Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Yet another Privitize VPN removal needed

Started by budbecks , Dec 24 2012 09:49 AM

This topic is locked

32 replies to this topic

#1 budbecks

Member

Members
34 posts

Posted 24 December 2012 - 09:49 AM

Hi all.

Well xmas came early for me and bad santa wrapped up Privitize VPN into a nice little package which was opened before xmas day !!

Ah well, these things happen and it not the first time such a thing has happened to me but it seems i cannot lose this one and he's took his boots off and making himself at home.

So browsing through this site it seems you guys are the people in the know and i've come to the right place. So if you would be so kind as to guide me through the removal it would make my xmas ! before i go mad

Thanks in advance

BC Ads
BleepingComputer.com

#2 budbecks

Member

Members
34 posts

Posted 24 December 2012 - 11:03 AM

defogger - disabled

Security check results

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Trend Micro Titanium Internet Security
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Adobe Flash Player 10 Flash Player out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

DDS results

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 13/07/2012 12:24:59
System Uptime: 24/12/2012 15:35:45 (1 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | K53Z
Processor: AMD A6-3420M APU with Radeon™ HD Graphics | P0 | 795/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 200 GiB total, 47.713 GiB free.
D: is FIXED (NTFS) - 240 GiB total, 225.692 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: DesignJet 5000 (C6090A)
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer: Hewlett-Packard
Name: DesignJet 5000 (C6090A)
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service:
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Atheros AR9485 Wireless Network Adapter
Device ID: PCI\VEN_168C&DEV_0032&SUBSYS_662711AD&REV_01\4&1E54FE3&0&0028
Manufacturer: Atheros Communications Inc.
Name: Atheros AR9485 Wireless Network Adapter
PNP Device ID: PCI\VEN_168C&DEV_0032&SUBSYS_662711AD&REV_01\4&1E54FE3&0&0028
Service: athr
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 4500 G510g-m
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet 4500 G510g-m
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID:
Description: DesignJet 5000 (C6090A)
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer:
Name: DesignJet 5000 (C6090A)
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
==== System Restore Points ===================
.
RP75: 20/12/2012 00:08:48 - Scheduled Checkpoint
RP76: 21/12/2012 03:00:34 - Windows Update
.
==== Installed Programs ======================
.
??? ActiveX ?? Windows Live Mesh ???? ??????? ???????
???? ??? Windows Live
???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ???????
???? Windows Live
????? Windows Live
?????? ??????? ?? Windows Live
??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????
??????? Windows Live Mesh ActiveX ???
???????? ?????????? Windows Live
?????????? Windows Live
4500_G510gm_Help
4500G510gm
4500G510gm_Software_Min
64 Bit HP CIO Components Installer
Acronis True Image WD Edition
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Creative Suite 6 Master Collection
Adobe Download Assistant
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Help Manager
Adobe Media Player
Adobe Photoshop CS5
Adobe Widget Browser
Adobe® Content Viewer
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD Media Foundation Decoders
AMD System Monitor
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASUS AI Recovery
ASUS FaceLogon
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS Power4Gear Hybrid
ASUS Sonic Focus
ASUS Splendid Video Enhancement Technology
ASUS USB Charger Plus
ASUS Virtual Camera
ASUS WebStorage
ASUS_Screensaver
AsusVibe2.0
ATK Package
µTorrent
avast! Free Antivirus
Belkin Network USB Hub Control Center
Bing Bar
bl
Bonjour
Bubbletown
BufferChm
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Mobile
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Control ActiveX de Windows Live Mesh para conexiones remotas
Controlo ActiveX do Windows Live Mesh para Ligações Remotas
Copernic Desktop Search - Home
Corel PaintShop Pro X5
CyberLink LabelPrint
CyberLink Media Suite
CyberLink Power2Go
D3DX10
Deadtime Stories
Destinations
DeviceDiscovery
DocMgr
DocProc
Dream Day First Home
Dream Vacation Solitaire
DriveImage XML (Private Edition)
ETDWare PS/2-X64 8.0.5.1_WHQL
Farm Frenzy 3 - Madagascar
Fast Boot
Fax
FileZilla Client 3.5.3
