - ExtSQL: 2012-11-11 17:08; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2012-11-26 14:56; infoatoms@infoatoms.com; c:\program files (x86)\Mozilla Firefox\extensions\infoatoms@infoatoms.com
FF - ExtSQL: 2012-12-04 10:54; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-12-04 10:55; adblockpopups@jessehakanen.net; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\adblockpopups@jessehakanen.net.xpi
FF - ExtSQL: 2012-12-04 11:10; {87934c42-161d-45bc-8cef-ef18abe2a30c}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
FF - ExtSQL: 2012-12-04 11:10; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
FF - ExtSQL: 2012-12-12 05:09; {cd617375-6743-4ee8-bac4-fbf10f35729e}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
FF - ExtSQL: 2012-12-12 05:09; {ada4b710-8346-4b82-8199-5de2b400a6ae}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF - ExtSQL: 2012-12-12 05:09; {5546F97E-11A5-46b0-9082-32AD74AAA920}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{5546F97E-11A5-46b0-9082-32AD74AAA920}.xpi
FF - ExtSQL: 2012-12-12 05:09; {3d7eb24f-2740-49df-8937-200b1cc08f8a}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
FF - ExtSQL: 2012-12-12 05:09; firefox@ghostery.com; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\firefox@ghostery.com
FF - ExtSQL: 2012-12-12 05:09; en-US@dictionaries.addons.mozilla.org; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\en-US@dictionaries.addons.mozilla.org
FF - ExtSQL: 2012-12-12 05:09; browserprotect@browserprotect.com; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\browserprotect@browserprotect.com.xpi
FF - ExtSQL: 2012-12-12 05:09; abine@abine.com; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\abine@abine.com
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
Toolbar-Locked - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
Wow6432Node-HKLM-Run-TSleepSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
Toolbar-Locked - (no file)
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
AddRemove-Chiefs - c:\windows\system32\ssunstl.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]
"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-12 15:56:33
ComboFix-quarantined-files.txt 2012-12-12 20:56
.
Pre-Run: 481,379,794,944 bytes free
Post-Run: 481,238,953,984 bytes free
.
- - End Of File - - BF44FC8D29D16768EEF60A81BE0F98DA

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
• Put a checkmark beside loaded modules.
• A reboot will be needed to apply the changes. Do it.
• TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
• Then click on Change parameters in TDSSKiller.
• Check all boxes then click OK.
• Click the Start Scan button.
• The scan should take no longer than 2 minutes.
• If a suspicious object is detected, the default action will be Skip, click on Continue.
• If malicious objects are found, they will show in the Scan results
• Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
• A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.

• Double click the aswMBR.exe icon to run it
• it will ask to download extra definitions - ALLOW IT
• Click the Scan button to start the scan
• On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo

I got a blue screen and reboot the first time I tried to run aswMBR. First one I've seen on this computer. Second time worked. I see an infected file in that report.

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-13 16:35:38
-----------------------------
16:35:38.055 OS Version: Windows x64 6.1.7601 Service Pack 1
16:35:38.055 Number of processors: 4 586 0x2A07
16:35:38.055 ComputerName: ADMIN-PC UserName: admin
16:35:39.880 Initialize success
16:35:39.942 AVAST engine defs: 12121301
16:35:44.451 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:35:44.466 Disk 0 Vendor: TOSHIBA_ GT00 Size: 610480MB BusType: 3
16:35:44.482 Disk 0 MBR read successfully
16:35:44.482 Disk 0 MBR scan
16:35:44.482 Disk 0 Windows VISTA default MBR code
16:35:44.497 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
16:35:44.513 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 593953 MB offset 3074048
16:35:44.591 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 15026 MB offset 1219489792
16:35:44.622 Disk 0 scanning C:\windows\system32\drivers
16:35:59.271 Service scanning
16:36:45.405 Modules scanning
16:36:45.421 Disk 0 trace - called modules:
16:36:45.421
16:36:46.575 AVAST engine scan C:\windows
16:36:47.636 File: C:\windows\PEV.exe **INFECTED** Win32:Rootkit-gen [Rtk]
16:36:49.321 AVAST engine scan C:\windows\system32
16:38:49.909 AVAST engine scan C:\windows\system32\drivers
16:39:00.673 AVAST engine scan C:\Users\admin
16:39:36.023 Disk 0 MBR has been saved successfully to "C:\Users\admin\Desktop\Troubleshooting logs\MBR.dat"
16:39:36.023 The log file has been saved successfully to "C:\Users\admin\Desktop\Troubleshooting logs\aswMBR.txt"







aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-13 16:35:38
-----------------------------
16:35:38.055 OS Version: Windows x64 6.1.7601 Service Pack 1
16:35:38.055 Number of processors: 4 586 0x2A07
16:35:38.055 ComputerName: ADMIN-PC UserName: admin
16:35:39.880 Initialize success
16:35:39.942 AVAST engine defs: 12121301
16:35:44.451 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:35:44.466 Disk 0 Vendor: TOSHIBA_ GT00 Size: 610480MB BusType: 3
16:35:44.482 Disk 0 MBR read successfully
16:35:44.482 Disk 0 MBR scan
16:35:44.482 Disk 0 Windows VISTA default MBR code
16:35:44.497 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
16:35:44.513 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 593953 MB offset 3074048
16:35:44.591 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 15026 MB offset 1219489792
16:35:44.622 Disk 0 scanning C:\windows\system32\drivers
16:35:59.271 Service scanning
16:36:45.405 Modules scanning
16:36:45.421 Disk 0 trace - called modules:
16:36:45.421
16:36:46.575 AVAST engine scan C:\windows
16:36:47.636 File: C:\windows\PEV.exe **INFECTED** Win32:Rootkit-gen [Rtk]
16:36:49.321 AVAST engine scan C:\windows\system32
16:38:49.909 AVAST engine scan C:\windows\system32\drivers
16:39:00.673 AVAST engine scan C:\Users\admin
16:39:36.023 Disk 0 MBR has been saved successfully to "C:\Users\admin\Desktop\Troubleshooting logs\MBR.dat"
16:39:36.023 The log file has been saved successfully to "C:\Users\admin\Desktop\Troubleshooting logs\aswMBR.txt"

16:25:39.0560 4792 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:25:40.0028 4792 ============================================================
16:25:40.0028 4792 Current date / time: 2012/12/13 16:25:40.0028
16:25:40.0028 4792 SystemInfo:
16:25:40.0028 4792
16:25:40.0028 4792 OS Version: 6.1.7601 ServicePack: 1.0
16:25:40.0028 4792 Product type: Workstation
16:25:40.0028 4792 ComputerName: ADMIN-PC
16:25:40.0028 4792 UserName: admin
16:25:40.0028 4792 Windows directory: C:\windows
16:25:40.0028 4792 System windows directory: C:\windows
16:25:40.0028 4792 Running under WOW64
16:25:40.0028 4792 Processor architecture: Intel x64
16:25:40.0028 4792 Number of processors: 4
16:25:40.0028 4792 Page size: 0x1000
16:25:40.0028 4792 Boot type: Normal boot
16:25:40.0028 4792 ============================================================
16:25:40.0090 4792 BG loaded
16:25:40.0574 4792 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:25:40.0574 4792 ============================================================
16:25:40.0574 4792 \Device\Harddisk0\DR0:
16:25:40.0574 4792 MBR partitions:
16:25:40.0574 4792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x48810800
16:25:40.0574 4792 ============================================================
16:25:40.0683 4792 C: <-> \Device\Harddisk0\DR0\Partition1
16:25:40.0683 4792 ============================================================
16:25:40.0683 4792 Initialize success
16:25:40.0683 4792 ============================================================
16:27:26.0900 3668 ============================================================
16:27:26.0900 3668 Scan started
16:27:26.0900 3668 Mode: Manual; SigCheck; TDLFS;
16:27:26.0900 3668 ============================================================
16:27:29.0037 3668 ================ Scan system memory ========================
16:27:29.0037 3668 System memory - ok
16:27:29.0037 3668 ================ Scan services =============================
16:27:29.0146 3668 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
16:27:29.0224 3668 !SASCORE - ok
16:27:29.0474 3668 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
16:27:29.0536 3668 1394ohci - ok
16:27:29.0598 3668 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
16:27:29.0645 3668 ACPI - ok
16:27:29.0676 3668 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
16:27:29.0770 3668 AcpiPmi - ok
16:27:29.0864 3668 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:27:29.0879 3668 AdobeARMservice - ok
16:27:30.0066 3668 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:27:30.0066 3668 AdobeFlashPlayerUpdateSvc - ok
16:27:30.0160 3668 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
16:27:30.0207 3668 adp94xx - ok
16:27:30.0254 3668 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
16:27:30.0285 3668 adpahci - ok
16:27:30.0332 3668 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
16:27:30.0332 3668 adpu320 - ok
16:27:30.0378 3668 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
16:27:30.0441 3668 AeLookupSvc - ok
16:27:30.0503 3668 [ D5B031C308A409A0A576BFF4CF083D30 ] AFD C:\windows\system32\drivers\afd.sys
16:27:30.0581 3668 AFD - ok
16:27:30.0628 3668 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
16:27:30.0675 3668 agp440 - ok
16:27:30.0846 3668 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll
16:27:30.0846 3668 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
16:27:30.0862 3668 Akamai ( HiddenFile.Multi.Generic ) - warning
16:27:30.0862 3668 Akamai - detected HiddenFile.Multi.Generic (1)
16:27:30.0893 3668 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
16:27:30.0956 3668 ALG - ok
16:27:31.0002 3668 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
16:27:31.0018 3668 aliide - ok
16:27:31.0049 3668 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
16:27:31.0065 3668 amdide - ok
16:27:31.0080 3668 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
16:27:31.0143 3668 AmdK8 - ok
16:27:31.0143 3668 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
16:27:31.0174 3668 AmdPPM - ok
16:27:31.0190 3668 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
16:27:31.0205 3668 amdsata - ok
16:27:31.0252 3668 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
16:27:31.0252 3668 amdsbs - ok
16:27:31.0283 3668 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\windows\system32\drivers\amdxata.sys
16:27:31.0314 3668 amdxata - ok
16:27:31.0330 3668 Andbus - ok
16:27:31.0346 3668 AndDiag - ok
16:27:31.0346 3668 AndGps - ok
16:27:31.0346 3668 ANDModem - ok
16:27:31.0392 3668 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
16:27:31.0455 3668 AppID - ok
16:27:31.0486 3668 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
16:27:31.0533 3668 AppIDSvc - ok
16:27:31.0580 3668 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
16:27:31.0642 3668 Appinfo - ok
16:27:31.0689 3668 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
16:27:31.0689 3668 arc - ok
16:27:31.0704 3668 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
16:27:31.0720 3668 arcsas - ok
16:27:31.0814 3668 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:27:31.0845 3668 aspnet_state - ok
16:27:31.0876 3668 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
16:27:31.0923 3668 aswFsBlk - ok
16:27:31.0954 3668 [ 9FFC732E12FF53E05FE9E02C8C00CE87 ] aswFW C:\windows\system32\drivers\aswFW.sys
16:27:31.0970 3668 aswFW - ok
16:27:32.0032 3668 [ 6B91E6D483AADB3FC4E13E2355200611 ] aswKbd C:\windows\system32\drivers\aswKbd.sys
16:27:32.0048 3668 aswKbd - ok
16:27:32.0063 3668 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
16:27:32.0079 3668 aswMonFlt - ok
16:27:32.0110 3668 [ 518B8D447A1975AB46DA093A2E743256 ] aswNdis C:\windows\system32\DRIVERS\aswNdis.sys
16:27:32.0126 3668 aswNdis - ok
16:27:32.0141 3668 [ 5A832BBB1B563B6B3FDA46239B630037 ] aswNdis2 C:\windows\system32\drivers\aswNdis2.sys
16:27:32.0157 3668 aswNdis2 - ok
16:27:32.0172 3668 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
16:27:32.0188 3668 aswRdr - ok
16:27:32.0235 3668 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\windows\system32\drivers\aswSnx.sys
16:27:32.0266 3668 aswSnx - ok
16:27:32.0282 3668 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\windows\system32\drivers\aswSP.sys
16:27:32.0297 3668 aswSP - ok
16:27:32.0313 3668 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
16:27:32.0328 3668 aswTdi - ok
16:27:32.0344 3668 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
16:27:32.0422 3668 AsyncMac - ok
16:27:32.0469 3668 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
16:27:32.0469 3668 atapi - ok
16:27:32.0531 3668 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
16:27:32.0594 3668 AudioEndpointBuilder - ok
16:27:32.0625 3668 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
16:27:32.0672 3668 AudioSrv - ok
16:27:32.0734 3668 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:27:32.0750 3668 avast! Antivirus - ok
16:27:32.0781 3668 [ BC0E07A768A0A14C48E3CE1875F2C377 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
16:27:32.0859 3668 avast! Firewall - ok
16:27:32.0890 3668 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
16:27:32.0984 3668 AxInstSV - ok
16:27:33.0046 3668 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
16:27:33.0109 3668 b06bdrv - ok
16:27:33.0140 3668 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
16:27:33.0187 3668 b57nd60a - ok
16:27:33.0233 3668 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
16:27:33.0280 3668 BDESVC - ok
16:27:33.0296 3668 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
16:27:33.0358 3668 Beep - ok
16:27:33.0421 3668 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
16:27:33.0530 3668 BFE - ok
16:27:33.0592 3668 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
16:27:33.0670 3668 BITS - ok
16:27:33.0717 3668 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
16:27:33.0764 3668 blbdrive - ok
16:27:33.0795 3668 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
16:27:33.0842 3668 bowser - ok
16:27:33.0873 3668 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
16:27:33.0951 3668 BrFiltLo - ok
16:27:33.0967 3668 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
16:27:33.0998 3668 BrFiltUp - ok
16:27:33.0998 3668 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
16:27:34.0060 3668 BridgeMP - ok
16:27:34.0107 3668 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\windows\System32\browser.dll
16:27:34.0169 3668 Browser - ok
16:27:34.0185 3668 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
16:27:34.0216 3668 Brserid - ok
16:27:34.0232 3668 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
16:27:34.0247 3668 BrSerWdm - ok
16:27:34.0263 3668 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
16:27:34.0294 3668 BrUsbMdm - ok
16:27:34.0310 3668 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
16:27:34.0325 3668 BrUsbSer - ok
16:27:34.0325 3668 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
16:27:34.0372 3668 BTHMODEM - ok
16:27:34.0403 3668 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
16:27:34.0481 3668 bthserv - ok
16:27:34.0528 3668 catchme - ok
16:27:34.0544 3668 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
16:27:34.0591 3668 cdfs - ok
16:27:34.0622 3668 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
16:27:34.0669 3668 cdrom - ok
16:27:34.0715 3668 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
16:27:34.0856 3668 CertPropSvc - ok
16:27:34.0903 3668 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
16:27:34.0949 3668 circlass - ok
16:27:34.0996 3668 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
16:27:35.0012 3668 CLFS - ok
16:27:35.0059 3668 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:27:35.0121 3668 clr_optimization_v2.0.50727_32 - ok
16:27:35.0168 3668 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:27:35.0199 3668 clr_optimization_v2.0.50727_64 - ok
16:27:35.0261 3668 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:27:35.0355 3668 clr_optimization_v4.0.30319_32 - ok
16:27:35.0371 3668 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:27:35.0386 3668 clr_optimization_v4.0.30319_64 - ok
16:27:35.0417 3668 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
16:27:35.0480 3668 CmBatt - ok
16:27:35.0495 3668 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
16:27:35.0511 3668 cmdide - ok
16:27:35.0542 3668 [ D5FEA92400F12412B3922087C09DA6A5 ] CNG C:\windows\system32\Drivers\cng.sys
16:27:35.0558 3668 CNG - ok
16:27:35.0651 3668 [ 20506F12AFAD3DB588D007EA9325FBBC ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
16:27:35.0714 3668 CnxtHdAudService - ok
16:27:35.0745 3668 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
16:27:35.0745 3668 Compbatt - ok
16:27:35.0761 3668 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
16:27:35.0823 3668 CompositeBus - ok
16:27:35.0839 3668 COMSysApp - ok
16:27:35.0854 3668 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
16:27:35.0870 3668 crcdisk - ok
16:27:35.0901 3668 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\windows\system32\cryptsvc.dll
16:27:35.0948 3668 CryptSvc - ok
16:27:36.0073 3668 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:27:36.0104 3668 cvhsvc - ok
16:27:36.0151 3668 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
16:27:36.0213 3668 DcomLaunch - ok
16:27:36.0244 3668 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
16:27:36.0291 3668 defragsvc - ok
16:27:36.0322 3668 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
16:27:36.0416 3668 DfsC - ok
16:27:36.0463 3668 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
16:27:36.0509 3668 Dhcp - ok
16:27:36.0556 3668 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
16:27:36.0634 3668 discache - ok
16:27:36.0681 3668 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
16:27:36.0697 3668 Disk - ok
16:27:36.0743 3668 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
16:27:36.0821 3668 Dnscache - ok
16:27:36.0853 3668 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
16:27:36.0899 3668 dot3svc - ok
16:27:36.0931 3668 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
16:27:37.0009 3668 DPS - ok
16:27:37.0055 3668 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
16:27:37.0071 3668 drmkaud - ok
16:27:37.0102 3668 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
16:27:37.0133 3668 DXGKrnl - ok
16:27:37.0165 3668 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
16:27:37.0227 3668 EapHost - ok
16:27:37.0305 3668 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
16:27:37.0367 3668 ebdrv - ok
16:27:37.0399 3668 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\windows\System32\lsass.exe
16:27:37.0445 3668 EFS - ok
16:27:37.0523 3668 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
16:27:37.0586 3668 ehRecvr - ok
16:27:37.0601 3668 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
16:27:37.0633 3668 ehSched - ok
16:27:37.0695 3668 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
16:27:37.0711 3668 elxstor - ok
16:27:37.0726 3668 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
16:27:37.0757 3668 ErrDev - ok
16:27:37.0820 3668 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
16:27:37.0882 3668 EventSystem - ok
16:27:37.0913 3668 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
16:27:37.0960 3668 exfat - ok
16:27:37.0991 3668 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
16:27:38.0038 3668 fastfat - ok
16:27:38.0116 3668 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
16:27:38.0147 3668 Fax - ok
16:27:38.0179 3668 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
16:27:38.0225 3668 fdc - ok
16:27:38.0257 3668 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
16:27:38.0335 3668 fdPHost - ok
16:27:38.0350 3668 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
16:27:38.0397 3668 FDResPub - ok
16:27:38.0428 3668 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
16:27:38.0428 3668 FileInfo - ok
16:27:38.0444 3668 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
16:27:38.0522 3668 Filetrace - ok
16:27:38.0553 3668 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
16:27:38.0569 3668 flpydisk - ok
16:27:38.0600 3668 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
16:27:38.0615 3668 FltMgr - ok
16:27:38.0662 3668 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\windows\system32\FntCache.dll
16:27:38.0725 3668 FontCache - ok
16:27:38.0787 3668 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:27:38.0803 3668 FontCache3.0.0.0 - ok
16:27:38.0834 3668 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
16:27:38.0849 3668 FsDepends - ok
16:27:38.0896 3668 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
16:27:38.0912 3668 Fs_Rec - ok
16:27:38.0974 3668 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
16:27:38.0990 3668 fvevol - ok
16:27:39.0037 3668 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
16:27:39.0037 3668 gagp30kx - ok
16:27:39.0099 3668 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
16:27:39.0177 3668 gpsvc - ok
16:27:39.0255 3668 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:27:39.0286 3668 gupdate - ok
16:27:39.0317 3668 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:27:39.0333 3668 gupdatem - ok
16:27:39.0364 3668 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
16:27:39.0395 3668 hcw85cir - ok
16:27:39.0442 3668 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:27:39.0489 3668 HdAudAddService - ok
16:27:39.0505 3668 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
16:27:39.0536 3668 HDAudBus - ok
16:27:39.0567 3668 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
16:27:39.0583 3668 HidBatt - ok
16:27:39.0583 3668 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
16:27:39.0629 3668 HidBth - ok
16:27:39.0661 3668 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
16:27:39.0723 3668 HidIr - ok
16:27:39.0754 3668 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
16:27:39.0832 3668 hidserv - ok
16:27:39.0879 3668 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
16:27:39.0910 3668 HidUsb - ok
16:27:39.0941 3668 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
16:27:40.0019 3668 hkmsvc - ok
16:27:40.0051 3668 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:27:40.0082 3668 HomeGroupListener - ok
16:27:40.0113 3668 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:27:40.0160 3668 HomeGroupProvider - ok
16:27:40.0222 3668 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
16:27:40.0238 3668 HpSAMD - ok
16:27:40.0269 3668 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
16:27:40.0331 3668 HTTP - ok
16:27:40.0363 3668 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
16:27:40.0363 3668 hwpolicy - ok
16:27:40.0394 3668 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
16:27:40.0409 3668 i8042prt - ok
16:27:40.0472 3668 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
16:27:40.0503 3668 iaStor - ok
16:27:40.0550 3668 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\windows\system32\drivers\iaStorV.sys
16:27:40.0597 3668 iaStorV - ok
16:27:40.0628 3668 IDriverT - ok
16:27:40.0737 3668 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:27:40.0753 3668 idsvc - ok
16:27:41.0486 3668 [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
16:27:41.0720 3668 igfx - ok
16:27:41.0813 3668 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
16:27:41.0845 3668 iirsp - ok
16:27:42.0032 3668 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
16:27:42.0110 3668 IKEEXT - ok
16:27:42.0219 3668 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
16:27:42.0344 3668 IntcDAud - ok
16:27:42.0391 3668 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
16:27:42.0391 3668 intelide - ok
16:27:42.0422 3668 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
16:27:42.0469 3668 intelppm - ok
16:27:43.0483 3668 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
16:27:43.0732 3668 IPBusEnum - ok
16:27:43.0997 3668 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
16:27:44.0419 3668 IpFilterDriver - ok
16:27:44.0497 3668 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
16:27:44.0559 3668 iphlpsvc - ok
16:27:44.0575 3668 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
16:27:44.0590 3668 IPMIDRV - ok
16:27:44.0606 3668 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
16:27:44.0684 3668 IPNAT - ok
16:27:45.0199 3668 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
16:27:45.0261 3668 IRENUM - ok
16:27:45.0277 3668 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
16:27:45.0292 3668 isapnp - ok
16:27:45.0323 3668 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
16:27:45.0464 3668 iScsiPrt - ok
16:27:46.0041 3668 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
16:27:46.0057 3668 kbdclass - ok
16:27:46.0369 3668 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
16:27:46.0930 3668 kbdhid - ok
16:27:47.0273 3668 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\windows\system32\lsass.exe
16:27:47.0305 3668 KeyIso - ok
16:27:47.0320 3668 [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
16:27:47.0336 3668 KSecDD - ok
16:27:47.0367 3668 [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
16:27:47.0383 3668 KSecPkg - ok
16:27:47.0445 3668 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
16:27:47.0539 3668 ksthunk - ok
16:27:47.0604 3668 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
16:27:47.0674 3668 KtmRm - ok
16:27:47.0724 3668 [ EBED8B3FF4A823C1A6EEBEED7B29353F ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
16:27:47.0734 3668 L1C - ok
16:27:47.0774 3668 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
16:27:47.0854 3668 LanmanServer - ok
16:27:47.0884 3668 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:27:47.0924 3668 LanmanWorkstation - ok
16:27:48.0004 3668 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
16:27:48.0064 3668 lltdio - ok
16:27:48.0104 3668 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
16:27:48.0154 3668 lltdsvc - ok
16:27:48.0174 3668 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
16:27:48.0224 3668 lmhosts - ok
16:27:48.0314 3668 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:27:48.0334 3668 LMS - ok
16:27:48.0374 3668 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
16:27:48.0384 3668 LSI_FC - ok
16:27:48.0394 3668 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
16:27:48.0414 3668 LSI_SAS - ok
16:27:48.0414 3668 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
16:27:48.0424 3668 LSI_SAS2 - ok
16:27:48.0434 3668 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
16:27:48.0444 3668 LSI_SCSI - ok
16:27:48.0464 3668 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
16:27:48.0524 3668 luafv - ok
16:27:48.0624 3668 [ F6963E48385A5637FC4E51DC0F8234A0 ] lxebCATSCustConnectService C:\windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe
16:27:48.0654 3668 lxebCATSCustConnectService - ok
16:27:48.0674 3668 lxeb_device - ok
16:27:48.0704 3668 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
16:27:48.0734 3668 Mcx2Svc - ok
16:27:48.0744 3668 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
16:27:48.0764 3668 megasas - ok
16:27:48.0804 3668 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
16:27:48.0814 3668 MegaSR - ok
16:27:48.0864 3668 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
16:27:48.0874 3668 MEIx64 - ok
16:27:48.0984 3668 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:27:49.0014 3668 Microsoft Office Groove Audit Service - ok
16:27:49.0044 3668 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
16:27:49.0134 3668 MMCSS - ok
16:27:49.0144 3668 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
16:27:49.0204 3668 Modem - ok
16:27:49.0234 3668 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
16:27:49.0274 3668 monitor - ok
16:27:49.0324 3668 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
16:27:49.0334 3668 mouclass - ok
16:27:49.0364 3668 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
16:27:49.0394 3668 mouhid - ok
16:27:49.0414 3668 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
16:27:49.0424 3668 mountmgr - ok
16:27:49.0494 3668 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:27:49.0504 3668 MozillaMaintenance - ok
16:27:50.0104 3668 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
16:27:50.0194 3668 mpio - ok
16:27:50.0404 3668 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
16:27:50.0464 3668 mpsdrv - ok
16:27:51.0217 3668 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
16:27:51.0373 3668 MpsSvc - ok
16:27:51.0404 3668 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
16:27:51.0451 3668 MRxDAV - ok
16:27:51.0482 3668 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
16:27:51.0513 3668 mrxsmb - ok
16:27:51.0544 3668 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
16:27:51.0591 3668 mrxsmb10 - ok
16:27:51.0622 3668 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
16:27:51.0669 3668 mrxsmb20 - ok
16:27:51.0685 3668 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
16:27:51.0700 3668 msahci - ok
16:27:51.0731 3668 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
16:27:51.0747 3668 msdsm - ok
16:27:51.0763 3668 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
16:27:51.0794 3668 MSDTC - ok
16:27:51.0841 3668 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
16:27:51.0872 3668 Msfs - ok
16:27:51.0903 3668 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
16:27:51.0950 3668 mshidkmdf - ok
16:27:51.0981 3668 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
16:27:51.0981 3668 msisadrv - ok
16:27:52.0012 3668 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
16:27:52.0106 3668 MSiSCSI - ok
16:27:52.0106 3668 msiserver - ok
16:27:52.0153 3668 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
16:27:52.0231 3668 MSKSSRV - ok
16:27:52.0262 3668 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
16:27:52.0309 3668 MSPCLOCK - ok
16:27:52.0340 3668 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
16:27:52.0433 3668 MSPQM - ok
16:27:52.0496 3668 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
16:27:52.0543 3668 MsRPC - ok
16:27:52.0574 3668 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
16:27:52.0574 3668 mssmbios - ok
16:27:52.0605 3668 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
16:27:52.0667 3668 MSTEE - ok
16:27:52.0667 3668 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
16:27:52.0699 3668 MTConfig - ok
16:27:52.0745 3668 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
16:27:52.0761 3668 Mup - ok
16:27:52.0808 3668 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
16:27:52.0870 3668 napagent - ok
16:27:52.0917 3668 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
16:27:52.0964 3668 NativeWifiP - ok
16:27:53.0026 3668 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
16:27:53.0073 3668 NDIS - ok
16:27:53.0089 3668 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
16:27:53.0182 3668 NdisCap - ok
16:27:53.0229 3668 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
16:27:53.0307 3668 NdisTapi - ok
16:27:53.0338 3668 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
16:27:53.0432 3668 Ndisuio - ok
16:27:53.0463 3668 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
16:27:53.0525 3668 NdisWan - ok
16:27:53.0557 3668 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
16:27:53.0588 3668 NDProxy - ok
16:27:53.0619 3668 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
16:27:53.0681 3668 NetBIOS - ok
16:27:53.0728 3668 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
16:27:53.0791 3668 NetBT - ok
16:27:53.0822 3668 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\windows\system32\lsass.exe
16:27:53.0837 3668 Netlogon - ok
16:27:53.0869 3668 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
16:27:53.0931 3668 Netman - ok
16:27:53.0978 3668 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:27:53.0993 3668 NetMsmqActivator - ok
16:27:53.0993 3668 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:27:54.0009 3668 NetPipeActivator - ok
16:27:54.0025 3668 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
16:27:54.0087 3668 netprofm - ok
16:27:54.0103 3668 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:27:54.0103 3668 NetTcpActivator - ok
16:27:54.0134 3668 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:27:54.0134 3668 NetTcpPortSharing - ok
16:27:54.0181 3668 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
16:27:54.0212 3668 nfrd960 - ok
16:27:54.0243 3668 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
16:27:54.0290 3668 NlaSvc - ok
16:27:54.0305 3668 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
16:27:54.0337 3668 Npfs - ok
16:27:54.0368 3668 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
16:27:54.0415 3668 nsi - ok
16:27:54.0430 3668 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
16:27:54.0461 3668 nsiproxy - ok
16:27:54.0539 3668 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\windows\system32\drivers\Ntfs.sys
16:27:54.0586 3668 Ntfs - ok
16:27:54.0617 3668 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
16:27:54.0695 3668 Null - ok
16:27:54.0727 3668 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\windows\system32\drivers\nvraid.sys
16:27:54.0742 3668 nvraid - ok
16:27:54.0758 3668 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\windows\system32\drivers\nvstor.sys
16:27:54.0773 3668 nvstor - ok
16:27:54.0789 3668 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
16:27:54.0805 3668 nv_agp - ok
16:27:54.0867 3668 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:27:54.0914 3668 odserv - ok
16:27:54.0914 3668 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
16:27:54.0929 3668 ohci1394 - ok
16:27:54.0945 3668 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:27:54.0976 3668 ose - ok
16:27:55.0148 3668 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:27:55.0273 3668 osppsvc - ok
16:27:55.0319 3668 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
16:27:55.0351 3668 p2pimsvc - ok
16:27:55.0382 3668 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
16:27:55.0413 3668 p2psvc - ok
16:27:55.0444 3668 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
16:27:55.0460 3668 Parport - ok
16:27:55.0491 3668 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\windows\system32\drivers\partmgr.sys
16:27:55.0507 3668 partmgr - ok
16:27:55.0538 3668 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
16:27:55.0569 3668 PcaSvc - ok
16:27:55.0647 3668 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
16:27:55.0663 3668 PCCUJobMgr - ok
16:27:55.0694 3668 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
16:27:55.0694 3668 pci - ok
16:27:55.0725 3668 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
16:27:55.0725 3668 pciide - ok
16:27:55.0741 3668 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
16:27:55.0756 3668 pcmcia - ok
16:27:55.0787 3668 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
16:27:55.0803 3668 pcw - ok
16:27:55.0850 3668 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
16:27:55.0928 3668 PEAUTH - ok
16:27:56.0021 3668 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
16:27:56.0084 3668 PerfHost - ok
16:27:56.0131 3668 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
16:27:56.0162 3668 PGEffect - ok
16:27:56.0209 3668 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
16:27:56.0255 3668 pla - ok
16:27:56.0302 3668 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
16:27:56.0333 3668 PlugPlay - ok
16:27:56.0365 3668 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
16:27:56.0411 3668 PNRPAutoReg - ok
16:27:56.0443 3668 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
16:27:56.0474 3668 PNRPsvc - ok
16:27:56.0505 3668 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
16:27:56.0552 3668 PolicyAgent - ok
16:27:56.0567 3668 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
16:27:56.0614 3668 Power - ok
16:27:56.0661 3668 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
16:27:56.0755 3668 PptpMiniport - ok
16:27:56.0770 3668 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
16:27:56.0786 3668 Processor - ok
16:27:56.0848 3668 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\windows\system32\profsvc.dll
16:27:56.0926 3668 ProfSvc - ok
16:27:56.0942 3668 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\windows\system32\lsass.exe
16:27:56.0957 3668 ProtectedStorage - ok
16:27:57.0004 3668 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
16:27:57.0051 3668 Psched - ok
16:27:57.0098 3668 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
16:27:57.0098 3668 QIOMem - ok
16:27:57.0145 3668 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
16:27:57.0191 3668 ql2300 - ok
16:27:57.0207 3668 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
16:27:57.0207 3668 ql40xx - ok
16:27:57.0254 3668 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
16:27:57.0301 3668 QWAVE - ok
16:27:57.0316 3668 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
16:27:57.0347 3668 QWAVEdrv - ok
16:27:57.0347 3668 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
16:27:57.0394 3668 RasAcd - ok
16:27:57.0441 3668 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
16:27:57.0519 3668 RasAgileVpn - ok
16:27:57.0550 3668 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
16:27:57.0581 3668 RasAuto - ok
16:27:57.0613 3668 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
16:27:57.0659 3668 Rasl2tp - ok
16:27:57.0706 3668 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
16:27:57.0753 3668 RasMan - ok
16:27:57.0769 3668 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
16:27:57.0815 3668 RasPppoe - ok
16:27:57.0847 3668 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
16:27:57.0925 3668 RasSstp - ok
16:27:57.0987 3668 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
16:27:58.0049 3668 rdbss - ok
16:27:58.0081 3668 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
16:27:58.0096 3668 rdpbus - ok
16:27:58.0127 3668 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
16:27:58.0174 3668 RDPCDD - ok
16:27:58.0205 3668 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
16:27:58.0283 3668 RDPENCDD - ok
16:27:58.0299 3668 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
16:27:58.0377 3668 RDPREFMP - ok
16:27:58.0408 3668 [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
16:27:58.0455 3668 RDPWD - ok
16:27:58.0471 3668 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
16:27:58.0486 3668 rdyboost - ok
16:27:58.0517 3668 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
16:27:58.0549 3668 RemoteAccess - ok
16:27:58.0564 3668 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
16:27:58.0611 3668 RemoteRegistry - ok
16:27:58.0642 3668 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
16:27:58.0736 3668 RpcEptMapper - ok
16:27:58.0751 3668 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
16:27:58.0814 3668 RpcLocator - ok
16:27:58.0861 3668 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
16:27:58.0939 3668 RpcSs - ok
16:27:58.0954 3668 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
16:27:59.0032 3668 rspndr - ok
16:27:59.0079 3668 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
16:27:59.0110 3668 RSUSBSTOR - ok
16:27:59.0141 3668 [ E5DC911D0FEB72CAFF2BBDD6E7C3672F ] RSUSBVSTOR C:\windows\system32\Drivers\RTSUVSTOR.sys
16:27:59.0141 3668 RSUSBVSTOR - ok
16:27:59.0219 3668 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
16:27:59.0251 3668 RTL8192Ce - ok
16:27:59.0266 3668 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\windows\system32\lsass.exe
16:27:59.0266 3668 SamSs - ok
16:27:59.0360 3668 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
16:27:59.0375 3668 SASDIFSV - ok
16:27:59.0422 3668 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
16:27:59.0453 3668 SASKUTIL - ok
16:27:59.0469 3668 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
16:27:59.0485 3668 sbp2port - ok
16:27:59.0516 3668 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
16:27:59.0578 3668 SCardSvr - ok
16:27:59.0609 3668 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
16:27:59.0687 3668 scfilter - ok
16:27:59.0719 3668 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
16:27:59.0781 3668 Schedule - ok
16:27:59.0812 3668 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
16:27:59.0859 3668 SCPolicySvc - ok
16:27:59.0906 3668 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
16:27:59.0921 3668 SDRSVC - ok
16:27:59.0968 3668 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
16:28:00.0077 3668 secdrv - ok
16:28:00.0109 3668 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
16:28:00.0171 3668 seclogon - ok
16:28:00.0202 3668 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
16:28:00.0233 3668 SENS - ok
16:28:00.0249 3668 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
16:28:00.0265 3668 SensrSvc - ok
16:28:00.0280 3668 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
16:28:00.0311 3668 Serenum - ok
16:28:00.0343 3668 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
16:28:00.0374 3668 Serial - ok
16:28:00.0389 3668 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
16:28:00.0389 3668 sermouse - ok
16:28:00.0421 3668 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
16:28:00.0452 3668 SessionEnv - ok
16:28:00.0467 3668 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
16:28:00.0499 3668 sffdisk - ok
16:28:00.0514 3668 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
16:28:00.0530 3668 sffp_mmc - ok
16:28:00.0530 3668 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
16:28:00.0561 3668 sffp_sd - ok
16:28:00.0561 3668 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
16:28:00.0592 3668 sfloppy - ok
16:28:00.0655 3668 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
16:28:00.0686 3668 Sftfs - ok
16:28:00.0733 3668 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:28:00.0764 3668 sftlist - ok
16:28:00.0795 3668 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
16:28:00.0811 3668 Sftplay - ok
16:28:00.0826 3668 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
16:28:00.0826 3668 Sftredir - ok
16:28:00.0842 3668 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
16:28:00.0857 3668 Sftvol - ok
16:28:00.0873 3668 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:28:00.0889 3668 sftvsa - ok
16:28:00.0920 3668 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
16:28:00.0982 3668 SharedAccess - ok
16:28:01.0013 3668 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:28:01.0107 3668 ShellHWDetection - ok
16:28:01.0138 3668 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
16:28:01.0169 3668 SiSRaid2 - ok
16:28:01.0169 3668 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
16:28:01.0185 3668 SiSRaid4 - ok
16:28:01.0357 3668 [ 0F97E7A47A52F4A36969F0FC319654C2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:28:01.0403 3668 Skype C2C Service - ok
16:28:01.0481 3668 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:28:01.0497 3668 SkypeUpdate - ok
16:28:01.0544 3668 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
16:28:01.0606 3668 Smb - ok
16:28:01.0669 3668 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
16:28:01.0731 3668 SNMPTRAP - ok
16:28:01.0762 3668 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
16:28:01.0793 3668 spldr - ok
16:28:01.0840 3668 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
16:28:01.0918 3668 Spooler - ok
16:28:02.0012 3668 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
16:28:02.0090 3668 sppsvc - ok
16:28:02.0105 3668 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
16:28:02.0168 3668 sppuinotify - ok
16:28:02.0230 3668 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
16:28:02.0246 3668 srv - ok
16:28:02.0293 3668 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
16:28:02.0324 3668 srv2 - ok
16:28:02.0355 3668 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS
16:28:02.0386 3668 SrvHsfHDA - ok
16:28:02.0449 3668 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS
16:28:02.0495 3668 SrvHsfV92 - ok
16:28:02.0527 3668 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS
16:28:02.0542 3668 SrvHsfWinac - ok
16:28:02.0558 3668 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
16:28:02.0589 3668 srvnet - ok
16:28:02.0636 3668 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
16:28:02.0667 3668 SSDPSRV - ok
16:28:02.0683 3668 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
16:28:02.0745 3668 SstpSvc - ok
16:28:02.0761 3668 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
16:28:02.0761 3668 stexstor - ok
16:28:02.0885 3668 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
16:28:02.0948 3668 stisvc - ok
16:28:02.0979 3668 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
16:28:02.0995 3668 swenum - ok
16:28:03.0026 3668 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
16:28:03.0073 3668 swprv - ok
16:28:03.0135 3668 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
16:28:03.0166 3668 SynTP - ok
16:28:03.0244 3668 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
16:28:03.0291 3668 SysMain - ok
16:28:03.0307 3668 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
16:28:03.0338 3668 TabletInputService - ok
16:28:03.0385 3668 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
16:28:03.0431 3668 TapiSrv - ok
16:28:03.0447 3668 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
16:28:03.0478 3668 TBS - ok
16:28:03.0556 3668 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\windows\system32\drivers\tcpip.sys
16:28:03.0619 3668 Tcpip - ok
16:28:03.0650 3668 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
16:28:03.0681 3668 TCPIP6 - ok
16:28:03.0697 3668 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
16:28:03.0743 3668 tcpipreg - ok
16:28:03.0775 3668 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
16:28:03.0790 3668 tdcmdpst - ok
16:28:03.0806 3668 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
16:28:03.0821 3668 TDPIPE - ok
16:28:03.0853 3668 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
16:28:03.0884 3668 TDTCP - ok
16:28:03.0915 3668 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
16:28:03.0977 3668 tdx - ok
16:28:04.0009 3668 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
16:28:04.0024 3668 TermDD - ok
16:28:04.0071 3668 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
16:28:04.0165 3668 TermService - ok
16:28:04.0180 3668 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
16:28:04.0227 3668 Themes - ok
16:28:04.0258 3668 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
16:28:04.0399 3668 THREADORDER - ok
16:28:04.0430 3668 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
16:28:04.0461 3668 TMachInfo - ok
16:28:04.0508 3668 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\Windows\system32\TODDSrv.exe
16:28:04.0539 3668 TODDSrv - ok
16:28:04.0617 3668 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
16:28:04.0648 3668 TosCoSrv - ok
16:28:04.0695 3668 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
16:28:04.0711 3668 TOSHIBA eco Utility Service - ok
16:28:04.0820 3668 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
16:28:04.0851 3668 TOSHIBA HDD SSD Alert Service - ok
16:28:04.0913 3668 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
16:28:04.0945 3668 tos_sps64 - ok
16:28:05.0007 3668 [ 098B8A408C17E125A3D9A8E1166780C8 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
16:28:05.0054 3668 TPCHSrv - ok
16:28:05.0101 3668 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
16:28:05.0179 3668 TrkWks - ok
16:28:05.0241 3668 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:28:05.0335 3668 TrustedInstaller - ok
16:28:05.0366 3668 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
16:28:05.0397 3668 tssecsrv - ok
16:28:05.0413 3668 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
16:28:05.0444 3668 TsUsbFlt - ok
16:28:05.0475 3668 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
16:28:05.0491 3668 TsUsbGD - ok
16:28:05.0537 3668 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
16:28:05.0569 3668 tunnel - ok
16:28:05.0600 3668 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
16:28:05.0615 3668 TVALZ - ok
16:28:05.0647 3668 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
16:28:05.0662 3668 TVALZFL - ok
16:28:05.0678 3668 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
16:28:05.0693 3668 uagp35 - ok
16:28:05.0709 3668 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
16:28:05.0756 3668 udfs - ok
16:28:05.0803 3668 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
16:28:05.0834 3668 UI0Detect - ok
16:28:05.0849 3668 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
16:28:05.0865 3668 uliagpkx - ok
16:28:05.0881 3668 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
16:28:05.0896 3668 umbus - ok
16:28:05.0896 3668 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
16:28:05.0912 3668 UmPass - ok
16:28:06.0037 3668 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:28:06.0083 3668 UNS - ok
16:28:06.0115 3668 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
16:28:06.0146 3668 upnphost - ok
16:28:06.0177 3668 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
16:28:06.0224 3668 usbccgp - ok
16:28:06.0255 3668 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
16:28:06.0317 3668 usbcir - ok
16:28:06.0364 3668 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
16:28:06.0380 3668 usbehci - ok
16:28:06.0427 3668 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
16:28:06.0473 3668 usbhub - ok
16:28:06.0505 3668 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\windows\system32\drivers\usbohci.sys
16:28:06.0536 3668 usbohci - ok
16:28:06.0567 3668 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
16:28:06.0614 3668 usbprint - ok
16:28:06.0645 3668 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
16:28:06.0661 3668 usbscan - ok
16:28:06.0676 3668 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\windows\system32\drivers\USBSTOR.SYS
16:28:06.0692 3668 USBSTOR - ok
16:28:06.0707 3668 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
16:28:06.0754 3668 usbuhci - ok
16:28:06.0801 3668 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
16:28:06.0832 3668 usbvideo - ok
16:28:06.0848 3668 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
16:28:06.0895 3668 UxSms - ok
16:28:06.0941 3668 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\windows\system32\lsass.exe
16:28:06.0973 3668 VaultSvc - ok
16:28:06.0988 3668 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
16:28:07.0004 3668 vdrvroot - ok
16:28:07.0019 3668 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
16:28:07.0097 3668 vds - ok
16:28:07.0129 3668 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
16:28:07.0144 3668 vga - ok
16:28:07.0160 3668 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
16:28:07.0253 3668 VgaSave - ok
16:28:07.0285 3668 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
16:28:07.0300 3668 vhdmp - ok
16:28:07.0316 3668 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
16:28:07.0331 3668 viaide - ok
16:28:07.0347 3668 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
16:28:07.0347 3668 volmgr - ok
16:28:07.0472 3668 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
16:28:07.0503 3668 volmgrx - ok
16:28:07.0628 3668 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
16:28:07.0675 3668 volsnap - ok
16:28:07.0768 3668 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
16:28:07.0799 3668 vsmraid - ok
16:28:07.0893 3668 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
16:28:07.0971 3668 VSS - ok
16:28:07.0987 3668 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
16:28:08.0049 3668 vwifibus - ok
16:28:08.0080 3668 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
16:28:08.0111 3668 vwififlt - ok
16:28:08.0143 3668 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
16:28:08.0189 3668 W32Time - ok
16:28:08.0236 3668 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
16:28:08.0267 3668 WacomPen - ok
16:28:08.0314 3668 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
16:28:08.0345 3668 WANARP - ok
16:28:08.0361 3668 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
16:28:08.0392 3668 Wanarpv6 - ok
16:28:08.0486 3668 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
16:28:08.0517 3668 WatAdminSvc - ok
16:28:08.0579 3668 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
16:28:08.0611 3668 wbengine - ok
16:28:08.0642 3668 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
16:28:08.0673 3668 WbioSrvc - ok
16:28:08.0720 3668 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
16:28:08.0751 3668 wcncsvc - ok
16:28:08.0782 3668 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:28:08.0845 3668 WcsPlugInService - ok
16:28:08.0891 3668 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
16:28:08.0923 3668 Wd - ok
16:28:08.0954 3668 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
16:28:08.0985 3668 Wdf01000 - ok
16:28:09.0016 3668 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
16:28:09.0047 3668 WdiServiceHost - ok
16:28:09.0047 3668 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
16:28:09.0063 3668 WdiSystemHost - ok
16:28:09.0079 3668 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
16:28:09.0110 3668 WebClient - ok
16:28:09.0125 3668 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
16:28:09.0172 3668 Wecsvc - ok
16:28:09.0219 3668 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
16:28:09.0313 3668 wercplsupport - ok
16:28:09.0328 3668 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
16:28:09.0375 3668 WerSvc - ok
16:28:09.0406 3668 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
16:28:09.0437 3668 WfpLwf - ok
16:28:09.0453 3668 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
16:28:09.0469 3668 WIMMount - ok
16:28:09.0484 3668 WinDefend - ok
16:28:09.0500 3668 WinHttpAutoProxySvc - ok
16:28:09.0547 3668 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
16:28:09.0593 3668 Winmgmt - ok
16:28:09.0671 3668 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
16:28:09.0765 3668 WinRM - ok
16:28:09.0812 3668 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
16:28:09.0859 3668 Wlansvc - ok
16:28:09.0937 3668 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:28:09.0968 3668 wlcrasvc - ok
16:28:10.0077 3668 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:28:10.0124 3668 wlidsvc - ok
16:28:10.0155 3668 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
16:28:10.0171 3668 WmiAcpi - ok
16:28:10.0202 3668 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
16:28:10.0233 3668 wmiApSrv - ok
16:28:10.0264 3668 WMPNetworkSvc - ok
16:28:10.0295 3668 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
16:28:10.0311 3668 WPCSvc - ok
16:28:10.0327 3668 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
16:28:10.0342 3668 WPDBusEnum - ok
16:28:10.0373 3668 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
16:28:10.0451 3668 ws2ifsl - ok
16:28:10.0498 3668 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
16:28:10.0592 3668 wscsvc - ok
16:28:10.0654 3668 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
16:28:10.0685 3668 WSDPrintDevice - ok
16:28:10.0685 3668 WSearch - ok
16:28:10.0810 3668 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\windows\system32\wuaueng.dll
16:28:10.0888 3668 wuauserv - ok
16:28:10.0935 3668 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
16:28:10.0982 3668 WudfPf - ok
16:28:11.0013 3668 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
16:28:11.0060 3668 WUDFRd - ok
16:28:11.0091 3668 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
16:28:11.0122 3668 wudfsvc - ok
16:28:11.0138 3668 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
16:28:11.0185 3668 WwanSvc - ok
16:28:11.0216 3668 ================ Scan global ===============================
16:28:11.0247 3668 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
16:28:11.0278 3668 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
16:28:11.0294 3668 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
16:28:11.0309 3668 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
16:28:11.0356 3668 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
16:28:11.0356 3668 [Global] - ok
16:28:11.0356 3668 ================ Scan MBR ==================================
16:28:11.0372 3668 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
16:28:12.0370 3668 \Device\Harddisk0\DR0 - ok
16:28:12.0370 3668 ================ Scan VBR ==================================
16:28:12.0401 3668 [ A29569CF610E153C1CB1DE7062DA60B9 ] \Device\Harddisk0\DR0\Partition1
16:28:12.0401 3668 \Device\Harddisk0\DR0\Partition1 - ok
16:28:12.0401 3668 ================ Scan active images ========================
16:28:12.0401 3668 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
16:28:12.0401 3668 C:\Windows\System32\drivers\crashdmp.sys - ok
16:28:12.0417 3668 [ D469B77687E12FE43E344806740B624D ] C:\Windows\System32\drivers\iaStor.sys
16:28:12.0417 3668 C:\Windows\System32\drivers\iaStor.sys - ok
16:28:12.0417 3668 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
16:28:12.0417 3668 C:\Windows\System32\drivers\dumpfve.sys - ok
16:28:12.0417 3668 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] C:\Windows\System32\drivers\aswSnx.sys
16:28:12.0417 3668 C:\Windows\System32\drivers\aswSnx.sys - ok
16:28:12.0433 3668 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
16:28:12.0433 3668 C:\Windows\System32\drivers\cdrom.sys - ok
16:28:12.0433 3668 [ 6B91E6D483AADB3FC4E13E2355200611 ] C:\Windows\System32\drivers\aswKbd.sys
16:28:12.0433 3668 C:\Windows\System32\drivers\aswKbd.sys - ok
16:28:12.0448 3668 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
16:28:12.0448 3668 C:\Windows\System32\drivers\beep.sys - ok
16:28:12.0448 3668 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
16:28:12.0448 3668 C:\Windows\System32\drivers\null.sys - ok
16:28:12.0448 3668 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
16:28:12.0448 3668 C:\Windows\System32\drivers\msfs.sys - ok
16:28:12.0448 3668 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
16:28:12.0448 3668 C:\Windows\System32\drivers\npfs.sys - ok
16:28:12.0448 3668 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
16:28:12.0448 3668 C:\Windows\System32\drivers\RDPCDD.sys - ok
16:28:12.0464 3668 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
16:28:12.0464 3668 C:\Windows\System32\drivers\RDPENCDD.sys - ok
16:28:12.0464 3668 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
16:28:12.0464 3668 C:\Windows\System32\drivers\RDPREFMP.sys - ok
16:28:12.0464 3668 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
16:28:12.0464 3668 C:\Windows\System32\drivers\tdi.sys - ok
16:28:12.0479 3668 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
16:28:12.0479 3668 C:\Windows\System32\drivers\tdx.sys - ok
16:28:12.0479 3668 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
16:28:12.0479 3668 C:\Windows\System32\drivers\vga.sys - ok
16:28:12.0479 3668 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
16:28:12.0479 3668 C:\Windows\System32\drivers\videoprt.sys - ok
16:28:12.0495 3668 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
16:28:12.0495 3668 C:\Windows\System32\drivers\watchdog.sys - ok
16:28:12.0495 3668 [ 9FFC732E12FF53E05FE9E02C8C00CE87 ] C:\Windows\System32\drivers\aswFW.sys
16:28:12.0495 3668 C:\Windows\System32\drivers\aswFW.sys - ok
16:28:12.0495 3668 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] C:\Windows\System32\drivers\aswTdi.sys
16:28:12.0495 3668 C:\Windows\System32\drivers\aswTdi.sys - ok
16:28:12.0495 3668 [ D5B031C308A409A0A576BFF4CF083D30 ] C:\Windows\System32\drivers\afd.sys
16:28:12.0495 3668 C:\Windows\System32\drivers\afd.sys - ok
16:28:12.0511 3668 [ 57768C7DB4681F2510F247F82EF31D4F ] C:\Windows\System32\drivers\aswRdr2.sys
16:28:12.0511 3668 C:\Windows\System32\drivers\aswRdr2.sys - ok
16:28:12.0511 3668 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
16:28:12.0511 3668 C:\Windows\System32\drivers\netbt.sys - ok
16:28:12.0526 3668 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
16:28:12.0526 3668 C:\Windows\System32\drivers\ws2ifsl.sys - ok
16:28:12.0526 3668 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
16:28:12.0526 3668 C:\Windows\System32\drivers\pacer.sys - ok
16:28:12.0526 3668 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
16:28:12.0526 3668 C:\Windows\System32\drivers\wfplwf.sys - ok
16:28:12.0526 3668 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
16:28:12.0526 3668 C:\Windows\System32\drivers\netbios.sys - ok
16:28:12.0542 3668 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
16:28:12.0542 3668 C:\Windows\System32\drivers\vwififlt.sys - ok
16:28:12.0542 3668 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
16:28:12.0542 3668 C:\Windows\System32\drivers\termdd.sys - ok
16:28:12.0542 3668 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
16:28:12.0542 3668 C:\Windows\System32\drivers\wanarp.sys - ok
16:28:12.0557 3668 [ 3289766038DB2CB14D07DC84392138D5 ] C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys
16:28:12.0557 3668 C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys - ok
16:28:12.0573 3668 [ 58A38E75F3316A83C23DF6173D41F2B5 ] C:\Program Files\SUPERAntiSpyware\saskutil64.sys
16:28:12.0573 3668 C:\Program Files\SUPERAntiSpyware\saskutil64.sys - ok
16:28:12.0589 3668 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
16:28:12.0589 3668 C:\Windows\System32\drivers\rdbss.sys - ok
16:28:12.0589 3668 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
16:28:12.0589 3668 C:\Windows\System32\drivers\discache.sys - ok
16:28:12.0589 3668 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
16:28:12.0589 3668 C:\Windows\System32\drivers\mssmbios.sys - ok
16:28:12.0589 3668 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
16:28:12.0589 3668 C:\Windows\System32\drivers\nsiproxy.sys - ok
16:28:12.0620 3668 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
16:28:12.0620 3668 C:\Windows\System32\drivers\blbdrive.sys - ok
16:28:12.0635 3668 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
16:28:12.0635 3668 C:\Windows\System32\drivers\dfsc.sys - ok
16:28:12.0635 3668 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] C:\Windows\System32\drivers\aswSP.sys
16:28:12.0635 3668 C:\Windows\System32\drivers\aswSP.sys - ok
16:28:12.0635 3668 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
16:28:12.0635 3668 C:\Windows\System32\drivers\tunnel.sys - ok
16:28:12.0635 3668 [ 3556D5A8BF2CC508BDAB51DEC38D7C61 ] C:\Windows\System32\ntdll.dll
16:28:12.0635 3668 C:\Windows\System32\ntdll.dll - ok
16:28:12.0635 3668 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
16:28:12.0635 3668 C:\Windows\System32\smss.exe - ok
16:28:12.0651 3668 [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0 ] C:\Windows\System32\drivers\igdkmd64.sys
16:28:12.0651 3668 C:\Windows\System32\drivers\igdkmd64.sys - ok
16:28:12.0651 3668 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
16:28:12.0651 3668 C:\Windows\System32\drivers\dxgkrnl.sys - ok
16:28:12.0651 3668 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
16:28:12.0651 3668 C:\Windows\System32\autochk.exe - ok
16:28:12.0682 3668 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
16:28:12.0682 3668 C:\Windows\System32\drivers\dxgmms1.sys - ok
16:28:12.0698 3668 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
16:28:12.0698 3668 C:\Windows\System32\drivers\HECIx64.sys - ok
16:28:12.0698 3668 [ B6D64EE607637301FF8C33139B4950DE ] C:\Windows\System32\drivers\usbport.sys
16:28:12.0698 3668 C:\Windows\System32\drivers\usbport.sys - ok
16:28:12.0698 3668 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
16:28:12.0698 3668 C:\Windows\System32\drivers\hdaudbus.sys - ok
16:28:12.0713 3668 [ 74EE782B1D9C241EFE425565854C661C ] C:\Windows\System32\drivers\usbehci.sys
16:28:12.0713 3668 C:\Windows\System32\drivers\usbehci.sys - ok
16:28:12.0713 3668 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] C:\Windows\System32\drivers\rtl8192ce.sys
16:28:12.0713 3668 C:\Windows\System32\drivers\rtl8192ce.sys - ok
16:28:12.0713 3668 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
16:28:12.0713 3668 C:\Windows\System32\drivers\vwifibus.sys - ok
16:28:12.0729 3668 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
16:28:12.0729 3668 C:\Windows\System32\drivers\i8042prt.sys - ok
16:28:12.0729 3668 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
16:28:12.0729 3668 C:\Windows\System32\drivers\kbdclass.sys - ok
16:28:12.0745 3668 [ EBED8B3FF4A823C1A6EEBEED7B29353F ] C:\Windows\System32\drivers\L1C62x64.sys
16:28:12.0745 3668 C:\Windows\System32\drivers\L1C62x64.sys - ok
16:28:12.0776 3668 [ 63C8D74BED9F80F4DD0AA7A3101EB639 ] C:\Windows\System32\drivers\usbd.sys
16:28:12.0776 3668 C:\Windows\System32\drivers\usbd.sys - ok
16:28:12.0776 3668 [ F5B46DF59FEAA48A442AED7EEB754D4B ] C:\Windows\System32\drivers\SynTP.sys
16:28:12.0776 3668 C:\Windows\System32\drivers\SynTP.sys - ok
16:28:12.0807 3668 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
16:28:12.0807 3668 C:\Windows\System32\lpk.dll - ok
16:28:12.0807 3668 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
16:28:12.0807 3668 C:\Windows\System32\drivers\CmBatt.sys - ok
16:28:12.0807 3668 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
16:28:12.0807 3668 C:\Windows\System32\drivers\intelppm.sys - ok
16:28:12.0823 3668 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
16:28:12.0823 3668 C:\Windows\System32\drivers\mouclass.sys - ok
16:28:12.0823 3668 [ FD542B661BD22FA69CA789AD0AC58C29 ] C:\Windows\System32\drivers\tdcmdpst.sys
16:28:12.0823 3668 C:\Windows\System32\drivers\tdcmdpst.sys - ok
16:28:12.0838 3668 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
16:28:12.0838 3668 C:\Windows\System32\drivers\agilevpn.sys - ok
16:28:12.0838 3668 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
16:28:12.0838 3668 C:\Windows\System32\drivers\CompositeBus.sys - ok
16:28:12.0838 3668 [ C8FCB4899F8B70CC34E0D9876A80963C ] C:\Windows\System32\drivers\QIOMem.sys
16:28:12.0838 3668 C:\Windows\System32\drivers\QIOMem.sys - ok
16:28:12.0838 3668 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
16:28:12.0838 3668 C:\Windows\System32\drivers\rasl2tp.sys - ok
16:28:12.0854 3668 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] C:\Windows\System32\drivers\TVALZFL.sys
16:28:12.0854 3668 C:\Windows\System32\drivers\TVALZFL.sys - ok
16:28:12.0854 3668 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
16:28:12.0854 3668 C:\Windows\System32\drivers\wmiacpi.sys - ok
16:28:12.0854 3668 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
16:28:12.0854 3668 C:\Windows\System32\drivers\ndistapi.sys - ok
16:28:12.0854 3668 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
16:28:12.0854 3668 C:\Windows\System32\drivers\ndiswan.sys - ok
16:28:12.0854 3668 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
16:28:12.0854 3668 C:\Windows\System32\drivers\raspppoe.sys - ok
16:28:12.0869 3668 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
16:28:12.0869 3668 C:\Windows\System32\drivers\raspptp.sys - ok
16:28:12.0869 3668 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
16:28:12.0869 3668 C:\Windows\System32\drivers\rassstp.sys - ok
16:28:12.0869 3668 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
16:28:12.0869 3668 C:\Windows\System32\drivers\ks.sys - ok
16:28:12.0869 3668 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
16:28:12.0869 3668 C:\Windows\System32\drivers\swenum.sys - ok
16:28:12.0869 3668 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
16:28:12.0869 3668 C:\Windows\System32\drivers\umbus.sys - ok
16:28:12.0885 3668 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
16:28:12.0885 3668 C:\Windows\System32\ole32.dll - ok
16:28:12.0885 3668 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
16:28:12.0885 3668 C:\Windows\System32\shlwapi.dll - ok
16:28:12.0885 3668 [ DC96BD9CCB8403251BCF25047573558E ] C:\Windows\System32\drivers\usbhub.sys
16:28:12.0885 3668 C:\Windows\System32\drivers\usbhub.sys - ok
16:28:12.0885 3668 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
16:28:12.0885 3668 C:\Windows\System32\drivers\ndproxy.sys - ok
16:28:12.0885 3668 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
16:28:12.0885 3668 C:\Windows\System32\drivers\drmk.sys - ok
16:28:12.0901 3668 [ 20506F12AFAD3DB588D007EA9325FBBC ] C:\Windows\System32\drivers\CHDRT64.sys
16:28:12.0901 3668 C:\Windows\System32\drivers\CHDRT64.sys - ok
16:28:12.0901 3668 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
16:28:12.0901 3668 C:\Windows\System32\drivers\ksthunk.sys - ok
16:28:12.0901 3668 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
16:28:12.0901 3668 C:\Windows\System32\drivers\portcls.sys - ok
16:28:12.0901 3668 [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys
16:28:12.0901 3668 C:\Windows\System32\drivers\IntcDAud.sys - ok
16:28:12.0916 3668 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
16:28:12.0916 3668 C:\Windows\System32\drivers\hidparse.sys - ok
16:28:12.0916 3668 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] C:\Windows\System32\drivers\usbccgp.sys
16:28:12.0916 3668 C:\Windows\System32\drivers\usbccgp.sys - ok
16:28:12.0916 3668 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
16:28:12.0916 3668 C:\Windows\System32\drivers\hidclass.sys - ok
16:28:12.0916 3668 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
16:28:12.0916 3668 C:\Windows\System32\drivers\hidusb.sys - ok
16:28:12.0916 3668 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
16:28:12.0916 3668 C:\Windows\System32\drivers\mouhid.sys - ok
16:28:12.0932 3668 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
16:28:12.0932 3668 C:\Windows\System32\drivers\usbvideo.sys - ok
16:28:12.0932 3668 [ 91111CEBBDE8015E822C46120ED9537C ] C:\Windows\System32\drivers\PGEffect.sys
16:28:12.0932 3668 C:\Windows\System32\drivers\PGEffect.sys - ok
16:28:12.0932 3668 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
16:28:12.0932 3668 C:\Windows\System32\Wldap32.dll - ok
16:28:12.0932 3668 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
16:28:12.0932 3668 C:\Windows\System32\difxapi.dll - ok
16:28:12.0932 3668 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
16:28:12.0932 3668 C:\Windows\System32\nsi.dll - ok
16:28:12.0947 3668 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
16:28:12.0947 3668 C:\Windows\System32\sechost.dll - ok
16:28:12.0947 3668 [ 0AD86555E7511D6BC4D04CBF6BCA31B6 ] C:\Windows\System32\urlmon.dll
16:28:12.0947 3668 C:\Windows\System32\urlmon.dll - ok
16:28:12.0947 3668 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
16:28:12.0947 3668 C:\Windows\System32\gdi32.dll - ok
16:28:12.0947 3668 [ B8509DCFCFD577F568BE4026BFD982C0 ] C:\Windows\System32\imagehlp.dll
16:28:12.0947 3668 C:\Windows\System32\imagehlp.dll - ok
16:28:12.0947 3668 [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll
16:28:12.0947 3668 C:\Windows\System32\kernel32.dll - ok
16:28:12.0963 3668 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
16:28:12.0963 3668 C:\Windows\System32\ws2_32.dll - ok
16:28:12.0963 3668 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
16:28:12.0963 3668 C:\Windows\System32\rpcrt4.dll - ok
16:28:12.0963 3668 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
16:28:12.0963 3668 C:\Windows\System32\normaliz.dll - ok
16:28:12.0963 3668 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
16:28:12.0963 3668 C:\Windows\System32\usp10.dll - ok
16:28:12.0979 3668 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
16:28:12.0979 3668 C:\Windows\System32\oleaut32.dll - ok
16:28:12.0979 3668 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
16:28:12.0979 3668 C:\Windows\System32\setupapi.dll - ok
16:28:12.0979 3668 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
16:28:12.0979 3668 C:\Windows\System32\imm32.dll - ok
16:28:12.0979 3668 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
16:28:12.0979 3668 C:\Windows\System32\user32.dll - ok
16:28:12.0979 3668 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
16:28:12.0979 3668 C:\Windows\System32\clbcatq.dll - ok
16:28:12.0979 3668 [ 7319BB10FA1F86E49E3DCF4136F6C957 ] C:\Windows\System32\msvcrt.dll
16:28:12.0979 3668 C:\Windows\System32\msvcrt.dll - ok
16:28:12.0994 3668 [ 6CFF67BBACE1DE0AD9BF94C2BCE688C7 ] C:\Windows\System32\iertutil.dll
16:28:12.0994 3668 C:\Windows\System32\iertutil.dll - ok
16:28:12.0994 3668 [ 26E716ED95DC48CF6E5AC046089366AF ] C:\Windows\System32\shell32.dll
16:28:12.0994 3668 C:\Windows\System32\shell32.dll - ok
16:28:12.0994 3668 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
16:28:12.0994 3668 C:\Windows\System32\advapi32.dll - ok
16:28:12.0994 3668 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
16:28:12.0994 3668 C:\Windows\System32\comdlg32.dll - ok
16:28:13.0010 3668 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
16:28:13.0010 3668 C:\Windows\System32\msctf.dll - ok
16:28:13.0010 3668 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
16:28:13.0010 3668 C:\Windows\System32\psapi.dll - ok
16:28:13.0010 3668 [ 69151E566295E5A977FE71FFAFD3B3F8 ] C:\Windows\System32\wininet.dll
16:28:13.0010 3668 C:\Windows\System32\wininet.dll - ok
16:28:13.0010 3668 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
16:28:13.0010 3668 C:\Windows\System32\cfgmgr32.dll - ok
16:28:13.0010 3668 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
16:28:13.0010 3668 C:\Windows\System32\comctl32.dll - ok
16:28:13.0025 3668 [ 3F9F2AFA135F0663946A006DD5FFD897 ] C:\Windows\System32\crypt32.dll
16:28:13.0025 3668 C:\Windows\System32\crypt32.dll - ok
16:28:13.0025 3668 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
16:28:13.0025 3668 C:\Windows\System32\devobj.dll - ok
16:28:13.0025 3668 [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll
16:28:13.0025 3668 C:\Windows\System32\KernelBase.dll - ok
16:28:13.0025 3668 [ EB3F9C2DE1236B5D46B2291D82970E43 ] C:\Windows\System32\wintrust.dll
16:28:13.0025 3668 C:\Windows\System32\wintrust.dll - ok
16:28:13.0025 3668 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
16:28:13.0025 3668 C:\Windows\System32\msasn1.dll - ok
16:28:13.0041 3668 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
16:28:13.0041 3668 C:\Windows\SysWOW64\normaliz.dll - ok
16:28:13.0041 3668 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
16:28:13.0041 3668 C:\Windows\System32\drivers\dxapi.sys - ok
16:28:13.0041 3668 [ 6E810D7C1E3881289733924CE9763B92 ] C:\Windows\System32\win32k.sys
16:28:13.0041 3668 C:\Windows\System32\win32k.sys - ok
16:28:13.0041 3668 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
16:28:13.0041 3668 C:\Windows\System32\basesrv.dll - ok
16:28:13.0041 3668 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
16:28:13.0041 3668 C:\Windows\System32\csrsrv.dll - ok
16:28:13.0057 3668 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
16:28:13.0057 3668 C:\Windows\System32\csrss.exe - ok
16:28:13.0057 3668 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll
16:28:13.0057 3668 C:\Windows\System32\winsrv.dll - ok
16:28:13.0057 3668 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
16:28:13.0057 3668 C:\Windows\System32\drivers\monitor.sys - ok
16:28:13.0057 3668 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
16:28:13.0057 3668 C:\Windows\System32\tsddd.dll - ok
16:28:13.0072 3668 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
16:28:13.0072 3668 C:\Windows\System32\profapi.dll - ok
16:28:13.0072 3668 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
16:28:13.0072 3668 C:\Windows\System32\sxssrv.dll - ok
16:28:13.0072 3668 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
16:28:13.0072 3668 C:\Windows\System32\wininit.exe - ok
16:28:13.0072 3668 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
16:28:13.0072 3668 C:\Windows\System32\KBDUS.DLL - ok
16:28:13.0088 3668 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
16:28:13.0088 3668 C:\Windows\System32\RpcRtRemote.dll - ok
16:28:13.0088 3668 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
16:28:13.0088 3668 C:\Windows\System32\cdd.dll - ok
16:28:13.0088 3668 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
16:28:13.0088 3668 C:\Windows\System32\sxs.dll - ok
16:28:13.0088 3668 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
16:28:13.0088 3668 C:\Windows\System32\WlS0WndH.dll - ok
16:28:13.0088 3668 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
16:28:13.0088 3668 C:\Windows\System32\cryptbase.dll - ok
16:28:13.0103 3668 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
16:28:13.0103 3668 C:\Windows\System32\apphelp.dll - ok
16:28:13.0103 3668 [ 9F84806B3991D338FFDFC4ECF86A6923 ] C:\Windows\System32\lsasrv.dll
16:28:13.0103 3668 C:\Windows\System32\lsasrv.dll - ok
16:28:13.0103 3668 [ 0793F40B9B8A1BDD266296409DBD91EA ] C:\Windows\System32\lsass.exe
16:28:13.0103 3668 C:\Windows\System32\lsass.exe - ok
16:28:13.0103 3668 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
16:28:13.0103 3668 C:\Windows\System32\lsm.exe - ok
16:28:13.0103 3668 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
16:28:13.0103 3668 C:\Windows\System32\services.exe - ok
16:28:13.0119 3668 [ D8A79180614C14F87DA1038FFEB56F71 ] C:\Windows\System32\sspisrv.dll
16:28:13.0119 3668 C:\Windows\System32\sspisrv.dll - ok
16:28:13.0119 3668 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
16:28:13.0119 3668 C:\Windows\System32\sysntfy.dll - ok
16:28:13.0119 3668 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
16:28:13.0119 3668 C:\Windows\System32\wmsgapi.dll - ok
16:28:13.0119 3668 [ 2A86E54B441AD41557F75DC5609B9793 ] C:\Windows\System32\sspicli.dll
16:28:13.0119 3668 C:\Windows\System32\sspicli.dll - ok
16:28:13.0135 3668 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
16:28:13.0135 3668 C:\Windows\System32\samsrv.dll - ok
16:28:13.0135 3668 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
16:28:13.0135 3668 C:\Windows\System32\scesrv.dll - ok
16:28:13.0135 3668 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
16:28:13.0135 3668 C:\Windows\System32\scext.dll - ok
16:28:13.0135 3668 [ 858DF0795CB5B4BACE0F33708925A414 ] C:\Windows\System32\secur32.dll
16:28:13.0135 3668 C:\Windows\System32\secur32.dll - ok
16:28:13.0135 3668 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
16:28:13.0135 3668 C:\Windows\System32\cryptdll.dll - ok
16:28:13.0150 3668 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
16:28:13.0150 3668 C:\Windows\System32\srvcli.dll - ok
16:28:13.0150 3668 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
16:28:13.0150 3668 C:\Windows\System32\wevtapi.dll - ok
16:28:13.0150 3668 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
16:28:13.0150 3668 C:\Windows\System32\authz.dll - ok
16:28:13.0150 3668 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
16:28:13.0150 3668 C:\Windows\System32\cngaudit.dll - ok
16:28:13.0166 3668 [ 2E8C52A0EC788D90FA35D9507D828771 ] C:\Windows\System32\ncrypt.dll
16:28:13.0166 3668 C:\Windows\System32\ncrypt.dll - ok
16:28:13.0166 3668 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
16:28:13.0166 3668 C:\Windows\System32\bcrypt.dll - ok
16:28:13.0166 3668 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
16:28:13.0166 3668 C:\Windows\System32\msprivs.dll - ok
16:28:13.0166 3668 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
16:28:13.0166 3668 C:\Windows\System32\negoexts.dll - ok
16:28:13.0166 3668 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
16:28:13.0166 3668 C:\Windows\System32\netjoin.dll - ok
16:28:13.0181 3668 [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll
16:28:13.0181 3668 C:\Windows\System32\kerberos.dll - ok
16:28:13.0181 3668 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
16:28:13.0181 3668 C:\Windows\System32\cryptsp.dll - ok
16:28:13.0181 3668 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
16:28:13.0181 3668 C:\Windows\System32\mswsock.dll - ok
16:28:13.0181 3668 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
16:28:13.0181 3668 C:\Windows\System32\wship6.dll - ok
16:28:13.0181 3668 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
16:28:13.0181 3668 C:\Windows\System32\msv1_0.dll - ok
16:28:13.0197 3668 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
16:28:13.0197 3668 C:\Windows\System32\dnsapi.dll - ok
16:28:13.0197 3668 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
16:28:13.0197 3668 C:\Windows\System32\netlogon.dll - ok
16:28:13.0197 3668 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
16:28:13.0197 3668 C:\Windows\System32\logoncli.dll - ok
16:28:13.0197 3668 [ A199DE544BF5C61C134B22C7592226FC ] C:\Windows\System32\schannel.dll
16:28:13.0197 3668 C:\Windows\System32\schannel.dll - ok
16:28:13.0197 3668 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
16:28:13.0197 3668 C:\Windows\System32\wdigest.dll - ok
16:28:13.0213 3668 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
16:28:13.0213 3668 C:\Windows\System32\pku2u.dll - ok
16:28:13.0213 3668 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
16:28:13.0213 3668 C:\Windows\System32\rsaenh.dll - ok
16:28:13.0213 3668 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
16:28:13.0213 3668 C:\Windows\System32\TSpkg.dll - ok
16:28:13.0213 3668 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
16:28:13.0213 3668 C:\Windows\System32\bcryptprimitives.dll - ok
16:28:13.0213 3668 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
16:28:13.0228 3668 C:\Windows\System32\credssp.dll - ok
16:28:13.0228 3668 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
16:28:13.0228 3668 C:\Windows\System32\efslsaext.dll - ok
16:28:13.0228 3668 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
16:28:13.0228 3668 C:\Windows\System32\scecli.dll - ok
16:28:13.0228 3668 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
16:28:13.0228 3668 C:\Windows\System32\ubpm.dll - ok
16:28:13.0228 3668 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
16:28:13.0228 3668 C:\Windows\System32\winsta.dll - ok
16:28:13.0244 3668 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
16:28:13.0244 3668 C:\Windows\System32\svchost.exe - ok
16:28:13.0244 3668 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
16:28:13.0244 3668 C:\Windows\System32\umpnpmgr.dll - ok
16:28:13.0244 3668 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
16:28:13.0244 3668 C:\Windows\System32\SPInf.dll - ok
16:28:13.0244 3668 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
16:28:13.0244 3668 C:\Windows\System32\devrtl.dll - ok
16:28:13.0244 3668 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
16:28:13.0244 3668 C:\Windows\System32\gpapi.dll - ok
16:28:13.0259 3668 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
16:28:13.0259 3668 C:\Windows\System32\userenv.dll - ok
16:28:13.0259 3668 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
16:28:13.0259 3668 C:\Windows\System32\winlogon.exe - ok
16:28:13.0259 3668 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
16:28:13.0259 3668 C:\Windows\System32\pcwum.dll - ok
16:28:13.0259 3668 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
16:28:13.0259 3668 C:\Windows\System32\umpo.dll - ok
16:28:13.0259 3668 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
16:28:13.0259 3668 C:\Windows\System32\powrprof.dll - ok
16:28:13.0275 3668 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
16:28:13.0275 3668 C:\Windows\System32\drivers\luafv.sys - ok
16:28:13.0275 3668 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] C:\Windows\System32\drivers\aswFsBlk.sys
16:28:13.0275 3668 C:\Windows\System32\drivers\aswFsBlk.sys - ok
16:28:13.0275 3668 [ B50CDD87772D6A11CB90924AAD399DF8 ] C:\Windows\System32\drivers\aswMonFlt.sys
16:28:13.0275 3668 C:\Windows\System32\drivers\aswMonFlt.sys - ok
16:28:13.0275 3668 [ 8F571F016FA1976F445147E9E6C8AE9B ] C:\Windows\System32\drivers\Sftvollh.sys
16:28:13.0275 3668 C:\Windows\System32\drivers\Sftvollh.sys - ok
16:28:13.0291 3668 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
16:28:13.0291 3668 C:\Windows\System32\drivers\WUDFPf.sys - ok
16:28:13.0291 3668 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
16:28:13.0291 3668 C:\Windows\System32\rpcss.dll - ok
16:28:13.0291 3668 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
16:28:13.0291 3668 C:\Windows\System32\RpcEpMap.dll - ok
16:28:13.0291 3668 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
16:28:13.0291 3668 C:\Windows\System32\wshqos.dll - ok
16:28:13.0291 3668 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
16:28:13.0291 3668 C:\Windows\System32\WSHTCPIP.DLL - ok
16:28:13.0306 3668 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
16:28:13.0306 3668 C:\Windows\System32\FirewallAPI.dll - ok
16:28:13.0306 3668 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
16:28:13.0306 3668 C:\Windows\System32\LogonUI.exe - ok
16:28:13.0306 3668 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
16:28:13.0306 3668 C:\Windows\System32\version.dll - ok
16:28:13.0306 3668 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
16:28:13.0306 3668 C:\Windows\System32\wevtsvc.dll - ok
16:28:13.0306 3668 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
16:28:13.0306 3668 C:\Windows\System32\authui.dll - ok
16:28:13.0322 3668 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
16:28:13.0322 3668 C:\Windows\System32\cryptui.dll - ok
16:28:13.0322 3668 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
16:28:13.0322 3668 C:\Windows\System32\audiosrv.dll - ok
16:28:13.0322 3668 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
16:28:13.0322 3668 C:\Windows\System32\avrt.dll - ok
16:28:13.0322 3668 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
16:28:13.0322 3668 C:\Windows\System32\mmcss.dll - ok
16:28:13.0322 3668 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
16:28:13.0322 3668 C:\Windows\System32\MMDevAPI.dll - ok
16:28:13.0337 3668 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
16:28:13.0337 3668 C:\Windows\System32\propsys.dll - ok
16:28:13.0337 3668 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
16:28:13.0337 3668 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
16:28:13.0337 3668 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
16:28:13.0337 3668 C:\Windows\System32\samlib.dll - ok
16:28:13.0337 3668 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
16:28:13.0337 3668 C:\Windows\System32\shacct.dll - ok
16:28:13.0353 3668 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
16:28:13.0353 3668 C:\Windows\System32\uxtheme.dll - ok
16:28:13.0353 3668 [ 497BFEDDAF3950DD909C3B0C5558A25D ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\GdiPlus.dll

16:28:13.0353 3668 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\GdiPlus.dll - ok
16:28:13.0353 3668 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
16:28:13.0353 3668 C:\Windows\System32\audiodg.exe - ok
16:28:13.0353 3668 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
16:28:13.0353 3668 C:\Windows\System32\dui70.dll - ok
16:28:13.0353 3668 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
16:28:13.0353 3668 C:\Windows\System32\duser.dll - ok
16:28:13.0369 3668 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
16:28:13.0369 3668 C:\Windows\System32\ntmarta.dll - ok
16:28:13.0369 3668 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
16:28:13.0369 3668 C:\Windows\System32\gpsvc.dll - ok
16:28:13.0369 3668 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
16:28:13.0369 3668 C:\Windows\System32\SndVolSSO.dll - ok
16:28:13.0369 3668 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
16:28:13.0369 3668 C:\Windows\System32\dwmapi.dll - ok
16:28:13.0369 3668 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
16:28:13.0369 3668 C:\Windows\System32\hid.dll - ok
16:28:13.0384 3668 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
16:28:13.0384 3668 C:\Windows\System32\atl.dll - ok
16:28:13.0384 3668 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
16:28:13.0384 3668 C:\Windows\System32\nlaapi.dll - ok
16:28:13.0384 3668 [ 5C78838B4D166D1A27DB3A8A820C799A ] C:\Windows\System32\profsvc.dll
16:28:13.0384 3668 C:\Windows\System32\profsvc.dll - ok
16:28:13.0384 3668 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
16:28:13.0384 3668 C:\Windows\System32\themeservice.dll - ok
16:28:13.0384 3668 [ D6F630C1FD7F436316093AE500363B19 ] C:\Windows\System32\xmllite.dll
16:28:13.0384 3668 C:\Windows\System32\xmllite.dll - ok
16:28:13.0400 3668 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
16:28:13.0400 3668 C:\Windows\System32\dsrole.dll - ok
16:28:13.0400 3668 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
16:28:13.0400 3668 C:\Windows\System32\slc.dll - ok
16:28:13.0400 3668 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
16:28:13.0400 3668 C:\Windows\System32\WindowsCodecs.dll - ok
16:28:13.0400 3668 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
16:28:13.0400 3668 C:\Windows\System32\es.dll - ok
16:28:13.0400 3668 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
16:28:13.0400 3668 C:\Windows\System32\comres.dll - ok
16:28:13.0415 3668 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
16:28:13.0415 3668 C:\Windows\System32\Sens.dll - ok
16:28:13.0415 3668 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
16:28:13.0415 3668 C:\Windows\System32\uxsms.dll - ok
16:28:13.0415 3668 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
16:28:13.0415 3668 C:\Windows\System32\wtsapi32.dll - ok
16:28:13.0415 3668 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
16:28:13.0415 3668 C:\Windows\System32\WUDFPlatform.dll - ok
16:28:13.0415 3668 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
16:28:13.0415 3668 C:\Windows\System32\WUDFSvc.dll - ok
16:28:13.0431 3668 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
16:28:13.0431 3668 C:\Windows\System32\drivers\lltdio.sys - ok
16:28:13.0431 3668 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
16:28:13.0431 3668 C:\Windows\System32\drivers\nwifi.sys - ok
16:28:13.0431 3668 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
16:28:13.0431 3668 C:\Windows\System32\drivers\ndisuio.sys - ok
16:28:13.0431 3668 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
16:28:13.0431 3668 C:\Windows\System32\drivers\rspndr.sys - ok
16:28:13.0447 3668 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
16:28:13.0447 3668 C:\Windows\System32\IPHLPAPI.DLL - ok
16:28:13.0447 3668 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
16:28:13.0447 3668 C:\Windows\System32\lmhsvc.dll - ok
16:28:13.0447 3668 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
16:28:13.0447 3668 C:\Windows\System32\nsisvc.dll - ok
16:28:13.0447 3668 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
16:28:13.0447 3668 C:\Windows\System32\dhcpcore.dll - ok
16:28:13.0447 3668 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
16:28:13.0447 3668 C:\Windows\System32\nrpsrv.dll - ok
16:28:13.0462 3668 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
16:28:13.0462 3668 C:\Windows\System32\winnsi.dll - ok
16:28:13.0462 3668 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
16:28:13.0462 3668 C:\Windows\System32\dhcpcore6.dll - ok
16:28:13.0462 3668 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
16:28:13.0462 3668 C:\Windows\System32\dnsrslvr.dll - ok
16:28:13.0462 3668 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
16:28:13.0462 3668 C:\Windows\System32\keyiso.dll - ok
16:28:13.0462 3668 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
16:28:13.0462 3668 C:\Windows\System32\eapphost.dll - ok
16:28:13.0478 3668 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
16:28:13.0478 3668 C:\Windows\System32\eapsvc.dll - ok
16:28:13.0478 3668 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
16:28:13.0478 3668 C:\Windows\System32\winbrand.dll - ok
16:28:13.0478 3668 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
16:28:13.0478 3668 C:\Windows\System32\FWPUCLNT.DLL - ok
16:28:13.0478 3668 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
16:28:13.0478 3668 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
16:28:13.0478 3668 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
16:28:13.0478 3668 C:\Windows\System32\umb.dll - ok
16:28:13.0493 3668 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
16:28:13.0493 3668 C:\Windows\System32\VaultCredProvider.dll - ok
16:28:13.0493 3668 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
16:28:13.0493 3668 C:\Windows\System32\wlansvc.dll - ok
16:28:13.0493 3668 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
16:28:13.0493 3668 C:\Windows\System32\wlanmsm.dll - ok
16:28:13.0493 3668 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
16:28:13.0493 3668 C:\Windows\System32\BioCredProv.dll - ok
16:28:13.0509 3668 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
16:28:13.0509 3668 C:\Windows\System32\wlansec.dll - ok
16:28:13.0509 3668 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
16:28:13.0509 3668 C:\Windows\System32\onex.dll - ok
16:28:13.0509 3668 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
16:28:13.0509 3668 C:\Windows\System32\winbio.dll - ok
16:28:13.0509 3668 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
16:28:13.0509 3668 C:\Windows\System32\dhcpcsvc.dll - ok
16:28:13.0509 3668 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
16:28:13.0509 3668 C:\Windows\System32\dnsext.dll - ok
16:28:13.0525 3668 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
16:28:13.0525 3668 C:\Windows\System32\eappprxy.dll - ok
16:28:13.0525 3668 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
16:28:13.0525 3668 C:\Windows\System32\credui.dll - ok
16:28:13.0525 3668 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
16:28:13.0525 3668 C:\Windows\System32\dhcpcsvc6.dll - ok
16:28:13.0525 3668 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
16:28:13.0525 3668 C:\Windows\System32\eappcfg.dll - ok
16:28:13.0525 3668 [ 764908FE1FA96F93C95B1B67A0FCED29 ] C:\Windows\System32\netapi32.dll
16:28:13.0525 3668 C:\Windows\System32\netapi32.dll - ok
16:28:13.0540 3668 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
16:28:13.0540 3668 C:\Windows\System32\vaultcli.dll - ok
16:28:13.0540 3668 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
16:28:13.0540 3668 C:\Windows\System32\netutils.dll - ok
16:28:13.0540 3668 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
16:28:13.0540 3668 C:\Windows\System32\wkscli.dll - ok
16:28:13.0540 3668 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
16:28:13.0540 3668 C:\Windows\System32\samcli.dll - ok
16:28:13.0540 3668 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
16:28:13.0540 3668 C:\Windows\System32\certCredProvider.dll - ok
16:28:13.0556 3668 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
16:28:13.0556 3668 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
16:28:13.0556 3668 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
16:28:13.0556 3668 C:\Windows\System32\l2gpstore.dll - ok
16:28:13.0556 3668 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
16:28:13.0556 3668 C:\Windows\System32\WinSCard.dll - ok
16:28:13.0556 3668 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
16:28:13.0556 3668 C:\Windows\System32\wlanutil.dll - ok
16:28:13.0556 3668 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
16:28:13.0556 3668 C:\Windows\System32\wlgpclnt.dll - ok
16:28:13.0571 3668 [ 5C29199C9F0EDE64F17F268084EC4392 ] C:\Windows\System32\msxml6.dll
16:28:13.0571 3668 C:\Windows\System32\msxml6.dll - ok
16:28:13.0571 3668 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
16:28:13.0571 3668 C:\Windows\System32\rasplap.dll - ok
16:28:13.0571 3668 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
16:28:13.0571 3668 C:\Windows\System32\rasapi32.dll - ok
16:28:13.0571 3668 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
16:28:13.0571 3668 C:\Windows\System32\rasman.dll - ok
16:28:13.0571 3668 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
16:28:13.0571 3668 C:\Windows\System32\rtutils.dll - ok
16:28:13.0587 3668 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
16:28:13.0587 3668 C:\Windows\System32\UXInit.dll - ok
16:28:13.0587 3668 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
16:28:13.0587 3668 C:\Windows\System32\oleacc.dll - ok
16:28:13.0587 3668 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
16:28:13.0587 3668 C:\Windows\System32\UIAutomationCore.dll - ok
16:28:13.0587 3668 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
16:28:13.0587 3668 C:\Windows\System32\imageres.dll - ok
16:28:13.0603 3668 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
16:28:13.0603 3668 C:\Windows\System32\netprofm.dll - ok
16:28:13.0603 3668 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
16:28:13.0603 3668 C:\Windows\System32\dllhost.exe - ok
16:28:13.0603 3668 [ 8FA553E9AE69808D99C164733A0F9590 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:28:13.0603 3668 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
16:28:13.0603 3668 [ D124F55B9393C976963407DFF51FFA79 ] C:\Windows\SysWOW64\ntdll.dll
16:28:13.0603 3668 C:\Windows\SysWOW64\ntdll.dll - ok
16:28:13.0603 3668 [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll
16:28:13.0603 3668 C:\Windows\System32\wow64.dll - ok
16:28:13.0618 3668 [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll
16:28:13.0618 3668 C:\Windows\System32\wow64win.dll - ok
16:28:13.0618 3668 [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll
16:28:13.0618 3668 C:\Windows\System32\wow64cpu.dll - ok
16:28:13.0618 3668 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll
16:28:13.0618 3668 C:\Windows\SysWOW64\kernel32.dll - ok
16:28:13.0618 3668 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll
16:28:13.0618 3668 C:\Windows\SysWOW64\KernelBase.dll - ok
16:28:13.0618 3668 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
16:28:13.0618 3668 C:\Windows\SysWOW64\ws2_32.dll - ok
16:28:13.0634 3668 [ E46D48A7FE961401F1CBF85531CDF05D ] C:\Windows\SysWOW64\msvcrt.dll
16:28:13.0634 3668 C:\Windows\SysWOW64\msvcrt.dll - ok
16:28:13.0634 3668 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
16:28:13.0634 3668 C:\Windows\SysWOW64\rpcrt4.dll - ok
16:28:13.0634 3668 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
16:28:13.0634 3668 C:\Windows\System32\netcfgx.dll - ok
16:28:13.0634 3668 [ EB398DED91CFF2F425610EAA2CCF2A23 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
16:28:13.0634 3668 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
16:28:13.0649 3668 [ 178B51198B7B46CD3C5E744474459A63 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
16:28:13.0649 3668 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
16:28:13.0649 3668 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
16:28:13.0649 3668 C:\Windows\SysWOW64\cryptbase.dll - ok
16:28:13.0649 3668 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
16:28:13.0649 3668 C:\Windows\SysWOW64\nsi.dll - ok
16:28:13.0649 3668 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
16:28:13.0649 3668 C:\Windows\SysWOW64\sechost.dll - ok
16:28:13.0649 3668 [ 7224D964A6D657374C551C878EB2C386 ] C:\Windows\SysWOW64\sspicli.dll
16:28:13.0649 3668 C:\Windows\SysWOW64\sspicli.dll - ok
16:28:13.0665 3668 [ BABE99A18A382A5E2F99B48E0BC3E0D4 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
16:28:13.0665 3668 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
16:28:13.0665 3668 [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
16:28:13.0665 3668 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
16:28:13.0665 3668 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
16:28:13.0665 3668 C:\Windows\SysWOW64\user32.dll - ok
16:28:13.0665 3668 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
16:28:13.0665 3668 C:\Windows\SysWOW64\gdi32.dll - ok
16:28:13.0665 3668 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
16:28:13.0665 3668 C:\Windows\SysWOW64\lpk.dll - ok
16:28:13.0681 3668 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
16:28:13.0681 3668 C:\Windows\SysWOW64\advapi32.dll - ok
16:28:13.0681 3668 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
16:28:13.0681 3668 C:\Windows\SysWOW64\usp10.dll - ok
16:28:13.0681 3668 [ DB001FAEA818AE2E14A74E0ADC530FC0 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
16:28:13.0681 3668 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok
16:28:13.0681 3668 [ 55AFA63F5F2A6CED0C09E2AFE57ECA8D ] C:\Program Files\AVAST Software\Avast\ashBase.dll
16:28:13.0681 3668 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
16:28:13.0696 3668 [ C515CAEC6B3C6970007954C0250A124C ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
16:28:13.0696 3668 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
16:28:13.0696 3668 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
16:28:13.0696 3668 C:\Windows\SysWOW64\psapi.dll - ok
16:28:13.0696 3668 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
16:28:13.0696 3668 C:\Windows\SysWOW64\version.dll - ok
16:28:13.0696 3668 [ 02F98B5C0E397AD06124D84428CF8F1A ] C:\Windows\SysWOW64\wininet.dll
16:28:13.0696 3668 C:\Windows\SysWOW64\wininet.dll - ok
16:28:13.0696 3668 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
16:28:13.0696 3668 C:\Windows\SysWOW64\wsock32.dll - ok
16:28:13.0712 3668 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
16:28:13.0712 3668 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
16:28:13.0712 3668 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
16:28:13.0712 3668 C:\Windows\System32\IDStore.dll - ok
16:28:13.0712 3668 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
16:28:13.0712 3668 C:\Windows\System32\adtschema.dll - ok
16:28:13.0712 3668 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
16:28:13.0712 3668 C:\Windows\System32\MPSSVC.dll - ok
16:28:13.0712 3668 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
16:28:13.0712 3668 C:\Windows\System32\AtBroker.exe - ok
16:28:13.0727 3668 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
16:28:13.0727 3668 C:\Windows\System32\mpr.dll - ok
16:28:13.0727 3668 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
16:28:13.0727 3668 C:\Windows\System32\drivers\fltMgr.sys - ok
16:28:13.0727 3668 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
16:28:13.0727 3668 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
16:28:13.0727 3668 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
16:28:13.0727 3668 C:\Windows\System32\userinit.exe - ok
16:28:13.0743 3668 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
16:28:13.0743 3668 C:\Windows\System32\dwm.exe - ok
16:28:13.0743 3668 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
16:28:13.0743 3668 C:\Windows\System32\dwmredir.dll - ok
16:28:13.0743 3668 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
16:28:13.0743 3668 C:\Windows\System32\PSHED.DLL - ok
16:28:13.0743 3668 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
16:28:13.0743 3668 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
16:28:13.0759 3668 [ AC4C51EB24AA95B77F705AB159189E24 ] C:\Windows\explorer.exe
16:28:13.0759 3668 C:\Windows\explorer.exe - ok
16:28:13.0759 3668 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
16:28:13.0759 3668 C:\Windows\System32\dwmcore.dll - ok
16:28:13.0759 3668 [ D63BEE2A8B22482F7080A8D3F2E1A733 ] C:\Windows\System32\d3d10_1.dll
16:28:13.0759 3668 C:\Windows\System32\d3d10_1.dll - ok
16:28:13.0759 3668 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
16:28:13.0759 3668 C:\Windows\System32\d3d10_1core.dll - ok
16:28:13.0759 3668 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
16:28:13.0759 3668 C:\Windows\System32\dxgi.dll - ok
16:28:13.0774 3668 [ AE1A8F59397193DD7FC8A8DBD3866A89 ] C:\Windows\System32\igd10umd64.dll
16:28:13.0774 3668 C:\Windows\System32\igd10umd64.dll - ok
16:28:13.0774 3668 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
16:28:13.0774 3668 C:\Windows\SysWOW64\shlwapi.dll - ok
16:28:13.0774 3668 [ 1416AB557BE700FA117323B6B8F32882 ] C:\Windows\SysWOW64\iertutil.dll
16:28:13.0774 3668 C:\Windows\SysWOW64\iertutil.dll - ok
16:28:13.0774 3668 [ 862586AD4B1355F7DCDE111EE0AAF350 ] C:\Windows\System32\d3dx10_40.dll
16:28:13.0774 3668 C:\Windows\System32\d3dx10_40.dll - ok
16:28:13.0774 3668 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
16:28:13.0774 3668 C:\Windows\System32\uDWM.dll - ok
16:28:13.0790 3668 [ 814638F572F497D96B17BF254113D9A4 ] C:\Windows\SysWOW64\urlmon.dll
16:28:13.0790 3668 C:\Windows\SysWOW64\urlmon.dll - ok
16:28:13.0790 3668 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
16:28:13.0790 3668 C:\Windows\SysWOW64\ole32.dll - ok
16:28:13.0790 3668 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
16:28:13.0790 3668 C:\Windows\SysWOW64\oleaut32.dll - ok
16:28:13.0790 3668 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
16:28:13.0790 3668 C:\Windows\SysWOW64\imm32.dll - ok
16:28:13.0805 3668 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
16:28:13.0805 3668 C:\Windows\SysWOW64\msctf.dll - ok
16:28:13.0805 3668 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
16:28:13.0805 3668 C:\Windows\SysWOW64\dbghelp.dll - ok
16:28:13.0805 3668 [ B316906B4A04DD39985350D29DE31068 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
16:28:13.0805 3668 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
16:28:13.0805 3668 [ 977C54291BFA6FEE7FF865630E51757B ] C:\Program Files\AVAST Software\Avast\ashServ.dll
16:28:13.0805 3668 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
16:28:13.0805 3668 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
16:28:13.0805 3668 C:\Windows\SysWOW64\cscapi.dll - ok
16:28:13.0821 3668 [ 8CE1A6D16B9077E91E192499EB611C5F ] C:\Windows\SysWOW64\netapi32.dll
16:28:13.0821 3668 C:\Windows\SysWOW64\netapi32.dll - ok
16:28:13.0821 3668 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
16:28:13.0821 3668 C:\Windows\SysWOW64\netutils.dll - ok
16:28:13.0821 3668 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
16:28:13.0821 3668 C:\Windows\SysWOW64\srvcli.dll - ok
16:28:13.0821 3668 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
16:28:13.0821 3668 C:\Windows\SysWOW64\wkscli.dll - ok
16:28:13.0821 3668 [ 6F367A9B88CFDD46F42C1D11E5CB7964 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
16:28:13.0821 3668 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
16:28:13.0837 3668 [ C2434DEA392826C1687D9BD7FA4845BC ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
16:28:13.0837 3668 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
16:28:13.0837 3668 [ CF2ABD2AC91850BC2832078F4EEE95C2 ] C:\Program Files\AVAST Software\Avast\afwCore.dll
16:28:13.0837 3668 C:\Program Files\AVAST Software\Avast\afwCore.dll - ok
16:28:13.0837 3668 [ BC0E07A768A0A14C48E3CE1875F2C377 ] C:\Program Files\AVAST Software\Avast\afwServ.exe
16:28:13.0837 3668 C:\Program Files\AVAST Software\Avast\afwServ.exe - ok
16:28:13.0837 3668 [ 16CE3ED063923253905341C9AF850FE7 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
16:28:13.0837 3668 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
16:28:13.0837 3668 [ 4FF19AC422B7709D786DE58B385C9647 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
16:28:13.0837 3668 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
16:28:13.0852 3668 [ 045EE3DC56B12B404DC07848D8597C66 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
16:28:13.0852 3668 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
16:28:13.0852 3668 [ FCA9CC8611654B790DD6242BF862B7F5 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
16:28:13.0852 3668 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
16:28:13.0852 3668 [ 902F670F58193A2BC30AA342B11B2C7B ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
16:28:13.0852 3668 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
16:28:13.0852 3668 [ 12B9869E74F9E698F550F04F8989C591 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
16:28:13.0852 3668 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
16:28:13.0868 3668 [ F186897E0A3B9D0784041221D0265069 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
16:28:13.0868 3668 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
16:28:13.0868 3668 [ E491A3812A4AEE8C2A5FBD1265BBF701 ] C:\Program Files\AVAST Software\Avast\afwCoreClient.dll
16:28:13.0868 3668 C:\Program Files\AVAST Software\Avast\afwCoreClient.dll - ok
16:28:13.0868 3668 [ D7B3DE60620D5ADA3D75428A845A0F67 ] C:\Program Files\AVAST Software\Avast\afwCoreServ.dll
16:28:13.0868 3668 C:\Program Files\AVAST Software\Avast\afwCoreServ.dll - ok
16:28:13.0868 3668 [ E959C3E026B7C0D0A3890F99B6274536 ] C:\Program Files\AVAST Software\Avast\afwRpc.dll
16:28:13.0868 3668 C:\Program Files\AVAST Software\Avast\afwRpc.dll - ok
16:28:13.0868 3668 [ 264B5D8F4C70A26749FF2CEDDE06BA30 ] C:\Program Files\AVAST Software\Avast\aswDld.dll
16:28:13.0868 3668 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
16:28:13.0883 3668 [ 273FD83FC8C4E12F8C55381674F92A44 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
16:28:13.0883 3668 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
16:28:13.0883 3668 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
16:28:13.0883 3668 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
16:28:13.0883 3668 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
16:28:13.0883 3668 C:\Windows\SysWOW64\rasapi32.dll - ok
16:28:13.0883 3668 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
16:28:13.0883 3668 C:\Windows\SysWOW64\winnsi.dll - ok
16:28:13.0899 3668 [ 90C081738668AC4118B0F397159C7848 ] C:\Program Files\AVAST Software\Avast\afwGeoIP.dll
16:28:13.0899 3668 C:\Program Files\AVAST Software\Avast\afwGeoIP.dll - ok
16:28:13.0899 3668 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
16:28:13.0899 3668 C:\Windows\SysWOW64\cfgmgr32.dll - ok
16:28:13.0899 3668 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
16:28:13.0899 3668 C:\Windows\SysWOW64\rasman.dll - ok
16:28:13.0899 3668 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
16:28:13.0899 3668 C:\Windows\SysWOW64\wtsapi32.dll - ok
16:28:13.0899 3668 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
16:28:13.0899 3668 C:\Windows\System32\shsvcs.dll - ok
16:28:13.0915 3668 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
16:28:13.0915 3668 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
16:28:13.0915 3668 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
16:28:13.0915 3668 C:\Windows\System32\schedsvc.dll - ok
16:28:13.0915 3668 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
16:28:13.0915 3668 C:\Windows\System32\ktmw32.dll - ok
16:28:13.0915 3668 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
16:28:13.0915 3668 C:\Windows\SysWOW64\wscapi.dll - ok
16:28:13.0915 3668 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
16:28:13.0915 3668 C:\Windows\SysWOW64\wscisvif.dll - ok
16:28:13.0930 3668 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
16:28:13.0930 3668 C:\Windows\System32\fveapi.dll - ok
16:28:13.0930 3668 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
16:28:13.0930 3668 C:\Windows\System32\fvecerts.dll - ok
16:28:13.0930 3668 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
16:28:13.0930 3668 C:\Windows\System32\tbs.dll - ok
16:28:13.0930 3668 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
16:28:13.0930 3668 C:\Windows\System32\wiarpc.dll - ok
16:28:13.0930 3668 [ 9184FA2B677CBF2F8E26098980E47304 ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswEngin.dll
16:28:13.0930 3668 C:\Program Files\AVAST Software\Avast\defs\12121301\aswEngin.dll - ok
16:28:13.0946 3668 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
16:28:13.0946 3668 C:\Windows\System32\taskcomp.dll - ok
16:28:13.0946 3668 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
16:28:13.0946 3668 C:\Windows\System32\drivers\http.sys - ok
16:28:13.0946 3668 [ B96C17B5DC1424D56EEA3A99E97428CD ] C:\Windows\System32\spoolsv.exe
16:28:13.0946 3668 C:\Windows\System32\spoolsv.exe - ok
16:28:13.0946 3668 [ A94AF354E4EA9C835DCF3E60EC75911C ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswCmnOS.dll
16:28:13.0946 3668 C:\Program Files\AVAST Software\Avast\defs\12121301\aswCmnOS.dll - ok
16:28:13.0946 3668 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
16:28:13.0946 3668 C:\Windows\System32\taskhost.exe - ok
16:28:13.0961 3668 [ F8AC522C1DAEED05BDA7C0E4E394BCD7 ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswCmnIS.dll
16:28:13.0961 3668 C:\Program Files\AVAST Software\Avast\defs\12121301\aswCmnIS.dll - ok
16:28:13.0961 3668 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
16:28:13.0961 3668 C:\Windows\System32\BFE.DLL - ok
16:28:13.0961 3668 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
16:28:13.0961 3668 C:\Windows\System32\PlaySndSrv.dll - ok
16:28:13.0961 3668 [ 1E7EAFF858538C516D7358C360605E3A ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswCmnBS.dll
16:28:13.0961 3668 C:\Program Files\AVAST Software\Avast\defs\12121301\aswCmnBS.dll - ok
16:28:13.0961 3668 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
16:28:13.0961 3668 C:\Windows\System32\drivers\bowser.sys - ok
16:28:13.0977 3668 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
16:28:13.0977 3668 C:\Windows\System32\drivers\mpsdrv.sys - ok
16:28:13.0977 3668 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
16:28:13.0977 3668 C:\Windows\System32\drivers\mrxsmb.sys - ok
16:28:13.0977 3668 [ 2E929D6CF669AEF225552EEA9BE7E150 ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswScan.dll
16:28:13.0977 3668 C:\Program Files\AVAST Software\Avast\defs\12121301\aswScan.dll - ok
16:28:13.0977 3668 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
16:28:13.0977 3668 C:\Windows\System32\drivers\mrxsmb10.sys - ok
16:28:13.0993 3668 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
16:28:13.0993 3668 C:\Windows\System32\drivers\mrxsmb20.sys - ok
16:28:13.0993 3668 [ 1752EE915B9003E1FD1FFB4DE63E538B ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswRep.dll
16:28:13.0993 3668 C:\Program Files\AVAST Software\Avast\defs\12121301\aswRep.dll - ok
16:28:13.0993 3668 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
16:28:13.0993 3668 C:\Windows\System32\wkssvc.dll - ok
16:28:13.0993 3668 [ 581D88B25C4D4121824FED2CA38E562F ] C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
16:28:13.0993 3668 C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE - ok
16:28:13.0993 3668 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
16:28:13.0993 3668 C:\Windows\System32\MsCtfMonitor.dll - ok
16:28:14.0008 3668 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
16:28:14.0008 3668 C:\Windows\System32\msutb.dll - ok
16:28:14.0008 3668 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
16:28:14.0008 3668 C:\Windows\System32\wfapigp.dll - ok
16:28:14.0008 3668 [ CE7828A0EA430338BBCFFC6914462BAA ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswFiDb.dll
16:28:14.0008 3668 C:\Program Files\AVAST Software\Avast\defs\12121301\aswFiDb.dll - ok
16:28:14.0008 3668 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:28:14.0008 3668 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
16:28:14.0008 3668 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
16:28:14.0008 3668 C:\Windows\System32\HotStartUserAgent.dll - ok
16:28:14.0024 3668 [ 16AB4BD2ACC52109F43739BF0E89E18F ] C:\Windows\SysWOW64\shell32.dll
16:28:14.0024 3668 C:\Windows\SysWOW64\shell32.dll - ok
16:28:14.0024 3668 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
16:28:14.0024 3668 C:\Windows\System32\mscms.dll - ok
16:28:14.0024 3668 [ EA0D0017CF061990B9D90FEBBA2C948F ] C:\Program Files\AVAST Software\Avast\defs\12121301\algo.dll
16:28:14.0024 3668 C:\Program Files\AVAST Software\Avast\defs\12121301\algo.dll - ok
16:28:14.0024 3668 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
16:28:14.0024 3668 C:\Windows\System32\taskeng.exe - ok
16:28:14.0024 3668 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
16:28:14.0024 3668 C:\Windows\System32\pcasvc.dll - ok
16:28:14.0039 3668 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
16:28:14.0039 3668 C:\Windows\System32\winmm.dll - ok
16:28:14.0039 3668 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
16:28:14.0039 3668 C:\Windows\System32\snmptrap.exe - ok
16:28:14.0039 3668 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
16:28:14.0039 3668 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
16:28:14.0039 3668 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
16:28:14.0039 3668 C:\Windows\System32\TSChannel.dll - ok
16:28:14.0039 3668 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
16:28:14.0039 3668 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
16:28:14.0055 3668 [ E6019253451DBB67740F7027AD9E1CB5 ] C:\Program Files (x86)\real\RealUpgrade\realupgrade.exe
16:28:14.0055 3668 C:\Program Files (x86)\real\RealUpgrade\realupgrade.exe - ok
16:28:14.0055 3668 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
16:28:14.0055 3668 C:\Windows\System32\sstpsvc.dll - ok
16:28:14.0055 3668 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
16:28:14.0055 3668 C:\Windows\System32\provsvc.dll - ok
16:28:14.0055 3668 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:28:14.0055 3668 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
16:28:14.0071 3668 [ CEBE7C43277E5CC8120A0E99C27CFEC6 ] C:\Program Files\AVAST Software\Avast\defs\12121301\fwAux.dll
16:28:14.0071 3668 C:\Program Files\AVAST Software\Avast\defs\12121301\fwAux.dll - ok
16:28:14.0071 3668 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
16:28:14.0071 3668 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
16:28:14.0071 3668 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
16:28:14.0071 3668 C:\Windows\System32\ExplorerFrame.dll - ok
16:28:14.0071 3668 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
16:28:14.0071 3668 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
16:28:14.0071 3668 [ 454E292861A4EF1D72F43F42BBAF6917 ] C:\Windows\SysWOW64\crypt32.dll
16:28:14.0071 3668 C:\Windows\SysWOW64\crypt32.dll - ok
16:28:14.0086 3668 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
16:28:14.0086 3668 C:\Windows\SysWOW64\profapi.dll - ok
16:28:14.0086 3668 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
16:28:14.0086 3668 C:\Windows\SysWOW64\uxtheme.dll - ok
16:28:14.0086 3668 [ 3F994A6CF62AA8ED7B82CBE8AD7BE810 ] C:\Program Files (x86)\real\RealUpgrade\Common\hxmedpltfm.dll
16:28:14.0086 3668 C:\Program Files (x86)\real\RealUpgrade\Common\hxmedpltfm.dll - ok
16:28:14.0086 3668 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
16:28:14.0086 3668 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
16:28:14.0086 3668 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
16:28:14.0086 3668 C:\Windows\SysWOW64\msasn1.dll - ok
16:28:14.0102 3668 [ 2D0D2DA87BEA7144F2A17F19D0D17E4C ] C:\Windows\SysWOW64\wintrust.dll
16:28:14.0102 3668 C:\Windows\SysWOW64\wintrust.dll - ok
16:28:14.0102 3668 [ B9B98E08EC127900025F42462D3D0A66 ] C:\Program Files (x86)\Common Files\Akamai\netsession_win_ce5ba24.dll
16:28:14.0102 3668 C:\Program Files (x86)\Common Files\Akamai\netsession_win_ce5ba24.dll - ok
16:28:14.0102 3668 [ 15597883FBE9B056F276ADA3AD87D9AF ] C:\Windows\System32\cryptsvc.dll
16:28:14.0102 3668 C:\Windows\System32\cryptsvc.dll - ok
16:28:14.0102 3668 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
16:28:14.0102 3668 C:\Windows\System32\dps.dll - ok
16:28:14.0117 3668 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
16:28:14.0117 3668 C:\Windows\System32\IKEEXT.DLL - ok
16:28:14.0117 3668 [ F6963E48385A5637FC4E51DC0F8234A0 ] C:\Windows\System32\spool\drivers\x64\3\lxebserv.exe
16:28:14.0117 3668 C:\Windows\System32\spool\drivers\x64\3\lxebserv.exe - ok
16:28:14.0117 3668 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
16:28:14.0117 3668 C:\Windows\SysWOW64\svchost.exe - ok
16:28:14.0117 3668 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
16:28:14.0117 3668 C:\Windows\System32\taskschd.dll - ok
16:28:14.0117 3668 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
16:28:14.0117 3668 C:\Windows\System32\vssapi.dll - ok
16:28:14.0133 3668 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
16:28:14.0133 3668 C:\Windows\System32\vpnikeapi.dll - ok
16:28:14.0133 3668 [ B2FD31E20B423335FE3273B4BF95813C ] C:\Windows\SysWOW64\imagehlp.dll
16:28:14.0133 3668 C:\Windows\SysWOW64\imagehlp.dll - ok
16:28:14.0133 3668 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
16:28:14.0133 3668 C:\Windows\SysWOW64\setupapi.dll - ok
16:28:14.0133 3668 [ 0CE4D3BD306DA6D1F6F233C403F5B667 ] C:\Windows\SysWOW64\msi.dll
16:28:14.0133 3668 C:\Windows\SysWOW64\msi.dll - ok
16:28:14.0133 3668 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
16:28:14.0133 3668 C:\Windows\SysWOW64\pdh.dll - ok
16:28:14.0149 3668 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
16:28:14.0149 3668 C:\Windows\SysWOW64\winhttp.dll - ok
16:28:14.0149 3668 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
16:28:14.0149 3668 C:\Windows\SysWOW64\devobj.dll - ok
16:28:14.0149 3668 [ 02C61D8AD469417F5508225C75DE3236 ] C:\Windows\SysWOW64\webio.dll
16:28:14.0149 3668 C:\Windows\SysWOW64\webio.dll - ok
16:28:14.0149 3668 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
16:28:14.0149 3668 C:\Windows\SysWOW64\userenv.dll - ok
16:28:14.0149 3668 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
16:28:14.0149 3668 C:\Windows\SysWOW64\logoncli.dll - ok
16:28:14.0164 3668 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
16:28:14.0164 3668 C:\Windows\SysWOW64\ntmarta.dll - ok
16:28:14.0164 3668 [ 867C93CE4B4CCFCDE65CE48A769CD227 ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
16:28:14.0164 3668 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
16:28:14.0164 3668 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
16:28:14.0164 3668 C:\Windows\SysWOW64\Wldap32.dll - ok
16:28:14.0164 3668 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
16:28:14.0164 3668 C:\Windows\SysWOW64\apphelp.dll - ok
16:28:14.0180 3668 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
16:28:14.0180 3668 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
16:28:14.0180 3668 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
16:28:14.0180 3668 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
16:28:14.0180 3668 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
16:28:14.0180 3668 C:\Windows\SysWOW64\clbcatq.dll - ok
16:28:14.0180 3668 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
16:28:14.0180 3668 C:\Windows\SysWOW64\mstask.dll - ok
16:28:14.0180 3668 [ A8CE0C7F1D37E0B8082608A148B6B976 ] C:\Windows\SysWOW64\secur32.dll
16:28:14.0180 3668 C:\Windows\SysWOW64\secur32.dll - ok
16:28:14.0195 3668 [ D025E95247353BA8ADB53CFF3A4E5BBB ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
16:28:14.0195 3668 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
16:28:14.0195 3668 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
16:28:14.0195 3668 C:\Windows\SysWOW64\fltLib.dll - ok
16:28:14.0195 3668 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
16:28:14.0195 3668 C:\Windows\SysWOW64\winsta.dll - ok
16:28:14.0195 3668 [ 9C09AF87AC7351985AB5FFBA3FC52575 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
16:28:14.0195 3668 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
16:28:14.0211 3668 [ 27DB3CEB88A1EF2BE1E193A05964973C ] C:\Program Files (x86)\real\RealUpgrade\Plugins\upgrade.dll
16:28:14.0211 3668 C:\Program Files (x86)\real\RealUpgrade\Plugins\upgrade.dll - ok
16:28:14.0211 3668 [ 66C0AEE61D1C5C35BF1B4642A153B114 ] C:\Windows\SysWOW64\mshtml.dll
16:28:14.0211 3668 C:\Windows\SysWOW64\mshtml.dll - ok
16:28:14.0211 3668 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
16:28:14.0211 3668 C:\Windows\System32\cscapi.dll - ok
16:28:14.0211 3668 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
16:28:14.0211 3668 C:\Windows\System32\dbghelp.dll - ok
16:28:14.0211 3668 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
16:28:14.0211 3668 C:\Windows\System32\vsstrace.dll - ok
16:28:14.0227 3668 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
16:28:14.0227 3668 C:\Windows\SysWOW64\credssp.dll - ok
16:28:14.0227 3668 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
16:28:14.0227 3668 C:\Windows\SysWOW64\cryptsp.dll - ok
16:28:14.0227 3668 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
16:28:14.0227 3668 C:\Windows\SysWOW64\security.dll - ok
16:28:14.0227 3668 [ E844C96552989FA1ECA95778583A904C ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
16:28:14.0227 3668 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
16:28:14.0227 3668 [ 17F5861A03516864A5F4CC04C7324278 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
16:28:14.0227 3668 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
16:28:14.0242 3668 [ 8BEC10C53E927CD5E442FE332804F1AC ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
16:28:14.0242 3668 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
16:28:14.0242 3668 [ 9B2F20ECF609EDF54FEC43E792028261 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
16:28:14.0242 3668 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
16:28:14.0242 3668 [ 857661F2E5A677CFB6D3B2CF6E428227 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
16:28:14.0242 3668 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
16:28:14.0242 3668 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
16:28:14.0242 3668 C:\Windows\SysWOW64\dnsapi.dll - ok
16:28:14.0258 3668 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
16:28:14.0258 3668 C:\Windows\SysWOW64\msv1_0.dll - ok
16:28:14.0258 3668 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
16:28:14.0258 3668 C:\Windows\SysWOW64\cryptdll.dll - ok
16:28:14.0258 3668 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
16:28:14.0258 3668 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
16:28:14.0258 3668 [ 3BF018E23487F3E837845AD8DD9129DC ] C:\Windows\System32\lxebcoms.exe
16:28:14.0258 3668 C:\Windows\System32\lxebcoms.exe - ok
16:28:14.0258 3668 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
16:28:14.0258 3668 C:\Windows\System32\winspool.drv - ok
16:28:14.0273 3668 [ 6A16BCE3C09496650BE881C467611653 ] C:\Windows\System32\msi.dll
16:28:14.0273 3668 C:\Windows\System32\msi.dll - ok
16:28:14.0273 3668 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
16:28:14.0273 3668 C:\Windows\System32\EhStorShell.dll - ok
16:28:14.0273 3668 [ 7BBF670114373CE6A203FA155A9E0D0A ] C:\Windows\System32\ntshrui.dll
16:28:14.0273 3668 C:\Windows\System32\ntshrui.dll - ok
16:28:14.0273 3668 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
16:28:14.0273 3668 C:\Windows\System32\IconCodecService.dll - ok
16:28:14.0273 3668 [ 32C5DF01878550F320CDAB8645700BC8 ] C:\Windows\System32\lxebserv.dll
16:28:14.0273 3668 C:\Windows\System32\lxebserv.dll - ok
16:28:14.0289 3668 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
16:28:14.0289 3668 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe - ok
16:28:14.0289 3668 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
16:28:14.0289 3668 C:\Windows\System32\aepic.dll - ok
16:28:14.0289 3668 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
16:28:14.0289 3668 C:\Windows\System32\netman.dll - ok
16:28:14.0289 3668 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
16:28:14.0289 3668 C:\Windows\System32\sfc.dll - ok
16:28:14.0289 3668 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
16:28:14.0289 3668 C:\Windows\System32\sfc_os.dll - ok
16:28:14.0305 3668 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
16:28:14.0305 3668 C:\Windows\System32\aeevts.dll - ok
16:28:14.0305 3668 [ D381E5F2003A550D9BE774CE7DF2E2E7 ] C:\Windows\System32\lxebinpa.dll
16:28:14.0305 3668 C:\Windows\System32\lxebinpa.dll - ok
16:28:14.0305 3668 [ 4187264E696698CE1FB7081EDDF9A6F2 ] C:\Program Files\AVAST Software\Avast\AhResSPM.dll
16:28:14.0305 3668 C:\Program Files\AVAST Software\Avast\AhResSPM.dll - ok
16:28:14.0305 3668 [ 2466ED58B8EFB3320BCA73ACF8179D24 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
16:28:14.0305 3668 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
16:28:14.0305 3668 [ 5C7FFCCA7489AD7F4980F4ABB0A6A9DC ] C:\Windows\System32\lxebiesc.dll
16:28:14.0305 3668 C:\Windows\System32\lxebiesc.dll - ok
16:28:14.0320 3668 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
16:28:14.0320 3668 C:\Windows\System32\nlasvc.dll - ok
16:28:14.0320 3668 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
16:28:14.0320 3668 C:\Windows\System32\ncsi.dll - ok
16:28:14.0320 3668 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
16:28:14.0320 3668 C:\Windows\System32\winhttp.dll - ok
16:28:14.0320 3668 [ 88104CCBC329D185A881031A11259229 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccL90U.dll
16:28:14.0320 3668 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccL90U.dll - ok
16:28:14.0336 3668 [ BC9489DF517C426D4044D99F14449134 ] C:\Windows\System32\webio.dll
16:28:14.0336 3668 C:\Windows\System32\webio.dll - ok
16:28:14.0336 3668 [ 0921ED273D89BA9778437ECD26B6A78A ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccVrTrst.dll
16:28:14.0336 3668 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccVrTrst.dll - ok
16:28:14.0336 3668 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
16:28:14.0336 3668 C:\Windows\System32\drivers\PEAuth.sys - ok
16:28:14.0336 3668 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
16:28:14.0336 3668 C:\Windows\System32\drivers\secdrv.sys - ok
16:28:14.0336 3668 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
16:28:14.0336 3668 C:\Windows\System32\seclogon.dll - ok
16:28:14.0351 3668 [ C6CC9297BD53E5229653303E556AA539 ] C:\Windows\System32\drivers\Sftfslh.sys
16:28:14.0351 3668 C:\Windows\System32\drivers\Sftfslh.sys - ok
16:28:14.0351 3668 [ C20FF1A17726C357461A7AC5B3BFC3AD ] C:\Windows\SysWOW64\ncrypt.dll
16:28:14.0351 3668 C:\Windows\SysWOW64\ncrypt.dll - ok
16:28:14.0351 3668 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
16:28:14.0351 3668 C:\Windows\SysWOW64\rsaenh.dll - ok
16:28:14.0351 3668 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
16:28:14.0351 3668 C:\Windows\SysWOW64\bcrypt.dll - ok
16:28:14.0351 3668 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
16:28:14.0351 3668 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
16:28:14.0367 3668 [ 4050600091370422C9B20AC34DC1ACAC ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvc.dll
16:28:14.0367 3668 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvc.dll - ok
16:28:14.0367 3668 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
16:28:14.0367 3668 C:\Windows\System32\ssdpapi.dll - ok
16:28:14.0367 3668 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
16:28:14.0367 3668 C:\Windows\SysWOW64\gpapi.dll - ok
16:28:14.0367 3668 [ 6ECE65F3C2BAC3D2514F12EE913980EC ] C:\Windows\System32\lxebusb1.dll
16:28:14.0367 3668 C:\Windows\System32\lxebusb1.dll - ok
16:28:14.0367 3668 [ CD6B3A4B1D1909B05616D5D20209825F ] C:\Windows\System32\lxebhbn3.dll
16:28:14.0367 3668 C:\Windows\System32\lxebhbn3.dll - ok
16:28:14.0383 3668 [ B3E20079B7719ADD343DC3238292D9A5 ] C:\Windows\System32\LXEBhcp.dll
16:28:14.0383 3668 C:\Windows\System32\LXEBhcp.dll - ok
16:28:14.0383 3668 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
16:28:14.0383 3668 C:\Windows\SysWOW64\taskschd.dll - ok
16:28:14.0383 3668 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
16:28:14.0383 3668 C:\Windows\System32\NapiNSP.dll - ok
16:28:14.0383 3668 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
16:28:14.0383 3668 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
16:28:14.0398 3668 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
16:28:14.0398 3668 C:\Windows\System32\pnrpnsp.dll - ok
16:28:14.0398 3668 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
16:28:14.0398 3668 C:\Windows\System32\winrnr.dll - ok
16:28:14.0398 3668 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
16:28:14.0398 3668 C:\Windows\System32\rasadhlp.dll - ok
16:28:14.0398 3668 [ C3CDDD18F43D44AB713CF8C4916F7696 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:28:14.0398 3668 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
16:28:14.0398 3668 [ 390AA7BC52CEE43F6790CDEA1E776703 ] C:\Windows\System32\drivers\Sftplaylh.sys
16:28:14.0398 3668 C:\Windows\System32\drivers\Sftplaylh.sys - ok
16:28:14.0414 3668 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
16:28:14.0414 3668 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
16:28:14.0414 3668 [ 0F97E7A47A52F4A36969F0FC319654C2 ] C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:28:14.0414 3668 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok
16:28:14.0414 3668 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
16:28:14.0414 3668 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
16:28:14.0414 3668 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
16:28:14.0414 3668 C:\Windows\System32\drivers\srvnet.sys - ok
16:28:14.0429 3668 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
16:28:14.0429 3668 C:\Windows\System32\httpapi.dll - ok
16:28:14.0429 3668 [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
16:28:14.0429 3668 C:\Windows\System32\drivers\tcpipreg.sys - ok
16:28:14.0429 3668 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] C:\Windows\System32\TODDSrv.exe
16:28:14.0429 3668 C:\Windows\System32\TODDSrv.exe - ok
16:28:14.0429 3668 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
16:28:14.0429 3668 C:\Windows\System32\tapisrv.dll - ok
16:28:14.0445 3668 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
16:28:14.0445 3668 C:\Windows\System32\wiaservc.dll - ok
16:28:14.0445 3668 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
16:28:14.0445 3668 C:\Windows\System32\wiatrace.dll - ok
16:28:14.0445 3668 [ 1C73689B900428C7D054A41C4687F55C ] C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
16:28:14.0445 3668 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe - ok
16:28:14.0461 3668 [ 09A06ECC3CE3048B17F25F75ACC63D14 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccIPC.dll
16:28:14.0461 3668 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccIPC.dll - ok
16:28:14.0461 3668 [ 04D16553664796613FE98D441A0C35D7 ] C:\Windows\SysWOW64\cryptnet.dll
16:28:14.0461 3668 C:\Windows\SysWOW64\cryptnet.dll - ok
16:28:14.0476 3668 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
16:28:14.0476 3668 C:\Windows\SysWOW64\SensApi.dll - ok
16:28:14.0476 3668 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
16:28:14.0476 3668 C:\Windows\System32\sysmain.dll - ok
16:28:14.0492 3668 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
16:28:14.0492 3668 C:\Windows\SysWOW64\cabinet.dll - ok
16:28:14.0492 3668 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
16:28:14.0492 3668 C:\Windows\SysWOW64\devrtl.dll - ok
16:28:14.0492 3668 [ 725E8022808C6B92D99EF36F2E9FCE02 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\diMaster.dll
16:28:14.0492 3668 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\diMaster.dll - ok
16:28:14.0492 3668 [ 5D9550E02D981B92B133E5F8F7BDF8D2 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
16:28:14.0492 3668 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
16:28:14.0507 3668 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\AVAST Software\Avast\defs\12121301\ArPot.dll
16:28:14.0507 3668 C:\Program Files\AVAST Software\Avast\defs\12121301\ArPot.dll - ok
16:28:14.0507 3668 [ 1ABFFB6ABE8B70EDA4206F0F3D3D72F4 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
16:28:14.0507 3668 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
16:28:14.0507 3668 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\AVAST Software\Avast\defs\12121301\exts.dll
16:28:14.0507 3668 C:\Program Files\AVAST Software\Avast\defs\12121301\exts.dll - ok
16:28:14.0507 3668 [ 39EADCAA61372C038BCFED96DF5323DA ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
16:28:14.0507 3668 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
16:28:14.0507 3668 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
16:28:14.0507 3668 C:\Windows\SysWOW64\mswsock.dll - ok
16:28:14.0523 3668 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
16:28:14.0523 3668 C:\Windows\SysWOW64\NapiNSP.dll - ok
16:28:14.0523 3668 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll
16:28:14.0523 3668 C:\Windows\SysWOW64\nlaapi.dll - ok
16:28:14.0523 3668 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
16:28:14.0523 3668 C:\Windows\SysWOW64\pnrpnsp.dll - ok
16:28:14.0523 3668 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
16:28:14.0523 3668 C:\Windows\SysWOW64\winrnr.dll - ok
16:28:14.0539 3668 [ 2B61F6766CAE1125C00DD9DDD268D876 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSet.dll
16:28:14.0539 3668 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSet.dll - ok
16:28:14.0539 3668 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
16:28:14.0539 3668 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
16:28:14.0554 3668 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
16:28:14.0554 3668 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
16:28:14.0554 3668 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
16:28:14.0554 3668 C:\Windows\SysWOW64\rasadhlp.dll - ok
16:28:14.0585 3668 [ 26BA928D3FBA2A12589A8A9B1A47FB08 ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswAR.dll
16:28:14.0585 3668 C:\Program Files\AVAST Software\Avast\defs\12121301\aswAR.dll - ok
16:28:14.0585 3668 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
16:28:14.0585 3668 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
16:28:14.0585 3668 [ 96386E75BCFED6F339BE01359D6CBFAF ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
16:28:14.0585 3668 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
16:28:14.0617 3668 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswRawFS.dll
16:28:14.0617 3668 C:\Program Files\AVAST Software\Avast\defs\12121301\aswRawFS.dll - ok
16:28:14.0617 3668 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
16:28:14.0632 3668 C:\Windows\SysWOW64\wship6.dll - ok
16:28:14.0632 3668 [ 2604B56B92A344B7ED66BEF4AFE8AD3A ] C:\Program Files\AVAST Software\Avast\aswSpam.dll
16:28:14.0632 3668 C:\Program Files\AVAST Software\Avast\aswSpam.dll - ok
16:28:14.0632 3668 [ 3EAE925DCD7D2704982BBCA4DC7EAE7E ] C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll
16:28:14.0632 3668 C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll - ok
16:28:14.0632 3668 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
16:28:14.0632 3668 C:\Windows\SysWOW64\wbemcomn.dll - ok
16:28:14.0648 3668 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
16:28:14.0648 3668 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
16:28:14.0648 3668 [ C363295621BF0CD8C2E05D62DBBE1A8C ] C:\Program Files\AVAST Software\Avast\winspamcatcher.dll
16:28:14.0648 3668 C:\Program Files\AVAST Software\Avast\winspamcatcher.dll - ok
16:28:14.0663 3668 [ 893F8E81D1117C48CB9D6E9E5F64BAB1 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
16:28:14.0663 3668 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
16:28:14.0663 3668 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
16:28:14.0663 3668 C:\Windows\SysWOW64\comdlg32.dll - ok
16:28:14.0663 3668 [ D1103CFC8D7EA09ED22536EC301603F9 ] C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll
16:28:14.0663 3668 C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll - ok
16:28:14.0679 3668 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
16:28:14.0679 3668 C:\Windows\SysWOW64\winspool.drv - ok
16:28:14.0679 3668 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
16:28:14.0679 3668 C:\Windows\SysWOW64\powrprof.dll - ok
16:28:14.0679 3668 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
16:28:14.0679 3668 C:\Windows\SysWOW64\msimg32.dll - ok
16:28:14.0679 3668 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
16:28:14.0679 3668 C:\Windows\SysWOW64\oledlg.dll - ok
16:28:14.0679 3668 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
16:28:14.0679 3668 C:\Windows\SysWOW64\winmm.dll - ok
16:28:14.0695 3668 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
16:28:14.0695 3668 C:\Windows\AppPatch\AcGenral.dll - ok
16:28:14.0695 3668 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
16:28:14.0695 3668 C:\Windows\SysWOW64\dwmapi.dll - ok
16:28:14.0695 3668 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
16:28:14.0695 3668 C:\Windows\SysWOW64\mpr.dll - ok
16:28:14.0695 3668 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
16:28:14.0695 3668 C:\Windows\SysWOW64\msacm32.dll - ok
16:28:14.0710 3668 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
16:28:14.0710 3668 C:\Windows\SysWOW64\samcli.dll - ok
16:28:14.0710 3668 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
16:28:14.0710 3668 C:\Windows\SysWOW64\sfc.dll - ok
16:28:14.0741 3668 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
16:28:14.0741 3668 C:\Windows\SysWOW64\sfc_os.dll - ok
16:28:14.0741 3668 [ DF5246F51E8557E20D40B3641CAE57B7 ] C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll
16:28:14.0741 3668 C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll - ok
16:28:14.0741 3668 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
16:28:14.0741 3668 C:\Windows\System32\trkwks.dll - ok
16:28:14.0757 3668 [ 7BF5EA753D4CC056B9462A02AC51B160 ] C:\Windows\SysWOW64\xmllite.dll
16:28:14.0757 3668 C:\Windows\SysWOW64\xmllite.dll - ok
16:28:14.0757 3668 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
16:28:14.0757 3668 C:\Windows\SysWOW64\rtutils.dll - ok
16:28:14.0757 3668 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
16:28:14.0757 3668 C:\Windows\SysWOW64\netprofm.dll - ok
16:28:14.0757 3668 [ 5B465C535EA4F73C4B14A1320B8CA5F8 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccJobMgr.dll
16:28:14.0757 3668 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccJobMgr.dll - ok
16:28:14.0773 3668 [ 9392C25DEEDA9A79FDBF6559D47EAB1F ] C:\Program Files\AVAST Software\Avast\snxhk64.dll
16:28:14.0773 3668 C:\Program Files\AVAST Software\Avast\snxhk64.dll - ok
16:28:14.0773 3668 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:28:14.0773 3668 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
16:28:14.0804 3668 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
16:28:14.0804 3668 C:\Windows\System32\wbem\WMIsvc.dll - ok
16:28:14.0819 3668 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
16:28:14.0819 3668 C:\Program Files\Windows Defender\MpSvc.dll - ok
16:28:14.0819 3668 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
16:28:14.0819 3668 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
16:28:14.0835 3668 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
16:28:14.0835 3668 C:\Windows\System32\SensApi.dll - ok
16:28:14.0835 3668 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
16:28:14.0835 3668 C:\Windows\System32\wbemcomn.dll - ok
16:28:14.0851 3668 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
16:28:14.0851 3668 C:\Windows\System32\wbem\fastprox.dll - ok
16:28:14.0851 3668 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
16:28:14.0851 3668 C:\Windows\System32\wbem\WinMgmtR.dll - ok
16:28:14.0866 3668 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
16:28:14.0866 3668 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
16:28:14.0866 3668 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
16:28:14.0866 3668 C:\Windows\System32\wer.dll - ok
16:28:14.0866 3668 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
16:28:14.0866 3668 C:\Windows\System32\ntdsapi.dll - ok
16:28:14.0882 3668 [ 13693B6354DD6E72DC5131DA7D764B90 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:28:14.0882 3668 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
16:28:14.0882 3668 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
16:28:14.0882 3668 C:\Windows\System32\wbem\wbemprox.dll - ok
16:28:14.0897 3668 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
16:28:14.0897 3668 C:\Program Files\Windows Defender\MpClient.dll - ok
16:28:14.0897 3668 [ 079FD1D59EAD19270C979AF174D881A3 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
16:28:14.0897 3668 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
16:28:14.0929 3668 [ 022B05CEE68D7826A93AEDB4F1EB369E ] C:\Windows\System32\msxml3.dll
16:28:14.0929 3668 C:\Windows\System32\msxml3.dll - ok
16:28:14.0929 3668 [ 6177E1A8F215576A56D437B48A00848B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
16:28:14.0929 3668 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
16:28:14.0929 3668 [ D79D3EABD4730970770EFA530D094E0F ] C:\Program Files\AVAST Software\Avast\snxhk.dll
16:28:14.0929 3668 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
16:28:14.0944 3668 [ 295E1F2BC1AFDAFD98FF426BCE524BA9 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
16:28:14.0944 3668 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
16:28:14.0944 3668 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
16:28:14.0960 3668 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
16:28:14.0960 3668 [ A733CC986EB51F8FBF598B981DC19FBA ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
16:28:14.0960 3668 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
16:28:14.0960 3668 [ 32BFCF1CA719F2A3A31C721BD5F90303 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
16:28:14.0960 3668 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
16:28:14.0960 3668 [ 40EE4E67311F4019CCA2120D88C60576 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
16:28:14.0960 3668 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
16:28:14.0960 3668 [ 09AB81CEE443569D9A3CC151DDF70444 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
16:28:14.0960 3668 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
16:28:14.0975 3668 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
16:28:14.0975 3668 C:\Windows\System32\drivers\srv2.sys - ok
16:28:14.0975 3668 [ D63F0353F632FB1EDE724173BE6DB5B5 ] C:\Windows\System32\esent.dll
16:28:14.0975 3668 C:\Windows\System32\esent.dll - ok
16:28:14.0975 3668 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58 ] C:\Program Files\TOSHIBA\TECO\TecoService.exe
16:28:14.0975 3668 C:\Program Files\TOSHIBA\TECO\TecoService.exe - ok
16:28:14.0975 3668 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
16:28:14.0975 3668 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
16:28:14.0991 3668 [ 617E29A0B0A2807466560D4C4E338D3E ] C:\Windows\System32\drivers\Sftredirlh.sys
16:28:14.0991 3668 C:\Windows\System32\drivers\Sftredirlh.sys - ok
16:28:14.0991 3668 [ 135F7AC9BE35AB1DF727FAF2E60E92F8 ] C:\Windows\SysWOW64\schannel.dll
16:28:14.0991 3668 C:\Windows\SysWOW64\schannel.dll - ok
16:28:14.0991 3668 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
16:28:14.0991 3668 C:\Windows\System32\dssenh.dll - ok
16:28:14.0991 3668 [ F9C8015C85E7A8CC5513A3AD1CA0ABDC ] C:\Program Files\TOSHIBA\TECO\TecoHci.dll
16:28:14.0991 3668 C:\Program Files\TOSHIBA\TECO\TecoHci.dll - ok
16:28:14.0991 3668 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
16:28:14.0991 3668 C:\Windows\System32\wbem\esscli.dll - ok
16:28:15.0007 3668 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
16:28:15.0007 3668 C:\Windows\System32\wbem\wbemcore.dll - ok
16:28:15.0007 3668 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
16:28:15.0007 3668 C:\Windows\System32\rasmans.dll - ok
16:28:15.0007 3668 [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
16:28:15.0007 3668 C:\Windows\System32\iphlpsvc.dll - ok
16:28:15.0007 3668 [ C92C6145D2C44C4259C22228B24411F2 ] C:\Program Files\TOSHIBA\TECO\TecoPower.dll
16:28:15.0007 3668 C:\Program Files\TOSHIBA\TECO\TecoPower.dll - ok
16:28:15.0007 3668 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
16:28:15.0007 3668 C:\Windows\System32\drivers\srv.sys - ok
16:28:15.0022 3668 [ 269D867585CDA04D3972A39F3694E7DF ] C:\Windows\SysWOW64\msxml6.dll
16:28:15.0022 3668 C:\Windows\SysWOW64\msxml6.dll - ok
16:28:15.0022 3668 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
16:28:15.0022 3668 C:\Windows\System32\sqmapi.dll - ok
16:28:15.0022 3668 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
16:28:15.0022 3668 C:\Windows\System32\wdscore.dll - ok
16:28:15.0022 3668 [ 8EF0D5C41EC907751B8429162B1239ED ] C:\Windows\System32\browser.dll
16:28:15.0022 3668 C:\Windows\System32\browser.dll - ok
16:28:15.0022 3668 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
16:28:15.0022 3668 C:\Windows\System32\srvsvc.dll - ok
16:28:15.0038 3668 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
16:28:15.0038 3668 C:\Windows\System32\wbem\wbemsvc.dll - ok
16:28:15.0038 3668 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
16:28:15.0038 3668 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
16:28:15.0038 3668 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
16:28:15.0038 3668 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
16:28:15.0038 3668 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
16:28:15.0038 3668 C:\Windows\System32\rastapi.dll - ok
16:28:15.0053 3668 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
16:28:15.0053 3668 C:\Windows\System32\tapi32.dll - ok
16:28:15.0053 3668 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
16:28:15.0053 3668 C:\Windows\System32\wbem\wmiutils.dll - ok
16:28:15.0053 3668 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
16:28:15.0053 3668 C:\Windows\System32\netmsg.dll - ok
16:28:15.0053 3668 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
16:28:15.0053 3668 C:\Windows\SysWOW64\ntdsapi.dll - ok
16:28:15.0053 3668 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
16:28:15.0053 3668 C:\Windows\System32\sscore.dll - ok
16:28:15.0069 3668 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
16:28:15.0069 3668 C:\Windows\System32\wbem\repdrvfs.dll - ok
16:28:15.0069 3668 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
16:28:15.0069 3668 C:\Windows\System32\clusapi.dll - ok
16:28:15.0069 3668 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
16:28:15.0069 3668 C:\Windows\System32\hnetcfg.dll - ok
16:28:15.0069 3668 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
16:28:15.0069 3668 C:\Windows\System32\resutils.dll - ok
16:28:15.0069 3668 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
16:28:15.0069 3668 C:\Windows\System32\unimdm.tsp - ok
16:28:15.0085 3668 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
16:28:15.0085 3668 C:\Windows\System32\uniplat.dll - ok
16:28:15.0085 3668 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
16:28:15.0085 3668 C:\Windows\System32\kmddsp.tsp - ok
16:28:15.0085 3668 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
16:28:15.0085 3668 C:\Windows\System32\ndptsp.tsp - ok
16:28:15.0085 3668 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
16:28:15.0085 3668 C:\Windows\System32\hidphone.tsp - ok
16:28:15.0085 3668 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
16:28:15.0085 3668 C:\Windows\System32\rasppp.dll - ok
16:28:15.0100 3668 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
16:28:15.0100 3668 C:\Windows\System32\vpnike.dll - ok
16:28:15.0100 3668 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
16:28:15.0100 3668 C:\Windows\System32\raschap.dll - ok
16:28:15.0100 3668 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
16:28:15.0100 3668 C:\Windows\System32\ipnathlp.dll - ok
16:28:15.0100 3668 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
16:28:15.0100 3668 C:\Windows\SysWOW64\propsys.dll - ok
16:28:15.0100 3668 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
16:28:15.0100 3668 C:\Windows\System32\mprapi.dll - ok
16:28:15.0116 3668 [ 72794D112CBAFF3BC0C29BF7350D4741 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
16:28:15.0116 3668 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
16:28:15.0116 3668 [ C797D1677BA81306AFBB9FA8A9A8F483 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
16:28:15.0116 3668 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
16:28:15.0116 3668 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
16:28:15.0116 3668 C:\Windows\System32\netshell.dll - ok
16:28:15.0116 3668 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
16:28:15.0116 3668 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
16:28:15.0131 3668 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
16:28:15.0131 3668 C:\Windows\System32\ncobjapi.dll - ok
16:28:15.0131 3668 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
16:28:15.0131 3668 C:\Windows\System32\wbem\wbemess.dll - ok
16:28:15.0131 3668 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
16:28:15.0131 3668 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
16:28:15.0131 3668 [ 89B89AE23491F5D4E338499A3D568269 ] C:\Windows\System32\localspl.dll
16:28:15.0131 3668 C:\Windows\System32\localspl.dll - ok
16:28:15.0131 3668 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
16:28:15.0131 3668 C:\Windows\System32\wbem\wmiprov.dll - ok
16:28:15.0147 3668 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
16:28:15.0147 3668 C:\Windows\SysWOW64\perfos.dll - ok
16:28:15.0147 3668 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
16:28:15.0147 3668 C:\Windows\SysWOW64\credui.dll - ok
16:28:15.0147 3668 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
16:28:15.0147 3668 C:\Windows\SysWOW64\oleacc.dll - ok
16:28:15.0147 3668 [ 0029EBA325F2FC9B6BA46BEE33F32A09 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
16:28:15.0147 3668 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll - ok
16:28:15.0147 3668 [ 565A30B70BE8A9B171839003F2D69683 ] C:\Windows\SysWOW64\hlink.dll
16:28:15.0147 3668 C:\Windows\SysWOW64\hlink.dll - ok
16:28:15.0163 3668 [ 74AF1FFCAFD60DA88A386AE161F56438 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
16:28:15.0163 3668 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
16:28:15.0163 3668 [ B08E3476F0874DBAD672D0AC4FB2580B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
16:28:15.0163 3668 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
16:28:15.0163 3668 [ 4205CA4CD43E725DB9FF02B0A588A8C6 ] C:\Windows\SysWOW64\msxml3.dll
16:28:15.0163 3668 C:\Windows\SysWOW64\msxml3.dll - ok
16:28:15.0163 3668 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
16:28:15.0163 3668 C:\Windows\System32\PrintIsolationProxy.dll - ok
16:28:15.0178 3668 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
16:28:15.0178 3668 C:\Windows\System32\spoolss.dll - ok
16:28:15.0178 3668 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
16:28:15.0178 3668 C:\Windows\System32\FXSMON.dll - ok
16:28:15.0178 3668 [ 3BAB1C64C3C02F09C8CB4F3962D45BA0 ] C:\Windows\System32\lxeblmpm.dll
16:28:15.0178 3668 C:\Windows\System32\lxeblmpm.dll - ok
16:28:15.0178 3668 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
16:28:15.0178 3668 C:\Windows\System32\wbem\cimwin32.dll - ok
16:28:15.0178 3668 [ 3ABE3CC7706EDD33C12C5A99B8727053 ] C:\Windows\System32\lxebcomc.dll
16:28:15.0178 3668 C:\Windows\System32\lxebcomc.dll - ok
16:28:15.0194 3668 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
16:28:15.0194 3668 C:\Windows\System32\framedynos.dll - ok
16:28:15.0194 3668 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
16:28:15.0194 3668 C:\Windows\System32\tcpmon.dll - ok
16:28:15.0194 3668 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
16:28:15.0194 3668 C:\Windows\System32\snmpapi.dll - ok
16:28:15.0194 3668 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
16:28:15.0194 3668 C:\Windows\System32\wsnmp32.dll - ok
16:28:15.0194 3668 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
16:28:15.0194 3668 C:\Windows\System32\usbmon.dll - ok
16:28:15.0209 3668 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
16:28:15.0209 3668 C:\Windows\System32\WSDMon.dll - ok
16:28:15.0209 3668 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
16:28:15.0209 3668 C:\Windows\System32\WSDApi.dll - ok
16:28:15.0209 3668 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
16:28:15.0209 3668 C:\Windows\System32\webservices.dll - ok
16:28:15.0209 3668 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
16:28:15.0209 3668 C:\Windows\System32\fundisc.dll - ok
16:28:15.0209 3668 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
16:28:15.0209 3668 C:\Windows\System32\fdPnp.dll - ok
16:28:15.0225 3668 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
16:28:15.0225 3668 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
16:28:15.0225 3668 [ A614F3EAE991F56340705F1F1F9A17AD ] C:\Windows\System32\spool\prtprocs\x64\lxebdrpp.dll
16:28:15.0225 3668 C:\Windows\System32\spool\prtprocs\x64\lxebdrpp.dll - ok
16:28:15.0225 3668 [ 2AC11BE0F5D9A01433732AAB8BA21774 ] C:\Windows\System32\win32spl.dll
16:28:15.0225 3668 C:\Windows\System32\win32spl.dll - ok
16:28:15.0225 3668 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
16:28:15.0225 3668 C:\Windows\System32\inetpp.dll - ok
16:28:15.0241 3668 [ AD31942BDF3D594C404874613BC2FE4D ] C:\Windows\System32\SearchIndexer.exe
16:28:15.0241 3668 C:\Windows\System32\SearchIndexer.exe - ok
16:28:15.0241 3668 [ 6C597496AB646EB9F31C68241050F771 ] C:\Windows\System32\tquery.dll
16:28:15.0241 3668 C:\Windows\System32\tquery.dll - ok
16:28:15.0241 3668 [ 017F5CE9BC2333FE0FB738B0A9C13C2F ] C:\Windows\System32\mssrch.dll
16:28:15.0241 3668 C:\Windows\System32\mssrch.dll - ok
16:28:15.0241 3668 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
16:28:15.0241 3668 C:\Windows\System32\ndiscapCfg.dll - ok
16:28:15.0241 3668 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
16:28:15.0241 3668 C:\Windows\System32\rascfg.dll - ok
16:28:15.0256 3668 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
16:28:15.0256 3668 C:\Windows\System32\mprmsg.dll - ok
16:28:15.0256 3668 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
16:28:15.0256 3668 C:\Windows\System32\tcpipcfg.dll - ok
16:28:15.0256 3668 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
16:28:15.0256 3668 C:\Windows\System32\nci.dll - ok
16:28:15.0256 3668 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
16:28:15.0256 3668 C:\Windows\System32\wlaninst.dll - ok
16:28:15.0256 3668 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
16:28:15.0256 3668 C:\Windows\System32\wwaninst.dll - ok
16:28:15.0272 3668 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
16:28:15.0272 3668 C:\Windows\System32\rundll32.exe - ok
16:28:15.0272 3668 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
16:28:15.0272 3668 C:\Windows\System32\actxprxy.dll - ok
16:28:15.0272 3668 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
16:28:15.0272 3668 C:\Windows\System32\spfileq.dll - ok
16:28:15.0272 3668 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
16:28:15.0272 3668 C:\Windows\System32\msidle.dll - ok
16:28:15.0272 3668 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
16:28:15.0272 3668 C:\Windows\System32\wdi.dll - ok
16:28:15.0287 3668 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
16:28:15.0287 3668 C:\Windows\System32\perftrack.dll - ok
16:28:15.0287 3668 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
16:28:15.0287 3668 C:\Windows\System32\mssprxy.dll - ok
16:28:15.0287 3668 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
16:28:15.0287 3668 C:\Windows\SysWOW64\mssprxy.dll - ok
16:28:15.0287 3668 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
16:28:15.0287 3668 C:\Windows\System32\qmgr.dll - ok
16:28:15.0303 3668 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
16:28:15.0303 3668 C:\Windows\System32\npmproxy.dll - ok
16:28:15.0303 3668 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
16:28:15.0303 3668 C:\Windows\SysWOW64\npmproxy.dll - ok
16:28:15.0303 3668 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
16:28:15.0303 3668 C:\Windows\System32\appinfo.dll - ok
16:28:15.0303 3668 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
16:28:15.0303 3668 C:\Windows\System32\bitsperf.dll - ok
16:28:15.0303 3668 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
16:28:15.0303 3668 C:\Windows\System32\diagperf.dll - ok
16:28:15.0319 3668 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
16:28:15.0319 3668 C:\Windows\System32\IPSECSVC.DLL - ok
16:28:15.0319 3668 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
16:28:15.0319 3668 C:\Windows\System32\bitsigd.dll - ok
16:28:15.0319 3668 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
16:28:15.0319 3668 C:\Windows\System32\FwRemoteSvr.dll - ok
16:28:15.0319 3668 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
16:28:15.0319 3668 C:\Windows\System32\upnp.dll - ok
16:28:15.0319 3668 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
16:28:15.0319 3668 C:\Windows\System32\en-US\tquery.dll.mui - ok
16:28:15.0334 3668 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
16:28:15.0334 3668 C:\Windows\System32\hidserv.dll - ok
16:28:15.0334 3668 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
16:28:15.0334 3668 C:\Windows\System32\PortableDeviceApi.dll - ok
16:28:15.0334 3668 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
16:28:15.0334 3668 C:\Windows\System32\wpdbusenum.dll - ok
16:28:15.0334 3668 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
16:28:15.0334 3668 C:\Windows\System32\ssdpsrv.dll - ok
16:28:15.0334 3668 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
16:28:15.0334 3668 C:\Windows\System32\Apphlpdm.dll - ok
16:28:15.0350 3668 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
16:28:15.0350 3668 C:\Windows\System32\pnpts.dll - ok
16:28:15.0350 3668 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
16:28:15.0350 3668 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
16:28:15.0350 3668 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
16:28:15.0350 3668 C:\Windows\System32\radardt.dll - ok
16:28:15.0350 3668 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
16:28:15.0350 3668 C:\Windows\System32\wdiasqmmodule.dll - ok
16:28:15.0365 3668 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
16:28:15.0365 3668 C:\Windows\System32\dimsjob.dll - ok
16:28:15.0365 3668 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
16:28:15.0365 3668 C:\Windows\System32\runonce.exe - ok
16:28:15.0365 3668 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
16:28:15.0365 3668 C:\Windows\System32\certcli.dll - ok
16:28:15.0365 3668 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
16:28:15.0365 3668 C:\Windows\System32\pautoenr.dll - ok
16:28:15.0365 3668 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
16:28:15.0365 3668 C:\Windows\System32\CertEnroll.dll - ok
16:28:15.0381 3668 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
16:28:15.0381 3668 C:\Windows\SysWOW64\runonce.exe - ok
16:28:15.0381 3668 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
16:28:15.0381 3668 C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
16:28:15.0381 3668 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
16:28:15.0381 3668 C:\Windows\System32\qmgrprxy.dll - ok
16:28:15.0381 3668 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
16:28:15.0381 3668 C:\Windows\SysWOW64\qmgrprxy.dll - ok
16:28:15.0381 3668 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll
16:28:15.0381 3668 C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok
16:28:15.0397 3668 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
16:28:15.0397 3668 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
16:28:15.0397 3668 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll
16:28:15.0397 3668 C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok
16:28:15.0397 3668 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
16:28:15.0397 3668 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
16:28:15.0397 3668 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
16:28:15.0397 3668 C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok
16:28:15.0412 3668 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll
16:28:15.0412 3668 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok
16:28:15.0412 3668 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
16:28:15.0412 3668 C:\Windows\SysWOW64\cmd.exe - ok
16:28:15.0412 3668 [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe
16:28:15.0412 3668 C:\Windows\System32\conhost.exe - ok
16:28:15.0412 3668 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
16:28:15.0412 3668 C:\Windows\SysWOW64\winbrand.dll - ok
16:28:15.0412 3668 [ 691E93028B8723E05B4A637BE77380DD ] C:\Windows\SysWOW64\ieframe.dll
16:28:15.0412 3668 C:\Windows\SysWOW64\ieframe.dll - ok
16:28:15.0428 3668 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
16:28:15.0428 3668 C:\Windows\System32\aelupsvc.dll - ok
16:28:15.0428 3668 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
16:28:15.0428 3668 C:\Windows\SysWOW64\shdocvw.dll - ok
16:28:15.0428 3668 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\admin\AppData\Local\Temp\DC8FF473-0C4B-417D-8B23-C6AF089ADF67.exe
16:28:15.0428 3668 C:\Users\admin\AppData\Local\Temp\DC8FF473-0C4B-417D-8B23-C6AF089ADF67.exe - ok
16:28:15.0428 3668 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
16:28:15.0428 3668 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
16:28:15.0443 3668 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
16:28:15.0443 3668 C:\Windows\SysWOW64\EhStorShell.dll - ok
16:28:15.0443 3668 [ 1737183424D10E716D4035C5CA2ECAB4 ] C:\Windows\System32\cryptnet.dll
16:28:15.0443 3668 C:\Windows\System32\cryptnet.dll - ok
16:28:15.0443 3668 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
16:28:15.0443 3668 C:\Windows\System32\cabinet.dll - ok
16:28:15.0443 3668 [ EB77DB354791A5932CA559B6F6374E95 ] C:\Windows\SysWOW64\ntshrui.dll
16:28:15.0443 3668 C:\Windows\SysWOW64\ntshrui.dll - ok
16:28:15.0443 3668 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
16:28:15.0443 3668 C:\Windows\SysWOW64\imageres.dll - ok
16:28:15.0459 3668 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
16:28:15.0459 3668 C:\Windows\SysWOW64\slc.dll - ok
16:28:15.0459 3668 [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
16:28:15.0459 3668 C:\Program Files\Windows Defender\MpRTP.dll - ok
16:28:15.0459 3668 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
16:28:15.0459 3668 C:\Windows\System32\tdh.dll - ok
16:28:15.0459 3668 [ 97BDC9A400EEF273CC4B336614CA74BD ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}\mpengine.dll
16:28:15.0459 3668 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}\mpengine.dll - ok
16:28:15.0459 3668 [ B17051CEA6ECF263EF7EB4B79FA50763 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}\mpasbase.vdm
16:28:15.0459 3668 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}\mpasbase.vdm - ok
16:28:15.0475 3668 [ F0F8B583C084699DDBF036B892058F6E ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}\mpasdlta.vdm
16:28:15.0475 3668 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}\mpasdlta.vdm - ok
16:28:15.0475 3668 [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
16:28:15.0475 3668 C:\Program Files\Windows Defender\MsMpLics.dll - ok
16:28:15.0475 3668 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
16:28:15.0475 3668 C:\Windows\System32\wscapi.dll - ok
16:28:15.0475 3668 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
16:28:15.0475 3668 C:\Windows\System32\wscisvif.dll - ok
16:28:15.0490 3668 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
16:28:15.0490 3668 C:\Windows\System32\wscproxystub.dll - ok
16:28:15.0490 3668 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
16:28:15.0490 3668 C:\Windows\System32\ie4uinit.exe - ok
16:28:15.0490 3668 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
16:28:15.0490 3668 C:\Windows\System32\iedkcs32.dll - ok
16:28:15.0490 3668 [ 1FCB1A72BF5C784F7358E6BEF38E4571 ] C:\Windows\System32\timedate.cpl
16:28:15.0490 3668 C:\Windows\System32\timedate.cpl - ok
16:28:15.0490 3668 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
16:28:15.0490 3668 C:\Windows\System32\shdocvw.dll - ok
16:28:15.0506 3668 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
16:28:15.0506 3668 C:\Windows\System32\linkinfo.dll - ok
16:28:15.0506 3668 [ 661CEEDE98A2E0E5CDD7DE239EB38353 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
16:28:15.0506 3668 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
16:28:15.0506 3668 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
16:28:15.0506 3668 C:\Windows\System32\msftedit.dll - ok
16:28:15.0506 3668 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
16:28:15.0506 3668 C:\Windows\System32\gameux.dll - ok
16:28:15.0506 3668 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
16:28:15.0506 3668 C:\Windows\System32\msls31.dll - ok
16:28:15.0521 3668 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
16:28:15.0521 3668 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
16:28:15.0521 3668 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
16:28:15.0521 3668 C:\Windows\System32\msiltcfg.dll - ok
16:28:15.0521 3668 [ 161D914BD429DA0DD7FAC50F6372D40E ] C:\Windows\System32\igfxtray.exe
16:28:15.0521 3668 C:\Windows\System32\igfxtray.exe - ok
16:28:15.0521 3668 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
16:28:15.0521 3668 C:\Windows\System32\DeviceCenter.dll - ok
16:28:15.0537 3668 [ 3880B56917CCEFA3BD0ADD2050458F3F ] C:\Windows\System32\hkcmd.exe
16:28:15.0537 3668 C:\Windows\System32\hkcmd.exe - ok
16:28:15.0537 3668 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
16:28:15.0537 3668 C:\Windows\System32\thumbcache.dll - ok
16:28:15.0537 3668 [ 75FCB7C32353D96164E45E736AE10D55 ] C:\Windows\System32\igfxpers.exe
16:28:15.0537 3668 C:\Windows\System32\igfxpers.exe - ok
16:28:15.0537 3668 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
16:28:15.0537 3668 C:\Windows\System32\networkexplorer.dll - ok
16:28:15.0537 3668 [ 0DB0C404F39E8ACA64F9A655C6C7896C ] C:\Windows\System32\hccutils.dll
16:28:15.0537 3668 C:\Windows\System32\hccutils.dll - ok
16:28:15.0553 3668 [ A62D66F7F318A94C68DE39845C5D311F ] C:\Windows\System32\igfxsrvc.exe
16:28:15.0553 3668 C:\Windows\System32\igfxsrvc.exe - ok
16:28:15.0553 3668 [ C5BCAB2B9BD316DDFD53D4CB5E1C438D ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
16:28:15.0553 3668 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe - ok
16:28:15.0553 3668 [ DFD8F75F0E27D522AB8424AD71719C8B ] C:\Program Files\TOSHIBA\TBS\HSON.exe
16:28:15.0553 3668 C:\Program Files\TOSHIBA\TBS\HSON.exe - ok
16:28:15.0553 3668 [ A6C039BAAC52F266AB393D0D62236583 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
16:28:15.0553 3668 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe - ok
16:28:15.0553 3668 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\31287762.sys
16:28:15.0553 3668 C:\Windows\System32\drivers\31287762.sys - ok
16:28:15.0568 3668 [ D70D6B42933C1174FE961F0BCA3573A3 ] C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll
16:28:15.0568 3668 C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll - ok
16:28:15.0568 3668 [ 722D953718E6E1C57A83D3CE03374A1E ] C:\Windows\System32\igfxsrvc.dll
16:28:15.0568 3668 C:\Windows\System32\igfxsrvc.dll - ok
16:28:15.0568 3668 [ 85C2A87B30EE63D88B0452ED8A13FDF1 ] C:\Windows\System32\igfxdev.dll
16:28:15.0568 3668 C:\Windows\System32\igfxdev.dll - ok
16:28:15.0568 3668 [ 6B640D9B1C114DDB8A534A9101DCEF29 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
16:28:15.0568 3668 C:\Program Files\CONEXANT\SAII\SAIICpl.exe - ok
16:28:15.0584 3668 [ E96C88DBF468780F887F680DE899B7D1 ] C:\Windows\System32\igfxrenu.lrc
16:28:15.0584 3668 C:\Windows\System32\igfxrenu.lrc - ok
16:28:15.0584 3668 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
16:28:15.0584 3668 C:\Windows\System32\IccLibDll_x64.dll - ok
16:28:15.0584 3668 [ E76128173CC2F8A6B1B1C8D8AC5194D1 ] C:\Windows\System32\igfxress.dll
16:28:15.0584 3668 C:\Windows\System32\igfxress.dll - ok
16:28:15.0584 3668 [ 8D8839FDB43DE6F35D4A26294B8B9549 ] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
16:28:15.0584 3668 C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe - ok
16:28:15.0584 3668 [ 76849AB697E63D85CC35DD2F8AEA1C6B ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll
16:28:15.0584 3668 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll - ok
16:28:15.0599 3668 [ 0F042176F243D71C552E9D07D2FCB141 ] C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
16:28:15.0599 3668 C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll - ok
16:28:15.0599 3668 [ A61BA3762126CC714E78207847F36BF2 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
16:28:15.0599 3668 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
16:28:15.0599 3668 [ EF9C5CD482AC0C29C5EC885CBB94469A ] C:\Program Files\TOSHIBA\TECO\Teco.exe
16:28:15.0599 3668 C:\Program Files\TOSHIBA\TECO\Teco.exe - ok
16:28:15.0599 3668 [ 38B24645FA9F9BDCCC35AF4B9AE7F37E ] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
16:28:15.0599 3668 C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe - ok
16:28:15.0615 3668 [ 9C96B167C21F6DCCF68E96853B0A8F93 ] C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll
16:28:15.0615 3668 C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll - ok
16:28:15.0615 3668 [ 099B3847531EAF7BA63B5BB504CE8461 ] C:\Program Files\TOSHIBA\TECO\MUIHelp.dll
16:28:15.0615 3668 C:\Program Files\TOSHIBA\TECO\MUIHelp.dll - ok
16:28:15.0615 3668 [ 91E9762DE0BFF5F38466A1B23D2A69D3 ] C:\Windows\System32\SynCOM.dll
16:28:15.0615 3668 C:\Windows\System32\SynCOM.dll - ok
16:28:15.0615 3668 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
16:28:15.0615 3668 C:\Windows\System32\AudioSes.dll - ok
16:28:15.0615 3668 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
16:28:15.0615 3668 C:\Windows\SysWOW64\riched20.dll - ok
16:28:15.0631 3668 [ E126445756DFE53F9788911BBD7BFF16 ] C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll
16:28:15.0631 3668 C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll - ok
16:28:15.0631 3668 [ F82483A80D49ACCA81193A294FB233CD ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
16:28:15.0631 3668 C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe - ok
16:28:15.0631 3668 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
16:28:15.0631 3668 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
16:28:15.0631 3668 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
16:28:15.0631 3668 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
16:28:15.0646 3668 [ 47AFBB582DC348AF02B2EDDAF7243A6E ] C:\Program Files\TOSHIBA\Power Saver\TFunctab.dll
16:28:15.0646 3668 C:\Program Files\TOSHIBA\Power Saver\TFunctab.dll - ok
16:28:15.0646 3668 [ E9041DF716F40D9D3FF5D7C3D3967D11 ] C:\Windows\System32\SynTPAPI.dll
16:28:15.0646 3668 C:\Windows\System32\SynTPAPI.dll - ok
16:28:15.0646 3668 [ 426350B428CD70D037A3326EB9E5EDFD ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
16:28:15.0646 3668 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok
16:28:15.0646 3668 [ E542A10321E884C2C50290AC67E82DAE ] C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll
16:28:15.0646 3668 C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll - ok
16:28:15.0646 3668 [ E2B41D6676B915FBC39517BD3C969CB9 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
16:28:15.0646 3668 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
16:28:15.0662 3668 [ 60FB378B6D1C80DC69DD80F8E05D4346 ] C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll
16:28:15.0662 3668 C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll - ok
16:28:15.0662 3668 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
16:28:15.0662 3668 C:\Windows\System32\consent.exe - ok
16:28:15.0662 3668 [ 1C937AA6A3E2E5F5F650686437AE2854 ] C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll
16:28:15.0662 3668 C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll - ok
16:28:15.0662 3668 [ 0D7BE936A44E6B70F822D272A5CEBC22 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll
16:28:15.0662 3668 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll - ok
16:28:15.0662 3668 [ A709D7F4DCC91CF0945F784F7D233B89 ] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
16:28:15.0662 3668 C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe - ok
16:28:15.0677 3668 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
16:28:15.0677 3668 C:\Windows\SysWOW64\duser.dll - ok
16:28:15.0677 3668 [ EF49D309C27814AB86D9AB567DD9DC86 ] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
16:28:15.0677 3668 C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe - ok
16:28:15.0677 3668 [ BE165318E0052A91F7EA36F515B5F2B1 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll
16:28:15.0677 3668 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll - ok
16:28:15.0677 3668 [ 0287C9E40BC751BF94A90FEA39B4CAE6 ] C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
16:28:15.0677 3668 C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll - ok
16:28:15.0693 3668 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
16:28:15.0693 3668 C:\Windows\SysWOW64\dui70.dll - ok
16:28:15.0693 3668 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
16:28:15.0693 3668 C:\Windows\System32\oledlg.dll - ok
16:28:15.0693 3668 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
16:28:15.0693 3668 C:\Windows\System32\msimg32.dll - ok
16:28:15.0693 3668 [ EFE8A50B9AE0205D399E94E89E244E65 ] C:\Program Files\TOSHIBA\Power Saver\TCooling.dll
16:28:15.0693 3668 C:\Program Files\TOSHIBA\Power Saver\TCooling.dll - ok
16:28:15.0693 3668 [ 11615D80DC10ABB83D2A9002B70A4E36 ] C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
16:28:15.0693 3668 C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll - ok
16:28:15.0709 3668 [ B3F4982BD2542AB40AFA6D6E695E5E06 ] C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll
16:28:15.0709 3668 C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll - ok
16:28:15.0709 3668 [ C54BFDEC7B8B3F6FB7FF4A39AD596471 ] C:\Program Files\TOSHIBA\TBS\TBSMain.dll
16:28:15.0709 3668 C:\Program Files\TOSHIBA\TBS\TBSMain.dll - ok
16:28:15.0709 3668 [ 1AC9B56AC7E043AC2874D61CBCED5F49 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll
16:28:15.0709 3668 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll - ok
16:28:15.0709 3668 [ 1DCD0B1345720349220CE79316A56751 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
16:28:15.0709 3668 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll - ok
16:28:15.0724 3668 [ F164E175B6092D3BA0DC7056487717BC ] C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll
16:28:15.0724 3668 C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll - ok
16:28:15.0724 3668 [ 1AD502E487DC86F60E34EE1901DEABE5 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe
16:28:15.0724 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe - ok
16:28:15.0724 3668 [ 06DEF9378C701E638B707B33B1E8151C ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
16:28:15.0724 3668 C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe - ok
16:28:15.0724 3668 [ E436C2E89416F31699F2A3CA79DDC095 ] C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll
16:28:15.0724 3668 C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll - ok
16:28:15.0724 3668 [ 7986141CF70F5DF6CF11481D5E619554 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\LXEBcfg.dll
16:28:15.0724 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\LXEBcfg.dll - ok
16:28:15.0740 3668 [ F40FF25FFCE5BD187EA33BD9395BCC05 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebscw.dll
16:28:15.0740 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebscw.dll - ok
16:28:15.0740 3668 [ C4CA3DBBCEC3136D37DA20B50291E63A ] C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll
16:28:15.0740 3668 C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll - ok
16:28:15.0740 3668 [ EF36A7503A0BE81D956E8064E2DF8CE8 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe
16:28:15.0740 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe - ok
16:28:15.0740 3668 [ 2317588DA43635E4ACBE58AA91AFF152 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebdatr.dll
16:28:15.0740 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebdatr.dll - ok
16:28:15.0755 3668 [ 68F546B58CFBBC1213B051C1B8EA1126 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\epwizard.dll
16:28:15.0755 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\epwizard.dll - ok
16:28:15.0755 3668 [ DF987E7AA36D53411B1087B246739326 ] C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll
16:28:15.0755 3668 C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll - ok
16:28:15.0755 3668 [ F643EB5793DC85D37429D4F4EE967ED6 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcomx.dll
16:28:15.0755 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcomx.dll - ok
16:28:15.0755 3668 [ 4B23CF47416B870BAD0C24367CF15A5F ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\customui.dll
16:28:15.0755 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\customui.dll - ok
16:28:15.0755 3668 [ F023A14FE899F5401935CAC119A723CE ] C:\Users\admin\AppData\Local\Akamai\netsession_win.exe
16:28:15.0755 3668 C:\Users\admin\AppData\Local\Akamai\netsession_win.exe - ok
16:28:15.0771 3668 [ CBEC06E32D0AC9C3D0A9199EDC1FB959 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
16:28:15.0771 3668 C:\Program Files (x86)\Skype\Phone\Skype.exe - ok
16:28:15.0771 3668 [ 76F123E491B26DAAD5DFBC20FC5996DB ] C:\Program Files\TOSHIBA\Power Saver\TScreen.dll
16:28:15.0771 3668 C:\Program Files\TOSHIBA\Power Saver\TScreen.dll - ok
16:28:15.0771 3668 [ E96343A324492A99A38EC391BEFE1D59 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\eputil.dll
16:28:15.0771 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\eputil.dll - ok
16:28:15.0771 3668 [ A4C23A68C6A0524C77363ABF64C6A852 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcats.dll
16:28:15.0771 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcats.dll - ok
16:28:15.0787 3668 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
16:28:15.0787 3668 C:\Windows\SysWOW64\shfolder.dll - ok
16:28:15.0787 3668 [ 32C26797AB646074A2BB562F9D10ADB5 ] C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
16:28:15.0787 3668 C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE - ok
16:28:15.0787 3668 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
16:28:15.0787 3668 C:\Windows\SysWOW64\mfc42.dll - ok
16:28:15.0787 3668 [ C5A841F80521481A0F06BF3B385930BC ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebdrs.dll
16:28:15.0787 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebdrs.dll - ok
16:28:15.0787 3668 [ 1843E81FA7ACFFF4344A7DD4328D7DA0 ] C:\Program Files (x86)\Microsoft Office\Office12\1033\ONINTL.DLL
16:28:15.0787 3668 C:\Program Files (x86)\Microsoft Office\Office12\1033\ONINTL.DLL - ok
16:28:15.0802 3668 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
16:28:15.0802 3668 C:\Windows\SysWOW64\odbc32.dll - ok
16:28:15.0802 3668 [ 59C3B7AC7A2C19043F7BD393BC66FAFE ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\imagutil.dll
16:28:15.0802 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\imagutil.dll - ok
16:28:15.0802 3668 [ FECC6977944FC212772173C86AA9B0C0 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltwvc215u.dll
16:28:15.0802 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltwvc215u.dll - ok
16:28:15.0802 3668 [ 1705B6E6E1D883965F32C7D3B8E78CE6 ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
16:28:15.0802 3668 C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe - ok
16:28:15.0818 3668 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
16:28:15.0818 3668 C:\Windows\System32\mscoree.dll - ok
16:28:15.0818 3668 [ 75DE43A4302967C786A0DA65C649F1A0 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltkrn15u.dll
16:28:15.0818 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltkrn15u.dll - ok
16:28:15.0818 3668 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
16:28:15.0818 3668 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
16:28:15.0818 3668 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
16:28:15.0818 3668 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
16:28:15.0833 3668 [ 80505248EBD079CB692FC2FF0BF5D754 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltdis15u.dll
16:28:15.0833 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltdis15u.dll - ok
16:28:15.0833 3668 [ 44491323891EE2CDEDD31E96449B9E78 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltfil15u.dll
16:28:15.0833 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltfil15u.dll - ok
16:28:15.0833 3668 [ CC3570CC65AABBAB1801AB9E75F02FC3 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcaps.dll
16:28:15.0833 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcaps.dll - ok
16:28:15.0833 3668 [ 3271A2285738336D273CB0E850C4F9CC ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltimgclr15u.dll
16:28:15.0833 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltimgclr15u.dll - ok
16:28:15.0833 3668 [ 02F4246866BF35BF2244E5CF72E25895 ] C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe
16:28:15.0833 3668 C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe - ok
16:28:15.0849 3668 [ D1514E24D2CE523F3D4DEAFDEC50DE9F ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltimgutl15u.dll
16:28:15.0849 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltimgutl15u.dll - ok
16:28:15.0849 3668 [ 083649EF692A066880C9326020915AFE ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
16:28:15.0849 3668 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
16:28:15.0849 3668 [ ECFE109E57AC9A79B3DB1A42883DACBE ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcnv4.dll
16:28:15.0849 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcnv4.dll - ok
16:28:15.0849 3668 [ 951500AD4685B89423AB52665CADF653 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
16:28:15.0849 3668 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
16:28:15.0865 3668 [ B63E5C7807334A3A8F731062F15462CC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:28:15.0865 3668 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
16:28:15.0865 3668 [ 026C4BDA4BEA5EE666AFD2270FF7368B ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\epfunct.dll
16:28:15.0865 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\epfunct.dll - ok
16:28:15.0865 3668 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
16:28:15.0865 3668 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe - ok
16:28:15.0865 3668 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
16:28:15.0865 3668 C:\Windows\SysWOW64\odbcint.dll - ok
16:28:15.0880 3668 [ 0F544B46F9966F29D05E0F998297C7E7 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcomc.dll
16:28:15.0880 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcomc.dll - ok
16:28:15.0880 3668 [ 046E4103ED25BECC0F010BD27A24F407 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmonr.dll
16:28:15.0880 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmonr.dll - ok
16:28:15.0880 3668 [ A73731A0B0A165907799E9AFB461F856 ] C:\Program Files (x86)\real\realplayer\Update\realsched.exe
16:28:15.0880 3668 C:\Program Files (x86)\real\realplayer\Update\realsched.exe - ok
16:28:15.0880 3668 [ 179EED57FED3C7422A559633641032BA ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
16:28:15.0880 3668 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
16:28:15.0896 3668 [ 88B0BCC23660D466879099F26CCB8CA5 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll
16:28:15.0896 3668 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll - ok
16:28:15.0896 3668 [ 86AC5ED8B664B0929ACCAF500E8A3E49 ] C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
16:28:15.0896 3668 C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll - ok
16:28:15.0896 3668 [ 1AEC974324027429423378ADA9E35AF6 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\epwizres.dll
16:28:15.0896 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\epwizres.dll - ok
16:28:15.0896 3668 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
16:28:15.0896 3668 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
16:28:15.0896 3668 [ 3DF290691D8593212CE22D05D157F273 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\epoemdll.dll
16:28:15.0896 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\epoemdll.dll - ok
16:28:15.0911 3668 [ BE9580A0F3F4377BF45990CA595B398B ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\epstring.dll
16:28:15.0911 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\epstring.dll - ok
16:28:15.0911 3668 [ 5629E16C6C15A138F9E0FABF42E2AE78 ] C:\Windows\System32\netbios.dll
16:28:15.0911 3668 C:\Windows\System32\netbios.dll - ok
16:28:15.0911 3668 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\SysWOW64\shsvcs.dll
16:28:15.0911 3668 C:\Windows\SysWOW64\shsvcs.dll - ok
16:28:15.0911 3668 [ 5BF0BFDA62DD7A3A512F09A9EE31E8BB ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltimgcor15u.dll
16:28:15.0911 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltimgcor15u.dll - ok
16:28:15.0911 3668 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
16:28:15.0911 3668 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
16:28:15.0927 3668 [ 13790C4FB6311ECE6D6763A7EC2313FB ] C:\Program Files\AVAST Software\Avast\aswAra.dll
16:28:15.0927 3668 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
16:28:15.0927 3668 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
16:28:15.0927 3668 C:\Windows\SysWOW64\d3d9.dll - ok
16:28:15.0927 3668 [ 533631FE7DB9FF2A1D456A3D15A2DD46 ] C:\Windows\SysWOW64\icmp.dll
16:28:15.0927 3668 C:\Windows\SysWOW64\icmp.dll - ok
16:28:15.0927 3668 [ F0E7DEC6F7A3610949BDED0CA8CCB3EA ] C:\Program Files\AVAST Software\Avast\aswData.dll
16:28:15.0927 3668 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
16:28:15.0943 3668 [ AB6E3DF509C6BD59062F685A40395C23 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
16:28:15.0943 3668 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
16:28:15.0943 3668 [ AB04C6CE5DF23819B914F822E9AA0EDF ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
16:28:15.0943 3668 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
16:28:15.0943 3668 [ C1648084C395152FBFA1B333D92056BC ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
16:28:15.0943 3668 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
16:28:15.0943 3668 [ 7F701A5B3B7A7A2F962C01434360F5C5 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
16:28:15.0943 3668 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
16:28:15.0943 3668 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
16:28:15.0943 3668 C:\Windows\SysWOW64\d3d8thk.dll - ok
16:28:15.0958 3668 [ 695C32D334146AD25A2E6305DD3175A2 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltimgsfx15u.dll
16:28:15.0958 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltimgsfx15u.dll - ok
16:28:15.0958 3668 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
16:28:15.0958 3668 C:\Windows\SysWOW64\olepro32.dll - ok
16:28:15.0958 3668 [ E6BC081DDE7391AD0A044C0796A86D08 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll
16:28:15.0958 3668 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll - ok
16:28:15.0958 3668 [ 6E6DBEB083B26E55A87BCDCF1354F45E ] C:\Program Files\TOSHIBA\Power Saver\TFunc2.dll
16:28:15.0958 3668 C:\Program Files\TOSHIBA\Power Saver\TFunc2.dll - ok
16:28:15.0958 3668 [ CD9704754C0160EEB636BF3E340CAB9A ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltimgefx15u.dll
16:28:15.0958 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltimgefx15u.dll - ok
16:28:15.0974 3668 [ EDE3D67AE2951D330AA6A4EB7FEF7739 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll
16:28:15.0974 3668 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll - ok
16:28:15.0974 3668 [ D908CF40BEFA099EA92129BB485CFBA9 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF5.dll
16:28:15.0974 3668 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF5.dll - ok
16:28:15.0974 3668 [ C5F3C087169C283029F1C44E920B43BB ] C:\Windows\System32\igfxext.exe
16:28:15.0974 3668 C:\Windows\System32\igfxext.exe - ok
16:28:15.0974 3668 [ 8EDACE1D540666E2909DBBDA5E07B40E ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltefx15u.dll
16:28:15.0974 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\ltefx15u.dll - ok
16:28:15.0989 3668 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
16:28:15.0989 3668 C:\Windows\SysWOW64\avrt.dll - ok
16:28:15.0989 3668 [ 6C8F8C7EBDC0B5CD8E15B53A2CB63FE7 ] C:\Windows\System32\igfxexps.dll
16:28:15.0989 3668 C:\Windows\System32\igfxexps.dll - ok
16:28:15.0989 3668 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
16:28:15.0989 3668 C:\Windows\SysWOW64\cryptui.dll - ok
16:28:15.0989 3668 [ CACB1FB9B211A8BEF470A78FC573AEBA ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll
16:28:15.0989 3668 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll - ok
16:28:15.0989 3668 [ 8BA16887C3E15F735D81F6470EB3C49F ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\iptk.dll
16:28:15.0989 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\iptk.dll - ok
16:28:16.0005 3668 [ C10D6A7784E12BF0BE4799F675F614C2 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\pdflib.dll
16:28:16.0005 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\pdflib.dll - ok
16:28:16.0005 3668 [ 43AA2EFD14590DE58A545BF3B28ED09F ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll
16:28:16.0005 3668 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll - ok
16:28:16.0005 3668 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
16:28:16.0005 3668 C:\Windows\System32\wlanapi.dll - ok
16:28:16.0005 3668 [ 7986141CF70F5DF6CF11481D5E619554 ] C:\Windows\SysWOW64\LXEBcfg.dll
16:28:16.0005 3668 C:\Windows\SysWOW64\LXEBcfg.dll - ok
16:28:16.0005 3668 [ 572C6429A5508E8C2639BDBE5C282991 ] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebptp.dll
16:28:16.0005 3668 C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebptp.dll - ok
16:28:16.0021 3668 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\SysWOW64\msvcp60.dll
16:28:16.0021 3668 C:\Windows\SysWOW64\msvcp60.dll - ok
16:28:16.0021 3668 [ 3C6FA2F4D58611579B21798E0568F548 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
16:28:16.0021 3668 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
16:28:16.0021 3668 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
16:28:16.0021 3668 C:\Windows\SysWOW64\mapi32.dll - ok
16:28:16.0021 3668 [ E625ABBE3ED37D3160151DFD33AE6B91 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\TouchPad.dll
16:28:16.0021 3668 C:\Program Files\TOSHIBA\FlashCards\Hotkey\TouchPad.dll - ok
16:28:16.0021 3668 [ 2E483EC51216B52C711C7EC642798BB7 ] C:\Windows\System32\sti.dll
16:28:16.0021 3668 C:\Windows\System32\sti.dll - ok
16:28:16.0036 3668 [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2 ] C:\Windows\SysWOW64\sti.dll
16:28:16.0036 3668 C:\Windows\SysWOW64\sti.dll - ok
16:28:16.0036 3668 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
16:28:16.0036 3668 C:\Windows\SysWOW64\sxs.dll - ok
16:28:16.0036 3668 [ 66935625C1758EFEFFAF8CF0E020A6F9 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
16:28:16.0036 3668 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll - ok
16:28:16.0036 3668 [ 4C671C688884F18152441DC16AA629F6 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
16:28:16.0036 3668 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll - ok
16:28:16.0052 3668 [ 13BC9BF69A7A03ED92BFDF36E9B4C508 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll
16:28:16.0052 3668 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll - ok
16:28:16.0052 3668 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\SysWOW64\wiatrace.dll
16:28:16.0052 3668 C:\Windows\SysWOW64\wiatrace.dll - ok
16:28:16.0052 3668 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
16:28:16.0052 3668 C:\Windows\SysWOW64\wlanapi.dll - ok
16:28:16.0052 3668 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
16:28:16.0052 3668 C:\Windows\SysWOW64\wlanutil.dll - ok
16:28:16.0052 3668 [ 25DEF2EF843275862FFBF55487CEFDDD ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_135.ocx
16:28:16.0052 3668 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_135.ocx - ok
16:28:16.0067 3668 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
16:28:16.0067 3668 C:\Windows\System32\batmeter.dll - ok
16:28:16.0067 3668 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
16:28:16.0067 3668 C:\Windows\System32\stobject.dll - ok
16:28:16.0067 3668 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
16:28:16.0067 3668 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
16:28:16.0067 3668 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
16:28:16.0067 3668 C:\Windows\System32\prnfldr.dll - ok
16:28:16.0067 3668 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\SysWOW64\gameux.dll
16:28:16.0067 3668 C:\Windows\SysWOW64\gameux.dll - ok
16:28:16.0083 3668 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
16:28:16.0083 3668 C:\Windows\SysWOW64\wer.dll - ok
16:28:16.0083 3668 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
16:28:16.0083 3668 C:\Windows\System32\DXP.dll - ok
16:28:16.0083 3668 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
16:28:16.0083 3668 C:\Windows\SysWOW64\linkinfo.dll - ok
16:28:16.0083 3668 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
16:28:16.0083 3668 C:\Windows\SysWOW64\dsound.dll - ok
16:28:16.0083 3668 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
16:28:16.0083 3668 C:\Windows\System32\Syncreg.dll - ok
16:28:16.0099 3668 [ C2230964BA7DF049CAFA63B7AF635D55 ] C:\Windows\SysWOW64\igdumdx32.dll
16:28:16.0099 3668 C:\Windows\SysWOW64\igdumdx32.dll - ok
16:28:16.0099 3668 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
16:28:16.0099 3668 C:\Windows\SysWOW64\mscms.dll - ok
16:28:16.0099 3668 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
16:28:16.0099 3668 C:\Windows\ehome\ehSSO.dll - ok
16:28:16.0099 3668 [ 49EDFA350BCEA706681CC2B2C5FED51E ] C:\Windows\SysWOW64\igdumd32.dll
16:28:16.0099 3668 C:\Windows\SysWOW64\igdumd32.dll - ok
16:28:16.0099 3668 [ 83D0C449C534CC014799BEC0A060726C ] C:\Program Files\AVAST Software\Avast\defs\12121301\uiext.dll
16:28:16.0099 3668 C:\Program Files\AVAST Software\Avast\defs\12121301\uiext.dll - ok
16:28:16.0114 3668 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
16:28:16.0114 3668 C:\Windows\System32\AltTab.dll - ok
16:28:16.0114 3668 [ 4B65B4F93F63AA6DC1042A8AED99D093 ] C:\Windows\SysWOW64\jscript.dll
16:28:16.0114 3668 C:\Windows\SysWOW64\jscript.dll - ok
16:28:16.0114 3668 [ 124715CD10C62A78404F1A3B1048D062 ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
16:28:16.0114 3668 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok
16:28:16.0114 3668 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
16:28:16.0114 3668 C:\Windows\System32\WPDShServiceObj.dll - ok
16:28:16.0114 3668 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
16:28:16.0114 3668 C:\Windows\System32\PortableDeviceTypes.dll - ok
16:28:16.0130 3668 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
16:28:16.0130 3668 C:\Windows\SysWOW64\mlang.dll - ok
16:28:16.0130 3668 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
16:28:16.0130 3668 C:\Windows\System32\pnidui.dll - ok
16:28:16.0130 3668 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
16:28:16.0130 3668 C:\Windows\System32\QUTIL.DLL - ok
16:28:16.0130 3668 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
16:28:16.0130 3668 C:\Windows\System32\srchadmin.dll - ok
16:28:16.0130 3668 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
16:28:16.0145 3668 C:\Windows\System32\rasdlg.dll - ok
16:28:16.0145 3668 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
16:28:16.0145 3668 C:\Windows\System32\dot3api.dll - ok
16:28:16.0145 3668 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
16:28:16.0145 3668 C:\Windows\System32\wlanhlp.dll - ok
16:28:16.0145 3668 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
16:28:16.0145 3668 C:\Windows\System32\webcheck.dll - ok
16:28:16.0145 3668 [ 05E06226631B43AE05237B4A4D6386AF ] C:\Windows\System32\ieframe.dll
16:28:16.0145 3668 C:\Windows\System32\ieframe.dll - ok
16:28:16.0161 3668 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
16:28:16.0161 3668 C:\Windows\System32\mlang.dll - ok
16:28:16.0161 3668 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
16:28:16.0161 3668 C:\Windows\System32\SyncCenter.dll - ok
16:28:16.0161 3668 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
16:28:16.0161 3668 C:\Windows\System32\ActionCenter.dll - ok
16:28:16.0161 3668 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
16:28:16.0161 3668 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
16:28:16.0177 3668 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
16:28:16.0177 3668 C:\Windows\System32\WWanAPI.dll - ok
16:28:16.0177 3668 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
16:28:16.0177 3668 C:\Windows\System32\wwapi.dll - ok
16:28:16.0177 3668 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
16:28:16.0177 3668 C:\Windows\System32\QAGENT.DLL - ok
16:28:16.0177 3668 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
16:28:16.0177 3668 C:\Windows\System32\bthprops.cpl - ok
16:28:16.0177 3668 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
16:28:16.0177 3668 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
16:28:16.0192 3668 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
16:28:16.0192 3668 C:\Windows\System32\imapi2.dll - ok
16:28:16.0192 3668 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
16:28:16.0192 3668 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
16:28:16.0192 3668 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
16:28:16.0192 3668 C:\Windows\System32\wsock32.dll - ok
16:28:16.0192 3668 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
16:28:16.0192 3668 C:\Windows\System32\wmdrmdev.dll - ok
16:28:16.0192 3668 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
16:28:16.0192 3668 C:\Windows\System32\drmv2clt.dll - ok
16:28:16.0208 3668 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
16:28:16.0208 3668 C:\Windows\System32\mfplat.dll - ok
16:28:16.0208 3668 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
16:28:16.0208 3668 C:\Windows\System32\blackbox.dll - ok
16:28:16.0208 3668 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
16:28:16.0208 3668 C:\Windows\System32\hgcpl.dll - ok
16:28:16.0208 3668 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
16:28:16.0208 3668 C:\Windows\System32\fdPHost.dll - ok
16:28:16.0208 3668 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
16:28:16.0208 3668 C:\Windows\System32\FDResPub.dll - ok
16:28:16.0223 3668 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
16:28:16.0223 3668 C:\Windows\System32\fdWSD.dll - ok
16:28:16.0223 3668 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
16:28:16.0223 3668 C:\Windows\System32\fdSSDP.dll - ok
16:28:16.0223 3668 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
16:28:16.0223 3668 C:\Windows\System32\wmp.dll - ok
16:28:16.0223 3668 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
16:28:16.0223 3668 C:\Windows\System32\fdProxy.dll - ok
16:28:16.0223 3668 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
16:28:16.0223 3668 C:\Windows\System32\FXSST.dll - ok
16:28:16.0239 3668 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
16:28:16.0239 3668 C:\Windows\System32\FXSAPI.dll - ok
16:28:16.0239 3668 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
16:28:16.0239 3668 C:\Windows\SysWOW64\MMDevAPI.dll - ok
16:28:16.0239 3668 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
16:28:16.0239 3668 C:\Windows\System32\FXSRESM.dll - ok
16:28:16.0239 3668 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
16:28:16.0239 3668 C:\Windows\System32\P2P.dll - ok
16:28:16.0239 3668 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
16:28:16.0239 3668 C:\Windows\System32\ListSvc.dll - ok
16:28:16.0255 3668 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
16:28:16.0255 3668 C:\Windows\System32\p2pcollab.dll - ok
16:28:16.0255 3668 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
16:28:16.0255 3668 C:\Windows\System32\FXSSVC.exe - ok
16:28:16.0255 3668 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
16:28:16.0255 3668 C:\Windows\System32\IdListen.dll - ok
16:28:16.0255 3668 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
16:28:16.0255 3668 C:\Windows\System32\pnrpsvc.dll - ok
16:28:16.0270 3668 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
16:28:16.0270 3668 C:\Windows\System32\hgprint.dll - ok
16:28:16.0270 3668 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
16:28:16.0270 3668 C:\Windows\System32\SearchFolder.dll - ok
16:28:16.0270 3668 [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
16:28:16.0270 3668 C:\Windows\System32\StructuredQuery.dll - ok
16:28:16.0270 3668 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
16:28:16.0270 3668 C:\Windows\System32\wmploc.DLL - ok
16:28:16.0270 3668 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
16:28:16.0270 3668 C:\Windows\System32\QAGENTRT.DLL - ok
16:28:16.0286 3668 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
16:28:16.0286 3668 C:\Windows\System32\fveui.dll - ok
16:28:16.0286 3668 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
16:28:16.0286 3668 C:\Windows\System32\p2psvc.dll - ok
16:28:16.0286 3668 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
16:28:16.0286 3668 C:\Windows\System32\P2PGraph.dll - ok
16:28:16.0286 3668 [ 2928BBB81F5D3F80C3D65B0701C230DC ] C:\Program Files\Internet Explorer\ieproxy.dll
16:28:16.0286 3668 C:\Program Files\Internet Explorer\ieproxy.dll - ok
16:28:16.0286 3668 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
16:28:16.0286 3668 C:\Windows\SysWOW64\FirewallAPI.dll - ok
16:28:16.0301 3668 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
16:28:16.0301 3668 C:\Windows\System32\wmpps.dll - ok
16:28:16.0301 3668 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
16:28:16.0301 3668 C:\Windows\System32\wmpmde.dll - ok
16:28:16.0301 3668 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
16:28:16.0301 3668 C:\Windows\System32\WinSATAPI.dll - ok
16:28:16.0301 3668 [ B79515AFF098E5A56DFBD316152534DE ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
16:28:16.0301 3668 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok
16:28:16.0317 3668 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
16:28:16.0317 3668 C:\Windows\System32\MSMPEG2ENC.DLL - ok
16:28:16.0317 3668 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
16:28:16.0317 3668 C:\Windows\System32\devenum.dll - ok
16:28:16.0317 3668 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
16:28:16.0317 3668 C:\Windows\System32\msdmo.dll - ok
16:28:16.0317 3668 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
16:28:16.0317 3668 C:\Windows\System32\upnphost.dll - ok
16:28:16.0317 3668 [ C39A98ED2AC51DEA729EC7256035FE9B ] C:\Windows\SysWOW64\LXEBsm.dll
16:28:16.0317 3668 C:\Windows\SysWOW64\LXEBsm.dll - ok
16:28:16.0333 3668 [ 15637C31362F017E6DDE6200AE96AE07 ] C:\Windows\SysWOW64\LXEBsmr.dll
16:28:16.0333 3668 C:\Windows\SysWOW64\LXEBsmr.dll - ok
16:28:16.0333 3668 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
16:28:16.0333 3668 C:\Windows\SysWOW64\AudioSes.dll - ok
16:28:16.0333 3668 [ AA0B1A7B4750F655936F2F82B5E84428 ] C:\Windows\System32\CX64AP40.dll
16:28:16.0333 3668 C:\Windows\System32\CX64AP40.dll - ok
16:28:16.0333 3668 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
16:28:16.0333 3668 C:\Windows\System32\WMALFXGFXDSP.dll - ok
16:28:16.0333 3668 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
16:28:16.0333 3668 C:\Windows\System32\AudioEng.dll - ok
16:28:16.0348 3668 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
16:28:16.0348 3668 C:\Windows\System32\AUDIOKSE.dll - ok
16:28:16.0348 3668 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
16:28:16.0348 3668 C:\Windows\System32\udhisapi.dll - ok
16:28:16.0348 3668 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
16:28:16.0348 3668 C:\Windows\System32\ksuser.dll - ok
16:28:16.0348 3668 [ 03E0955A7D8E5E74E7F6986A56A66196 ] C:\Windows\System32\MaxxAudioAPO30.dll
16:28:16.0348 3668 C:\Windows\System32\MaxxAudioAPO30.dll - ok
16:28:16.0348 3668 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
16:28:16.0348 3668 C:\Windows\SysWOW64\msimtf.dll - ok
16:28:16.0364 3668 [ 82586704868E3ABB382CAE303B41E8B7 ] C:\Windows\SysWOW64\jscript9.dll
16:28:16.0364 3668 C:\Windows\SysWOW64\jscript9.dll - ok
16:28:16.0364 3668 [ 64CA3862D74EA610CD64DC6AD652DB5E ] C:\Windows\SysWOW64\d2d1.dll
16:28:16.0364 3668 C:\Windows\SysWOW64\d2d1.dll - ok
16:28:16.0364 3668 [ 6B5742C830FFADBD9F1BA7AC7B29BB57 ] C:\Windows\SysWOW64\DWrite.dll
16:28:16.0364 3668 C:\Windows\SysWOW64\DWrite.dll - ok
16:28:16.0364 3668 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] C:\Windows\System32\FntCache.dll
16:28:16.0364 3668 C:\Windows\System32\FntCache.dll - ok
16:28:16.0379 3668 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
16:28:16.0379 3668 C:\Windows\SysWOW64\dxgi.dll - ok
16:28:16.0379 3668 [ 6E05F39AF5B91CEE0D2A84501EEEDBD8 ] C:\Windows\SysWOW64\d3d10_1.dll
16:28:16.0379 3668 C:\Windows\SysWOW64\d3d10_1.dll - ok
16:28:16.0379 3668 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
16:28:16.0379 3668 C:\Windows\SysWOW64\d3d10_1core.dll - ok
16:28:16.0379 3668 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
16:28:16.0379 3668 C:\Windows\SysWOW64\d3d10warp.dll - ok
16:28:16.0379 3668 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
16:28:16.0379 3668 C:\Windows\System32\drprov.dll - ok
16:28:16.0395 3668 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
16:28:16.0395 3668 C:\Windows\System32\ntlanman.dll - ok
16:28:16.0395 3668 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
16:28:16.0395 3668 C:\Windows\System32\davclnt.dll - ok
16:28:16.0395 3668 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
16:28:16.0395 3668 C:\Windows\System32\davhlpr.dll - ok
16:28:16.0395 3668 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
16:28:16.0395 3668 C:\Windows\System32\drt.dll - ok
16:28:16.0395 3668 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
16:28:16.0395 3668 C:\Windows\System32\drttransport.dll - ok
16:28:16.0411 3668 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
16:28:16.0411 3668 C:\Windows\SysWOW64\msls31.dll - ok
16:28:16.0411 3668 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
16:28:16.0411 3668 C:\Windows\System32\wbem\NCProv.dll - ok
16:28:16.0411 3668 [ 0C15DB6FF927935F0ECA52FEEA40E6C2 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
16:28:16.0411 3668 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
16:28:16.0411 3668 [ 3C06536A9AA332E9E0CEBDE5A596822A ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
16:28:16.0411 3668 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
16:28:16.0426 3668 [ 7F19838AC317C34FCED020BE529AF71E ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
16:28:16.0426 3668 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
16:28:16.0426 3668 [ F49210D92D29DD5B6B34037BE888654A ] C:\Program Files\TOSHIBA\ReelTime\ReelTimeRemoteStorage.dll
16:28:16.0426 3668 C:\Program Files\TOSHIBA\ReelTime\ReelTimeRemoteStorage.dll - ok
16:28:16.0426 3668 [ 5A4B1828E7CECC9C41C64F1A8142F42A ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcm90.dll
16:28:16.0426 3668 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcm90.dll - ok
16:28:16.0426 3668 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
16:28:16.0426 3668 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
16:28:16.0426 3668 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
16:28:16.0426 3668 C:\Windows\System32\riched20.dll - ok
16:28:16.0442 3668 [ 9DAAD9A3B59061C5B58FD64F524FB879 ] C:\Program Files\TOSHIBA\ReelTime\DataProcess.DLL
16:28:16.0442 3668 C:\Program Files\TOSHIBA\ReelTime\DataProcess.DLL - ok
16:28:16.0442 3668 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
16:28:16.0442 3668 C:\Windows\System32\shfolder.dll - ok
16:28:16.0442 3668 [ 2898035F522BA2989BBA8B9CFB020FD2 ] C:\Program Files\AVAST Software\Avast\defs\12121301\aspColl.dll
16:28:16.0442 3668 C:\Program Files\AVAST Software\Avast\defs\12121301\aspColl.dll - ok
16:28:16.0442 3668 [ 71C321649B28638EE80A2EEB164C1DC8 ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
16:28:16.0442 3668 C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe - ok
16:28:16.0442 3668 [ E2107F227E1C174C20BEB7A51404BBAC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe
16:28:16.0442 3668 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe - ok
16:28:16.0457 3668 [ 17ED2224666F6F65F8054D84A3839E71 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll
16:28:16.0457 3668 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll - ok
16:28:16.0457 3668 [ EE338F7673C339D5497C97E86D1011A3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll
16:28:16.0457 3668 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll - ok
16:28:16.0457 3668 [ E3A4D59ED585226D381225521BF2A36D ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll
16:28:16.0457 3668 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll - ok
16:28:16.0457 3668 [ 449F7C92A14B7F50B898FC67202A326C ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe
16:28:16.0457 3668 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe - ok
16:28:16.0473 3668 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
16:28:16.0473 3668 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
16:28:16.0473 3668 [ E1CF79243D8262F935366ADFA253A0C1 ] C:\Windows\System32\wmi.dll
16:28:16.0473 3668 C:\Windows\System32\wmi.dll - ok
16:28:16.0473 3668 [ A5A70AF023570C1D26501B14338C1D6C ] C:\Windows\System32\browcli.dll
16:28:16.0473 3668 C:\Windows\System32\browcli.dll - ok
16:28:16.0473 3668 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
16:28:16.0473 3668 C:\Windows\System32\schedcli.dll - ok
16:28:16.0473 3668 [ E601860AA04CE2198DBC6AC2AF80AFF7 ] C:\Windows\System32\perfos.dll
16:28:16.0473 3668 C:\Windows\System32\perfos.dll - ok
16:28:16.0489 3668 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
16:28:16.0489 3668 C:\Windows\System32\security.dll - ok
16:28:16.0489 3668 [ E7BD23BEC69CF23436EEDE9B18DE186D ] C:\Windows\System32\mshtml.dll
16:28:16.0489 3668 C:\Windows\System32\mshtml.dll - ok
16:28:16.0489 3668 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
16:28:16.0489 3668 C:\Windows\System32\msimtf.dll - ok
16:28:16.0489 3668 [ 95F8353F1408F3E637A4CE5E976F1798 ] C:\Windows\System32\d2d1.dll
16:28:16.0489 3668 C:\Windows\System32\d2d1.dll - ok
16:28:16.0504 3668 [ 9422A7C7D41E3255286EA0C69FA8C607 ] C:\Windows\System32\DWrite.dll
16:28:16.0504 3668 C:\Windows\System32\DWrite.dll - ok
16:28:16.0504 3668 [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll
16:28:16.0504 3668 C:\Windows\System32\d3d10warp.dll - ok
16:28:16.0504 3668 [ 332851CD2A34C1464ADF50BED5E8971D ] C:\Windows\System32\igdumd64.dll
16:28:16.0504 3668 C:\Windows\System32\igdumd64.dll - ok
16:28:16.0504 3668 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:28:16.0504 3668 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
16:28:16.0504 3668 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
16:28:16.0504 3668 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
16:28:16.0520 3668 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
16:28:16.0520 3668 C:\Windows\SysWOW64\mscoree.dll - ok
16:28:16.0520 3668 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:28:16.0520 3668 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
16:28:16.0520 3668 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
16:28:16.0520 3668 C:\Windows\System32\msvcr100_clr0400.dll - ok
16:28:16.0520 3668 [ E4024CCF225A936207294DE50925D4F6 ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll
16:28:16.0520 3668 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll - ok
16:28:16.0535 3668 [ 2ED1786B7542CDA261029F6B526EDF44 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:28:16.0535 3668 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
16:28:16.0535 3668 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
16:28:16.0535 3668 C:\Windows\System32\sppsvc.exe - ok
16:28:16.0535 3668 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
16:28:16.0535 3668 C:\Windows\System32\drivers\spsys.sys - ok
16:28:16.0535 3668 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
16:28:16.0535 3668 C:\Windows\System32\wscsvc.dll - ok
16:28:16.0535 3668 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
16:28:16.0535 3668 C:\Windows\System32\sppwinob.dll - ok
16:28:16.0551 3668 [ 91B8C8F46E4ED4B4DFD5952533A692EF ] C:\Windows\System32\wuapi.dll
16:28:16.0551 3668 C:\Windows\System32\wuapi.dll - ok
16:28:16.0551 3668 [ 9DF12EDBC698B0BC353B3EF84861E430 ] C:\Windows\System32\wuaueng.dll
16:28:16.0551 3668 C:\Windows\System32\wuaueng.dll - ok
16:28:16.0551 3668 [ BD47117CFDAB2879C8BED5E92F649CA2 ] C:\Windows\System32\wups.dll
16:28:16.0551 3668 C:\Windows\System32\wups.dll - ok
16:28:16.0551 3668 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
16:28:16.0551 3668 C:\Windows\System32\mspatcha.dll - ok
16:28:16.0567 3668 [ A2D6D81390BB6054CA6EE3018BE67E75 ] C:\Windows\System32\wups2.dll
16:28:16.0567 3668 C:\Windows\System32\wups2.dll - ok
16:28:16.0567 3668 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
16:28:16.0567 3668 C:\Windows\SysWOW64\wscproxystub.dll - ok
16:28:16.0567 3668 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
16:28:16.0567 3668 C:\Windows\System32\sppobjs.dll - ok
16:28:16.0567 3668 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:28:16.0567 3668 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok
16:28:16.0582 3668 [ D480C9220BFE667DE65A46CDE80EA7E9 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
16:28:16.0582 3668 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll - ok
16:28:16.0582 3668 [ 122F89E0905FC656D56F65CD7A2E9B4D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
16:28:16.0582 3668 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll - ok
16:28:16.0582 3668 ============================================================
16:28:16.0582 3668 Scan finished
16:28:16.0582 3668 ============================================================
16:28:16.0598 3680 Detected object count: 1
16:28:16.0598 3680 Actual detected object count: 1
16:28:42.0213 3680 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
16:28:42.0213 3680 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

Greetings

ThaT file is fine and is part of combofix

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe

This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

• In your next post I need the following
  
  
• report from Combofix
• let me know of any problems you may have had
• How is the computer doing now after running the script?

Gringo

The very first test I did redirected this time. Once again it was a Wikipea link. I searched Google for "Titanium" and the first link is to http://en.wikipedia.org/wiki/Titanium but I was redirected to http://www.feedsmixer.org/s.php?k=titanium&adid=13752&ts=1001SMA_B5&subid=263328-180763-235-27681&click=1615196567-4125.3f45.50ca89a5.147a&ref=http://busines-search.in/index.php?search=titanium

It's also cleared the theme running in Firefox but that's an easy fix


ComboFix 12-12-13.02 - admin 12/13/2012 20:50:17.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.2397 [GMT -5:00]
Running from: c:\users\admin\Desktop\Troubleshooting logs\ComboFix.exe
Command switches used :: c:\users\admin\Desktop\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-11-14 to 2012-12-14 )))))))))))))))))))))))))))))))
.
.
2012-12-14 01:57 . 2012-12-14 01:57 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-12-14 01:57 . 2012-12-14 01:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-12 13:01 . 2012-12-12 13:01 12872 ----a-w- c:\windows\system32\bootdelete.exe
2012-12-12 12:53 . 2012-12-12 13:02 -------- d-----w- c:\programdata\HitmanPro
2012-12-12 10:25 . 2012-12-12 10:25 -------- d-----w- c:\program files (x86)\VS Revo Group
2012-12-12 10:09 . 2012-12-13 21:21 -------- d-----w- c:\users\admin\AppData\Roaming\Abine
2012-12-12 03:23 . 2009-07-13 22:41 301568 ----a-w- c:\program files\Microsoft Games\More Games\MoreGames.dll
2012-12-12 03:21 . 2009-06-10 20:35 145792 ----a-w- c:\windows\system32\drivers\E1G6032E.sys
2012-12-12 02:19 . 2012-12-12 02:19 9728 ----a-w- c:\windows\system32\Native.exe
2012-12-11 19:41 . 2012-12-11 19:41 41984 ----a-w- c:\windows\SysWow64\agremove.exe
2012-12-11 12:52 . 2012-12-11 12:58 -------- d-----w- c:\program files\Google
2012-12-07 15:33 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2012-12-06 15:42 . 2012-12-06 15:42 -------- d-----w- c:\program files\Uninstall Information
2012-12-04 16:21 . 2012-12-04 16:31 -------- d-----w- c:\programdata\Ad-Aware Antivirus
2012-12-04 16:13 . 2012-12-04 16:13 -------- d-----w- c:\users\admin\AppData\Roaming\LavasoftStatistics
2012-12-04 16:11 . 2012-12-11 19:38 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
2012-12-04 16:11 . 2012-12-04 16:11 -------- d-----w- c:\programdata\Lavasoft
2012-12-04 16:10 . 2012-12-04 16:10 -------- d-----w- c:\users\admin\AppData\Local\adawarebp
2012-12-04 16:10 . 2012-12-11 19:35 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2012-12-04 16:10 . 2012-12-11 19:36 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2012-12-04 16:10 . 2012-12-11 19:36 -------- d-----w- c:\program files (x86)\adawaretb
2012-12-04 16:09 . 2012-12-06 02:23 -------- d-----w- c:\users\admin\AppData\Roaming\Ad-Aware Antivirus
2012-12-03 03:10 . 2012-12-11 19:35 -------- d-----w- c:\program files\Lexmark Tools for Office
2012-12-03 03:09 . 2009-12-09 20:26 1331712 ----a-w- c:\windows\system32\lxebusb1.dll
2012-12-03 03:09 . 2009-12-09 20:23 515584 ----a-w- c:\windows\system32\lxebiesc.dll
2012-12-03 03:09 . 2009-12-09 20:23 557568 ----a-w- c:\windows\system32\lxebinpa.dll
2012-12-03 03:09 . 2010-04-14 19:56 1052328 ----a-w- c:\windows\system32\lxebcoms.exe
2012-12-03 03:09 . 2009-12-09 20:28 1631744 ----a-w- c:\windows\system32\lxebserv.dll
2012-12-03 03:09 . 2009-12-09 20:27 1104384 ----a-w- c:\windows\system32\lxebhbn3.dll
2012-12-03 03:09 . 2009-12-09 20:24 892416 ----a-w- c:\windows\system32\lxeblmpm.dll
2012-12-03 03:09 . 2009-12-09 20:24 1371648 ----a-w- c:\windows\system32\lxebcomc.dll
2012-11-26 20:16 . 2012-11-26 20:19 -------- d-----w- C:\TDSSKiller_Quarantine
2012-11-24 02:40 . 2012-11-24 02:40 -------- d-----w- C:\Recovery
2012-11-24 02:40 . 2012-11-24 02:40 -------- d-----w- C:\PerfLogs
2012-11-24 02:04 . 2012-12-12 02:19 -------- d-----w- C:\ReimageUndo
2012-11-24 01:44 . 2012-12-12 03:29 -------- d-----w- C:\rei
2012-11-24 01:44 . 2012-11-24 01:44 -------- d-----w- c:\program files\Reimage
2012-11-16 05:20 . 2010-11-21 04:06 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-16 05:20 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-16 05:20 . 2009-07-13 22:45 654928 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-16 05:20 . 2009-07-13 22:45 42064 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-16 05:11 . 2010-11-21 00:23 172544 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-16 05:11 . 2010-11-21 00:23 78848 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-16 05:11 . 2010-11-21 00:23 112128 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-16 05:11 . 2010-11-21 00:23 182784 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-16 05:11 . 2010-11-21 00:23 681472 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-16 05:11 . 2010-11-21 00:23 44544 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 05:11 . 2010-11-21 00:23 226816 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 04:28 . 2012-11-15 04:28 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2012-11-15 04:27 . 2012-11-15 04:27 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-11-15 04:27 . 2012-11-15 04:27 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-12 22:38 . 2012-03-31 17:08 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 22:38 . 2011-11-03 06:12 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-11 19:39 . 2012-06-13 20:29 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2012-11-10 08:42 . 2012-11-10 08:42 0 ----a-w- c:\windows\SysWow64\sho9F57.tmp
2012-10-30 23:51 . 2012-02-13 12:05 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 23:51 . 2012-02-26 05:15 21136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-10-30 23:51 . 2012-02-13 12:06 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 23:51 . 2012-02-13 12:06 262656 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-10-30 23:51 . 2012-02-13 12:05 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 23:51 . 2012-02-13 12:05 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 23:51 . 2012-02-13 12:06 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 23:51 . 2012-02-13 12:06 132864 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-10-30 23:51 . 2012-02-13 12:05 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 23:50 . 2012-02-13 12:05 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-30 23:50 . 2012-02-13 12:05 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-15 16:59 . 2012-02-26 05:15 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-09-29 23:54 . 2012-03-08 02:57 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-19 12:19 . 2012-06-13 20:31 13160 ----a-w- c:\windows\SysWow64\Upgrd.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\admin\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-07-12 1298816]
"NortonOnlineBackupReminder"="c:\program files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" [2011-06-22 3218864]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2012-11-15 296096]
.
c:\users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-02 250984]
R3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2011-07-09 307304]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-11 1255736]
R4 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R4 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R4 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R4 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2011-11-28 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-06-24 482384]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-12-12 140672]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-13 27136]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2012-10-30 133912]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 lxeb_device;lxeb_device;c:\windows\system32\lxebcoms.exe [2010-04-14 1052328]
S2 lxebCATSCustConnectService;lxebCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe [2010-04-14 45736]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2011-07-19 126392]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2011-05-24 294848]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2009-06-15 12800]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-01-05 1109096]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-12 57216]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-10 138152]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 22:38]
.
2012-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-09 20:46]
.
2012-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-09 20:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-09 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-09 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-09 416024]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2011-03-25 310912]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-07-01 562304]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2011-06-10 710560]
"TosNC"="c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"lxebmon.exe"="c:\program files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe" [2010-05-05 770728]
"EzPrint"="c:\program files (x86)\Lexmark Pro200-S500 Series\ezprint.exe" [2010-05-05 148280]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=10363A2B5C0E90878B166850BE2080FE
mLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\
FF - prefs.js: browser.search.selectedEngine - Reimage Search
FF - prefs.js: keyword.URL - hxxp://search.reimageplus.com/?sp=reimb&q=
FF - ExtSQL: 2012-11-11 16:50; {c1970c0d-dbe6-4d91-804f-c9c0de643a57}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{c1970c0d-dbe6-4d91-804f-c9c0de643a57}.xpi
FF - ExtSQL: 2012-11-11 16:54; {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF - ExtSQL: 2012-11-11 17:07; {dd3d7613-0246-469d-bc65-2a3cc1668adc}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi
FF - ExtSQL: 2012-11-11 17:08; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2012-11-26 14:56; infoatoms@infoatoms.com; c:\program files (x86)\Mozilla Firefox\extensions\infoatoms@infoatoms.com
FF - ExtSQL: 2012-12-04 10:54; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-12-04 10:55; adblockpopups@jessehakanen.net; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\adblockpopups@jessehakanen.net.xpi
FF - ExtSQL: 2012-12-04 11:10; {87934c42-161d-45bc-8cef-ef18abe2a30c}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
FF - ExtSQL: 2012-12-04 11:10; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
FF - ExtSQL: 2012-12-12 05:09; {cd617375-6743-4ee8-bac4-fbf10f35729e}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
FF - ExtSQL: 2012-12-12 05:09; {ada4b710-8346-4b82-8199-5de2b400a6ae}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF - ExtSQL: 2012-12-12 05:09; {5546F97E-11A5-46b0-9082-32AD74AAA920}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{5546F97E-11A5-46b0-9082-32AD74AAA920}.xpi
FF - ExtSQL: 2012-12-12 05:09; {3d7eb24f-2740-49df-8937-200b1cc08f8a}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
FF - ExtSQL: 2012-12-12 05:09; firefox@ghostery.com; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\firefox@ghostery.com
FF - ExtSQL: 2012-12-12 05:09; en-US@dictionaries.addons.mozilla.org; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\en-US@dictionaries.addons.mozilla.org
FF - ExtSQL: 2012-12-12 05:09; browserprotect@browserprotect.com; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\browserprotect@browserprotect.com.xpi
FF - ExtSQL: 2012-12-12 05:09; abine@abine.com; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\abine@abine.com
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
SafeBoot-38486767.sys
AddRemove-Chiefs - c:\windows\system32\ssunstl.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]
"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-13 20:58:45
ComboFix-quarantined-files.txt 2012-12-14 01:58
ComboFix2.txt 2012-12-12 20:56
.
Pre-Run: 480,278,888,448 bytes free
Post-Run: 480,216,559,616 bytes free
.
- - End Of File - - 6AB0CF643C2B4745F4F05BCA2E487FC4

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.

• Double click on OTL.exe to run it.
• Under Output, ensure that Minimal Output is selected.
• Under Extra Registry section, select Use SafeList.
• Click the Scan All Users checkbox.
• Click on Run Scan at the top left hand corner.
• When done, two Notepad files will open.
  
  • OTL.txt <-- Will be opened and the that I need posted back here
  • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
• Please post the contents of OTL.txt in your next reply.

Gringo

OTL logfile created on: 12/13/2012 10:32:28 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\admin\Desktop\Troubleshooting logs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.95 Gb Total Physical Memory | 2.12 Gb Available Physical Memory | 53.72% Memory free
7.90 Gb Paging File | 6.15 Gb Available in Paging File | 77.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 580.03 Gb Total Space | 448.18 Gb Free Space | 77.27% Space Free | Partition Type: NTFS

Computer Name: ADMIN-PC | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\admin\Desktop\Troubleshooting logs\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebdrs.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebscw.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebdatr.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcats.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcaps.dll ()
MOD - C:\Windows\SysWOW64\LXEBsmr.dll ()
MOD - C:\Windows\SysWOW64\LXEBsm.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV:64bit: - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
SRV:64bit: - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (lxeb_device) -- C:\Windows\SysNative\lxebcoms.exe ( )
SRV:64bit: - (lxebCATSCustConnectService) -- C:\windows\SysNative\spool\DRIVERS\x64\3\\lxebserv.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (PCCUJobMgr) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe (Symantec Corporation)
SRV - (TMachInfo) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (lxebCATSCustConnectService) -- C:\windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe ()
SRV - (lxeb_device) -- C:\Windows\SysWOW64\lxebcoms.exe ( )
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswNdis2) -- C:\windows\SysNative\drivers\aswNdis2.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (aswFW) -- C:\windows\SysNative\drivers\aswFW.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (PGEffect) -- C:\Windows\SysNative\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RTL8192Ce) -- C:\Windows\SysNative\drivers\rtl8192ce.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\drivers\tos_sps64.sys (TOSHIBA Corporation)
DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV:64bit: - (QIOMem) -- C:\Windows\SysNative\drivers\QIOMem.sys (TOSHIBA)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{ED99A0D7-8112-4976-A78C-A934A5DB0C9F}: "URL" = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{ED99A0D7-8112-4976-A78C-A934A5DB0C9F}: "URL" = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=10363A2B5C0E90878B166850BE2080FE
IE - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000\..\SearchScopes\{43760F1F-7379-4722-BE03-0008D98629B3}: "URL" = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
IE - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000\..\SearchScopes\{476746F2-E4D6-4C50-BE89-D99BADE081B5}: "URL" = http://search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,105,0_0,Search,20120835,6900,0,6,0
IE - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000\..\SearchScopes\{CD2FDA1C-E9F6-43FA-96AE-8C207646E060}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
IE - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000\..\SearchScopes\{CE559DE7-0516-4702-A59A-87637AD0D534}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=PGL&o=102946&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=6J&apn_dtid=YYYYYYYYUS&apn_uid=9f280560-175b-4dc2-9134-b402f1be91d1&apn_sauid=59082997-C033-4231-8C58-4D22C9A90476
IE - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000\..\SearchScopes\{ED99A0D7-8112-4976-A78C-A934A5DB0C9F}: "URL" = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
IE - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Reimage Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.5
FF - prefs.js..extensions.enabledAddons: bsxayutcka%40bsxayutcka.org:2.5
FF - prefs.js..extensions.enabledAddons: oldfactory_options%40www.theme-oasis.org:4.1.8
FF - prefs.js..extensions.enabledAddons: %7B87934c42-161d-45bc-8cef-ef18abe2a30c%7D:2.2
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20120926
FF - prefs.js..extensions.enabledAddons: %7Bc1970c0d-dbe6-4d91-804f-c9c0de643a57%7D:1.3.2.13
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7Bdd3d7613-0246-469d-bc65-2a3cc1668adc%7D:1.0.3
FF - prefs.js..extensions.enabledAddons: %7Bcd617375-6743-4ee8-bac4-fbf10f35729e%7D:2.9.4
FF - prefs.js..extensions.enabledAddons: %7Bada4b710-8346-4b82-8199-5de2b400a6ae%7D:2.0.2
FF - prefs.js..extensions.enabledAddons: %7B5546F97E-11A5-46b0-9082-32AD74AAA920%7D:0.6.3
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.15.1
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.3
FF - prefs.js..extensions.enabledAddons: en-US%40dictionaries.addons.mozilla.org:6.0
FF - prefs.js..extensions.enabledAddons: browserprotect%40browserprotect.com:1.1.3
FF - prefs.js..extensions.enabledAddons: infoatoms%40infoatoms.com:1.4.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: "http://search.reimageplus.com/?sp=reimb&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fbphotozoom@installdaddy.com: C:\Program Files (x86)\fbphotozoom\fbphotozoom13.xpi [2012/03/07 20:43:20 | 000,102,233 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/12/11 14:36:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/12/11 14:36:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/08 11:50:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/12/11 14:36:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/12 01:24:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/12 01:24:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/04/06 21:14:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Extensions
[2012/06/27 18:39:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\extensions
[2012/06/27 18:39:17 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012/12/12 05:27:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions
[2012/12/11 14:35:22 | 000,000,000 | ---D | M] (Ad-Aware Security Add-on) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2012/11/11 17:08:51 | 000,000,000 | ---D | M] (WOT) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/12/12 05:09:37 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2012/12/12 05:09:43 | 000,000,000 | ---D | M] (PrivacySuite) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\abine@abine.com
[2012/12/12 05:09:39 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\en-US@dictionaries.addons.mozilla.org
[2012/12/12 05:09:39 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\firefox@ghostery.com
[2012/12/11 14:35:24 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012/10/04 08:27:30 | 000,000,000 | ---D | M] (OldFactory) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\oldfactory@www.theme-oasis.org
[2012/10/04 08:27:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\oldfactory@www.theme-oasis.org\chrome\oldfactory\mozapps\extensions
[2012/12/04 10:55:57 | 000,124,993 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\adblockpopups@jessehakanen.net.xpi
[2012/12/12 05:09:39 | 000,047,822 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\browserprotect@browserprotect.com.xpi
[1832/11/28 23:30:07 | 000,004,816 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\bsxayutcka@bsxayutcka.org.xpi
[2012/10/04 08:27:42 | 000,017,848 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\oldfactory_options@www.theme-oasis.org.xpi
[2012/12/12 05:09:37 | 000,097,169 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
[2012/12/12 05:09:37 | 000,046,721 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{5546F97E-11A5-46b0-9082-32AD74AAA920}.xpi
[2012/11/11 16:50:26 | 000,017,971 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{c1970c0d-dbe6-4d91-804f-c9c0de643a57}.xpi
[2012/12/12 05:09:37 | 000,065,551 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
[2012/12/04 10:54:59 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/11/11 16:54:50 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2012/11/28 16:23:03 | 000,077,690 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi
[2010/01/01 04:00:00 | 000,001,884 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\oldfactory@www.theme-oasis.org\chrome\oldfactory\mozapps\xpinstall\xpinstallConfirm.css
[2010/01/01 04:00:00 | 000,001,302 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\oldfactory@www.theme-oasis.org\chrome\oldfactory\mozapps\xpinstall\xpinstallItemGeneric.png
[2012/12/12 01:24:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/12/12 01:24:14 | 000,000,000 | ---D | M] (InfoAtoms) -- C:\Program Files (x86)\Mozilla Firefox\extensions\infoatoms@infoatoms.com
[2012/12/12 01:24:30 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/12/04 11:10:43 | 000,000,616 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml
[2012/09/05 20:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/08 11:35:32 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaoogkegifphegmijllodbiilpkfgc\7.14.1.0_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adhmhclafdhfabmmglbcngpddpdeijgd\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.4_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/12/12 15:54:46 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [lxebmon.exe] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe (Toshiba)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000..\Run: [Akamai NetSession Interface] C:\Users\admin\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A0AC69A-540D-47FA-B522-DADF24517D23}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/13 20:58:47 | 000,000,000 | ---D | C] -- C:\windows\temp
[2012/12/12 15:46:20 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2012/12/12 15:46:20 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2012/12/12 15:46:20 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2012/12/12 15:46:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/12/12 15:46:01 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2012/12/12 14:41:28 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\RK_Quarantine
[2012/12/12 12:44:55 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\Troubleshooting logs
[2012/12/12 08:01:53 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\windows\SysNative\bootdelete.exe
[2012/12/12 07:53:15 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/12/12 05:25:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2012/12/12 05:25:34 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/12/12 05:09:50 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Abine
[2012/12/12 01:24:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/12/11 14:46:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
[2012/12/11 14:41:04 | 000,041,984 | ---- | C] (Absolute Software Corp.) -- C:\windows\SysWow64\agremove.exe
[2012/12/11 08:09:12 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\backup
[2012/12/11 07:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/12/06 11:25:33 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\rkill
[2012/12/06 10:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstall Information
[2012/12/05 20:26:57 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\{6106B576-3279-4B19-984A-0D43736FA974}
[2012/12/04 11:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2012/12/04 11:13:57 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\LavasoftStatistics
[2012/12/04 11:11:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2012/12/04 11:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012/12/04 11:11:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2012/12/04 11:10:53 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\adawarebp
[2012/12/04 11:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012/12/04 11:10:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2012/12/04 11:10:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb
[2012/12/04 11:09:28 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Ad-Aware Antivirus
[2012/12/02 22:20:55 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\{7234033E-4E03-4167-A4C8-E450E4856995}
[2012/12/02 22:10:51 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Tools for Office
[2012/11/27 22:24:29 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\{CF7E36B5-A415-494B-9DD5-AE8BD36B9AAF}
[2012/11/26 15:16:09 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/11/23 21:40:05 | 000,000,000 | ---D | C] -- C:\Recovery
[2012/11/23 21:40:05 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2012/11/23 21:04:00 | 000,000,000 | ---D | C] -- C:\ReimageUndo
[2012/11/23 20:44:27 | 000,000,000 | ---D | C] -- C:\rei
[2012/11/23 20:44:22 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
[2012/11/20 14:59:23 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\Templates
[2012/11/16 00:20:10 | 000,042,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdfLdr.sys
[2012/11/16 00:20:10 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wdfres.dll
[2012/11/16 00:14:38 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/11/16 00:14:37 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/11/16 00:14:35 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/11/16 00:14:35 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/11/16 00:14:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/11/16 00:14:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/11/16 00:14:35 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/11/16 00:14:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/11/16 00:14:34 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/11/16 00:14:34 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/11/16 00:14:34 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/11/16 00:14:33 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2012/11/16 00:14:30 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/11/16 00:14:30 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/11/16 00:14:30 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2012/11/16 00:11:24 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFPlatform.dll
[2012/11/16 00:11:22 | 000,681,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFx.dll
[2012/11/16 00:11:22 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFHost.exe
[2012/11/16 00:11:22 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFCoinstaller.dll
[2012/11/15 18:54:56 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore6.dll
[2012/11/15 18:54:56 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dhcpcore6.dll
[2012/11/15 18:54:55 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcsvc6.dll
[2012/11/15 18:54:47 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll
[2012/11/15 18:54:47 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
[2012/11/15 18:54:46 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcorehc.dll
[2012/11/15 18:54:45 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcorehc.dll
[2012/11/15 18:54:44 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netevent.dll
[2012/11/15 18:54:43 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netevent.dll
[2012/11/15 18:54:06 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\synceng.dll
[2012/11/15 18:54:06 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\synceng.dll
[2012/11/14 23:45:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UMPlayer
[2012/11/14 23:28:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2012/11/14 23:28:36 | 000,198,864 | ---- | C] (RealNetworks, Inc.) -- C:\windows\SysWow64\rmoc3260.dll
[2012/11/14 23:27:55 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\windows\SysWow64\pndx5016.dll
[2012/11/14 23:27:55 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\windows\SysWow64\pndx5032.dll
[2012/11/14 23:27:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2012/11/14 23:27:54 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\windows\SysWow64\pncrt.dll
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/13 21:58:00 | 000,000,896 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/13 21:38:01 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/12/13 20:45:17 | 000,001,188 | ---- | M] () -- C:\Users\admin\Desktop\ComboFix - Shortcut.lnk
[2012/12/13 17:23:45 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/13 17:23:45 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/13 17:16:15 | 000,000,892 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/13 17:15:51 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/12/13 17:15:50 | 543,133,264 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/12/13 17:15:49 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/12 17:38:11 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/12/12 17:38:11 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/12/12 15:54:46 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2012/12/12 08:01:53 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\windows\SysNative\bootdelete.exe
[2012/12/12 05:25:34 | 000,001,239 | ---- | M] () -- C:\Users\admin\Desktop\Revo Uninstaller.lnk
[2012/12/12 00:24:49 | 000,797,632 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/12/12 00:24:49 | 000,673,622 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/12/12 00:24:49 | 000,126,032 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/12/11 22:33:25 | 000,445,120 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/12/11 22:32:53 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\reimage.rep
[2012/12/11 22:19:38 | 000,000,179 | ---- | M] () -- C:\windows\reimage.ini
[2012/12/11 22:19:25 | 000,001,425 | ---- | M] () -- C:\Users\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/12/11 21:19:42 | 000,009,728 | ---- | M] () -- C:\windows\SysNative\Native.exe
[2012/12/11 14:46:47 | 000,001,912 | ---- | M] () -- C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
[2012/12/11 14:42:09 | 000,001,969 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/12/11 14:42:06 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
[2012/12/11 14:41:14 | 000,041,984 | ---- | M] (Absolute Software Corp.) -- C:\windows\SysWow64\agremove.exe
[2012/12/11 14:39:31 | 000,017,920 | ---- | M] () -- C:\windows\SysNative\rpcnetp.exe
[2012/11/14 23:45:25 | 000,000,982 | ---- | M] () -- C:\Users\Public\Desktop\UMPlayer.lnk
[2012/11/14 23:29:00 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/11/14 23:28:36 | 000,198,864 | ---- | M] (RealNetworks, Inc.) -- C:\windows\SysWow64\rmoc3260.dll
[2012/11/14 23:27:55 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\windows\SysWow64\pndx5016.dll
[2012/11/14 23:27:55 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\windows\SysWow64\pndx5032.dll
[2012/11/14 23:27:54 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\windows\SysWow64\pncrt.dll
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/13 20:45:17 | 000,001,188 | ---- | C] () -- C:\Users\admin\Desktop\ComboFix - Shortcut.lnk
[2012/12/13 16:33:37 | 543,133,264 | ---- | C] () -- C:\windows\MEMORY.DMP
[2012/12/12 15:46:20 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/12/12 15:46:20 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/12/12 15:46:20 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/12/12 15:46:20 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/12/12 15:46:20 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/12/12 05:25:34 | 000,001,239 | ---- | C] () -- C:\Users\admin\Desktop\Revo Uninstaller.lnk
[2012/12/11 22:32:53 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\reimage.rep
[2012/12/11 22:23:21 | 000,001,391 | ---- | C] () -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/12/11 22:21:41 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012/12/11 21:19:42 | 000,009,728 | ---- | C] () -- C:\windows\SysNative\Native.exe
[2012/12/11 14:46:49 | 000,000,179 | ---- | C] () -- C:\windows\reimage.ini
[2012/12/11 14:46:47 | 000,001,912 | ---- | C] () -- C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
[2012/12/11 14:42:09 | 000,001,969 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/12/02 22:09:54 | 001,331,712 | ---- | C] ( ) -- C:\windows\SysNative\lxebusb1.dll
[2012/12/02 22:09:54 | 000,557,568 | ---- | C] ( ) -- C:\windows\SysNative\lxebinpa.dll
[2012/12/02 22:09:54 | 000,515,584 | ---- | C] ( ) -- C:\windows\SysNative\lxebiesc.dll
[2012/12/02 22:09:53 | 001,631,744 | ---- | C] ( ) -- C:\windows\SysNative\lxebserv.dll
[2012/12/02 22:09:53 | 001,371,648 | ---- | C] ( ) -- C:\windows\SysNative\lxebcomc.dll
[2012/12/02 22:09:53 | 001,104,384 | ---- | C] ( ) -- C:\windows\SysNative\lxebhbn3.dll
[2012/12/02 22:09:53 | 001,052,328 | ---- | C] ( ) -- C:\windows\SysNative\lxebcoms.exe
[2012/12/02 22:09:53 | 000,892,416 | ---- | C] ( ) -- C:\windows\SysNative\lxeblmpm.dll
[2012/11/16 00:20:13 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/16 00:11:22 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/14 23:29:00 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/09/03 17:03:36 | 000,004,096 | ---- | C] () -- C:\windows\d3dx.dat
[2012/08/31 13:58:24 | 000,002,126 | ---- | C] () -- C:\Users\admin\Expert PDF 7 Reader.lnk
[2012/06/21 20:36:32 | 000,001,001 | ---- | C] () -- C:\Users\admin\PDF Reader.lnk
[2012/06/03 15:24:43 | 000,029,184 | ---- | C] () -- C:\windows\SysWow64\ssunstl.exe
[2012/05/31 14:33:13 | 000,053,248 | ---- | C] () -- C:\windows\SysWow64\CommonDL.dll
[2012/05/31 14:33:13 | 000,002,413 | ---- | C] () -- C:\windows\SysWow64\lgAxconfig.ini
[2012/04/20 15:04:10 | 000,000,187 | ---- | C] () -- C:\Users\admin\EPB Fiber Optics Email.url
[2012/03/07 18:59:26 | 000,000,918 | ---- | C] () -- C:\Users\admin\µTorrent.lnk
[2012/02/13 17:25:48 | 000,002,472 | ---- | C] () -- C:\Users\admin\Microsoft Word Starter 2010.lnk
[2012/02/11 23:30:11 | 000,002,016 | ---- | C] () -- C:\Users\admin\Launch Lexmark Printer Home.LNK
[2012/02/11 23:29:34 | 000,344,064 | ---- | C] () -- C:\windows\SysWow64\lxebcomx.dll
[2012/02/11 23:29:34 | 000,331,776 | ---- | C] () -- C:\windows\SysWow64\LXEBinst.dll
[2012/02/11 23:29:33 | 000,643,072 | ---- | C] ( ) -- C:\windows\SysWow64\lxebpmui.dll
[2012/02/11 23:29:33 | 000,364,544 | ---- | C] ( ) -- C:\windows\SysWow64\lxebinpa.dll
[2012/02/11 23:29:33 | 000,344,064 | ---- | C] ( ) -- C:\windows\SysWow64\lxebiesc.dll
[2012/02/11 23:29:33 | 000,323,584 | ---- | C] () -- C:\windows\SysWow64\lxebins.dll
[2012/02/11 23:29:33 | 000,262,144 | ---- | C] () -- C:\windows\SysWow64\lxebinsb.dll
[2012/02/11 23:29:33 | 000,106,496 | ---- | C] () -- C:\windows\SysWow64\lxebinsr.dll
[2012/02/11 23:29:33 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\lxebjswr.dll
[2012/02/11 23:29:33 | 000,036,864 | ---- | C] () -- C:\windows\SysWow64\lxebcur.dll
[2012/02/11 23:29:32 | 001,048,576 | ---- | C] ( ) -- C:\windows\SysWow64\lxebserv.dll
[2012/02/11 23:29:32 | 000,847,872 | ---- | C] ( ) -- C:\windows\SysWow64\lxebusb1.dll
[2012/02/11 23:29:32 | 000,577,536 | ---- | C] ( ) -- C:\windows\SysWow64\lxeblmpm.dll
[2012/02/11 23:29:32 | 000,324,264 | ---- | C] ( ) -- C:\windows\SysWow64\lxebih.exe
[2012/02/11 23:29:32 | 000,253,952 | ---- | C] () -- C:\windows\SysWow64\lxebcu.dll
[2012/02/11 23:29:32 | 000,090,112 | ---- | C] () -- C:\windows\SysWow64\lxebcub.dll
[2012/02/11 23:29:31 | 000,802,816 | ---- | C] ( ) -- C:\windows\SysWow64\lxebcomc.dll
[2012/02/11 23:29:31 | 000,688,128 | ---- | C] ( ) -- C:\windows\SysWow64\lxebhbn3.dll
[2012/02/11 23:29:31 | 000,598,696 | ---- | C] ( ) -- C:\windows\SysWow64\lxebcoms.exe
[2012/02/11 23:29:31 | 000,373,416 | ---- | C] ( ) -- C:\windows\SysWow64\lxebcfg.exe
[2012/02/11 23:29:31 | 000,372,736 | ---- | C] ( ) -- C:\windows\SysWow64\lxebcomm.dll
[2012/02/11 23:27:45 | 000,299,008 | ---- | C] () -- C:\windows\SysWow64\LXEBsm.dll
[2012/02/11 23:27:45 | 000,023,552 | ---- | C] () -- C:\windows\SysWow64\LXEBsmr.dll
[2012/02/10 01:34:05 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat
[2012/02/09 22:19:12 | 000,774,452 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/11/30 21:20:17 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2011/08/31 15:51:14 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2011/08/31 15:51:14 | 000,216,000 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2011/08/31 15:51:14 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2011/08/31 15:45:58 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2011/08/31 15:26:18 | 013,903,872 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2011/02/03 22:56:58 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll

========== ZeroAccess Check ==========

[2012/11/09 23:09:20 | 000,000,596 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\icons\@.png
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/20 19:23:56 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 19:24:04 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:E1D6C864
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:3D36932D

< End of report >

Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

• Double-click OTL.exe to start the program.
• Copy and Paste the following code into the textbox. Do not include the word Code
  

  :OTL
  FF - user.js - File not found
  FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
  FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
  O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
  O18:64bit: - Protocol\Handler\livecall - No CLSID value found
  O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
  O18:64bit: - Protocol\Handler\msnim - No CLSID value found
  O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
  O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
  O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
  O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
  O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:E1D6C864
  @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:3D36932D  
  IE - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000\..\SearchScopes\{CD2FDA1C-E9F6-43FA-96AE-8C207646E060}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
  IE - HKU\S-1-5-21-3527657060-2915619970-3660773253-1000\..\SearchScopes\{CE559DE7-0516-4702-A59A-87637AD0D534}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=PGL&o=102946&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=6J&apn_dtid=YYYYYYYYUS&apn_uid=9f280560-175b-4dc2-9134-b402f1be91d1&apn_sauid=59082997-C033-4231-8C58-4D22C9A90476
  FF - prefs.js..extensions.enabledAddons: bsxayutcka%40bsxayutcka.org:2.5
  [1832/11/28 23:30:07 | 000,004,816 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\bsxayutcka@bsxayutcka.org.xpi
  [2012/10/04 08:27:42 | 000,017,848 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\oldfactory_options@www.theme-oasis.org.xpi
  :Files
  ipconfig /flushdns /c
  :Commands
  [PURITY]
  [emptyjava]
  [EMPTYFLASH]
  [reboot]
  

• Then click the Run Fix button at the top.
• Click .
• OTL may ask to reboot the machine. Please do so if asked.
• The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Gringo

The OTL with your custom scan information did ask for a reboot, but did not open notepad with a report this time. Should i run the scan again and if so which one or what parameters?

This scan cleared a lot fo setting in Firefox, including all of the addons. Not a problem I can fix that later. I did test search on Google, and in 100 links it did not redirect me once.

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe

This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

• In your next post I need the following
  
  
• report from Combofix
• let me know of any problems you may have had
• How is the computer doing now after running the script?

Gringo

All programs seem to load and run normally, though many settings have been cleared. One of the addons in Firefox was deleted, easily fixed. Many computer settings changed, but again easily fixable if the ComboFix log below shows we are finished here. I will give this computer a stress test over the next couple days and let you know if anything else turns up. Assuming everything shows OK in the log and nothing else turns up I'd say we're good to go. Thank you so much for your help.


ComboFix 12-12-13.02 - admin 12/14/2012 0:20.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.2527 [GMT -5:00]
Running from: c:\users\admin\Desktop\Troubleshooting logs\ComboFix.exe
Command switches used :: c:\users\admin\Desktop\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-11-14 to 2012-12-14 )))))))))))))))))))))))))))))))
.
.
2012-12-14 05:25 . 2012-12-14 05:25 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-12-14 05:25 . 2012-12-14 05:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-14 04:17 . 2012-12-14 04:17 -------- d-----w- C:\_OTL
2012-12-12 13:01 . 2012-12-12 13:01 12872 ----a-w- c:\windows\system32\bootdelete.exe
2012-12-12 12:53 . 2012-12-12 13:02 -------- d-----w- c:\programdata\HitmanPro
2012-12-12 10:25 . 2012-12-12 10:25 -------- d-----w- c:\program files (x86)\VS Revo Group
2012-12-12 10:09 . 2012-12-13 21:21 -------- d-----w- c:\users\admin\AppData\Roaming\Abine
2012-12-12 03:23 . 2009-07-13 22:41 301568 ----a-w- c:\program files\Microsoft Games\More Games\MoreGames.dll
2012-12-12 03:21 . 2009-06-10 20:35 145792 ----a-w- c:\windows\system32\drivers\E1G6032E.sys
2012-12-12 02:19 . 2012-12-12 02:19 9728 ----a-w- c:\windows\system32\Native.exe
2012-12-11 19:41 . 2012-12-11 19:41 41984 ----a-w- c:\windows\SysWow64\agremove.exe
2012-12-11 12:52 . 2012-12-11 12:58 -------- d-----w- c:\program files\Google
2012-12-07 15:33 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2012-12-06 15:42 . 2012-12-06 15:42 -------- d-----w- c:\program files\Uninstall Information
2012-12-04 16:21 . 2012-12-04 16:31 -------- d-----w- c:\programdata\Ad-Aware Antivirus
2012-12-04 16:13 . 2012-12-04 16:13 -------- d-----w- c:\users\admin\AppData\Roaming\LavasoftStatistics
2012-12-04 16:11 . 2012-12-11 19:38 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
2012-12-04 16:11 . 2012-12-04 16:11 -------- d-----w- c:\programdata\Lavasoft
2012-12-04 16:10 . 2012-12-04 16:10 -------- d-----w- c:\users\admin\AppData\Local\adawarebp
2012-12-04 16:10 . 2012-12-11 19:35 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2012-12-04 16:10 . 2012-12-11 19:36 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2012-12-04 16:10 . 2012-12-11 19:36 -------- d-----w- c:\program files (x86)\adawaretb
2012-12-04 16:09 . 2012-12-06 02:23 -------- d-----w- c:\users\admin\AppData\Roaming\Ad-Aware Antivirus
2012-12-03 03:10 . 2012-12-11 19:35 -------- d-----w- c:\program files\Lexmark Tools for Office
2012-12-03 03:09 . 2009-12-09 20:26 1331712 ----a-w- c:\windows\system32\lxebusb1.dll
2012-12-03 03:09 . 2009-12-09 20:23 515584 ----a-w- c:\windows\system32\lxebiesc.dll
2012-12-03 03:09 . 2009-12-09 20:23 557568 ----a-w- c:\windows\system32\lxebinpa.dll
2012-12-03 03:09 . 2010-04-14 19:56 1052328 ----a-w- c:\windows\system32\lxebcoms.exe
2012-12-03 03:09 . 2009-12-09 20:28 1631744 ----a-w- c:\windows\system32\lxebserv.dll
2012-12-03 03:09 . 2009-12-09 20:27 1104384 ----a-w- c:\windows\system32\lxebhbn3.dll
2012-12-03 03:09 . 2009-12-09 20:24 892416 ----a-w- c:\windows\system32\lxeblmpm.dll
2012-12-03 03:09 . 2009-12-09 20:24 1371648 ----a-w- c:\windows\system32\lxebcomc.dll
2012-11-26 20:16 . 2012-11-26 20:19 -------- d-----w- C:\TDSSKiller_Quarantine
2012-11-24 02:40 . 2012-11-24 02:40 -------- d-----w- C:\Recovery
2012-11-24 02:40 . 2012-11-24 02:40 -------- d-----w- C:\PerfLogs
2012-11-24 02:04 . 2012-12-12 02:19 -------- d-----w- C:\ReimageUndo
2012-11-24 01:44 . 2012-12-12 03:29 -------- d-----w- C:\rei
2012-11-24 01:44 . 2012-11-24 01:44 -------- d-----w- c:\program files\Reimage
2012-11-16 05:20 . 2010-11-21 04:06 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-16 05:20 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-16 05:20 . 2009-07-13 22:45 654928 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-16 05:20 . 2009-07-13 22:45 42064 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-16 05:11 . 2010-11-21 00:23 172544 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-16 05:11 . 2010-11-21 00:23 78848 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-16 05:11 . 2010-11-21 00:23 112128 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-16 05:11 . 2010-11-21 00:23 182784 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-16 05:11 . 2010-11-21 00:23 681472 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-16 05:11 . 2010-11-21 00:23 44544 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 05:11 . 2010-11-21 00:23 226816 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 04:28 . 2012-11-15 04:28 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2012-11-15 04:27 . 2012-11-15 04:27 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-11-15 04:27 . 2012-11-15 04:27 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-12 22:38 . 2012-03-31 17:08 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 22:38 . 2011-11-03 06:12 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-11 19:39 . 2012-06-13 20:29 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2012-11-10 08:42 . 2012-11-10 08:42 0 ----a-w- c:\windows\SysWow64\sho9F57.tmp
2012-10-30 23:51 . 2012-02-13 12:05 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 23:51 . 2012-02-26 05:15 21136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-10-30 23:51 . 2012-02-13 12:06 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 23:51 . 2012-02-13 12:06 262656 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-10-30 23:51 . 2012-02-13 12:05 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 23:51 . 2012-02-13 12:05 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 23:51 . 2012-02-13 12:06 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 23:51 . 2012-02-13 12:06 132864 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-10-30 23:51 . 2012-02-13 12:05 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 23:50 . 2012-02-13 12:05 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-30 23:50 . 2012-02-13 12:05 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-15 16:59 . 2012-02-26 05:15 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-09-29 23:54 . 2012-03-08 02:57 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-19 12:19 . 2012-06-13 20:31 13160 ----a-w- c:\windows\SysWow64\Upgrd.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\admin\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-07-12 1298816]
"NortonOnlineBackupReminder"="c:\program files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" [2011-06-22 3218864]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2012-11-15 296096]
.
c:\users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-02 250984]
R3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2011-07-09 307304]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-11 1255736]
R4 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R4 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R4 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R4 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2011-11-28 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-06-24 482384]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-12-12 140672]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-13 27136]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2012-10-30 133912]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 lxeb_device;lxeb_device;c:\windows\system32\lxebcoms.exe [2010-04-14 1052328]
S2 lxebCATSCustConnectService;lxebCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe [2010-04-14 45736]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2011-07-19 126392]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2011-05-24 294848]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2009-06-15 12800]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-01-05 1109096]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-12 57216]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-10 138152]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 22:38]
.
2012-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-09 20:46]
.
2012-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-09 20:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-09 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-09 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-09 416024]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2011-03-25 310912]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-07-01 562304]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2011-06-10 710560]
"TosNC"="c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"lxebmon.exe"="c:\program files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe" [2010-05-05 770728]
"EzPrint"="c:\program files (x86)\Lexmark Pro200-S500 Series\ezprint.exe" [2010-05-05 148280]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=10363A2B5C0E90878B166850BE2080FE
mLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\
FF - prefs.js: browser.search.selectedEngine - Reimage Search
FF - ExtSQL: 2012-11-11 16:50; {c1970c0d-dbe6-4d91-804f-c9c0de643a57}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{c1970c0d-dbe6-4d91-804f-c9c0de643a57}.xpi
FF - ExtSQL: 2012-11-11 16:54; {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF - ExtSQL: 2012-11-11 17:07; {dd3d7613-0246-469d-bc65-2a3cc1668adc}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi
FF - ExtSQL: 2012-11-11 17:08; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2012-11-26 14:56; infoatoms@infoatoms.com; c:\program files (x86)\Mozilla Firefox\extensions\infoatoms@infoatoms.com
FF - ExtSQL: 2012-12-04 10:54; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-12-04 10:55; adblockpopups@jessehakanen.net; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\adblockpopups@jessehakanen.net.xpi
FF - ExtSQL: 2012-12-04 11:10; {87934c42-161d-45bc-8cef-ef18abe2a30c}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
FF - ExtSQL: 2012-12-04 11:10; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
FF - ExtSQL: 2012-12-12 05:09; {cd617375-6743-4ee8-bac4-fbf10f35729e}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
FF - ExtSQL: 2012-12-12 05:09; {ada4b710-8346-4b82-8199-5de2b400a6ae}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF - ExtSQL: 2012-12-12 05:09; {5546F97E-11A5-46b0-9082-32AD74AAA920}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{5546F97E-11A5-46b0-9082-32AD74AAA920}.xpi
FF - ExtSQL: 2012-12-12 05:09; {3d7eb24f-2740-49df-8937-200b1cc08f8a}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
FF - ExtSQL: 2012-12-12 05:09; firefox@ghostery.com; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\firefox@ghostery.com
FF - ExtSQL: 2012-12-12 05:09; en-US@dictionaries.addons.mozilla.org; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\en-US@dictionaries.addons.mozilla.org
FF - ExtSQL: 2012-12-12 05:09; browserprotect@browserprotect.com; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\browserprotect@browserprotect.com.xpi
FF - ExtSQL: 2012-12-12 05:09; abine@abine.com; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mifbw4f0.default\extensions\abine@abine.com
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
AddRemove-Chiefs - c:\windows\system32\ssunstl.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]
"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-14 00:27:24
ComboFix-quarantined-files.txt 2012-12-14 05:27
ComboFix2.txt 2012-12-14 01:58
ComboFix3.txt 2012-12-12 20:56
.
Pre-Run: 481,027,530,752 bytes free
Post-Run: 480,588,681,216 bytes free
.
- - End Of File - - F6402B1CDABD1440E3D965B0F466A293