Galapago
Galeria de Fotografias do Windows Live
Galerie de photos Windows Live
Galería fotográfica de Windows Live
Game Park Console
Gas pipe sizing
GetDataBack for NTFS
Go Go Gourmet Chef of the Year
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
HDD Regenerator
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HP Customer Participation Program 13.0
HP Designjet 5500 Series
HP Document Manager 2.0
HP Imaging Device Functions 13.0
HP Officejet 4500 G510g-m
HP Smart Web Printing 4.5
HP Solution Center 13.0
HP Update
HP Web Registration
HPProductAssistant
HPSSupply
ICA
IPM_PSP_COM
iTunes
Java™ 7 Update 5 (64-bit)
Junk Mail filter update
Macrium Reflect Free Edition
Mahjong Memoirs
MarketResearch
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network64
Nuance PDF Reader
OCR Software by I.R.I.S. 13.0
PDF Settings CS5
PDF Settings CS6
Perfectly Clear Plugin 1.6.2
ph
Picasa 3
Picture Collage Maker Pro 2.1.7
Plants vs Zombies
PSPPContent
PSPPHelp
PSPPro64
Qualcomm Atheros WiFi Driver Installation
Raccolta foto di Windows Live
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Revo Uninstaller Pro 2.5.7
S?????? f?t???af??? t?? Windows Live
Samsung AllShare
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Serviio
Setup
Shop for HP Supplies
Skype Click to Call
Skype™ 6.0
SmartWebPrinting
SolutionCenter
Spybot - Search & Destroy
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??
Status
TomTom HOME
TomTom HOME Visual Studio Merge Modules
Toolbox
Topaz Adjust 5
Topaz Adjust 5 (64-bit)
Topaz B&W Effects
Topaz B&W Effects (64-bit)
Topaz Clean 3
Topaz Clean 3 (64-bit)
Topaz DeJpeg 4
Topaz DeJpeg 4 (64-bit)
Topaz DeNoise 5
Topaz DeNoise 5 (64-bit)
Topaz Detail 2
Topaz Detail 2 (64-bit)
Topaz Fusion Express 2
Topaz Fusion Express 2 (64-bit)
Topaz InFocus
Topaz InFocus (64-bit)
Topaz Lens Effects
Topaz Lens Effects (64-bit)
Topaz ReMask 3
Topaz ReMask 3 (64-bit)
Topaz Simplify 3
Topaz Simplify 3 (64-bit)
TrayApp
Trend Micro Titanium Internet Security
Turbo Fiesta
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
uTorrentControl_v2 Toolbar
WebReg
Windows Live
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Fotogalerie
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX control for remote connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinFlash
WinRAR
Wireless Console 3
World of Goo
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
24/12/2012 15:38:55, Error: Service Control Manager [7023] - The HP Network Devices Support service terminated with the following error: The specified module could not be found.
24/12/2012 15:36:51, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.
24/12/2012 15:36:51, Error: Service Control Manager [7000] - The SBSD Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
24/12/2012 15:35:28, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
21/12/2012 18:49:59, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
21/12/2012 17:09:24, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
21/12/2012 15:43:17, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
21/12/2012 15:43:16, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
21/12/2012 15:43:16, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
21/12/2012 15:43:11, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
21/12/2012 15:43:04, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
21/12/2012 15:42:48, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ATKWMIACPIIO discache spldr tmtdi Wanarpv6
21/12/2012 03:23:17, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
21/12/2012 03:23:17, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19/12/2012 03:03:52, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
17/12/2012 22:06:53, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457
Run by Joyus at 16:00:56 on 2012-12-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3561.1859 [GMT 0:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\nlssrv32.exe
C:\Windows\System32\svchost.exe -k HPZ12
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\Explorer.EXE
C:\Program Files\Serviio\bin\ServiioService.exe
C:\Program Files\Serviio\bin\ServiioService.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
C:\Program Files\Belkin\Network USB Hub Control Center\Connect.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Serviio\bin\ServiioConsole.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\SysWOW64\notepad.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.privitize.com/?aff=7
uDefault_Page_URL = hxxp://asus.msn.com
mStart Page = hxxp://search.privitize.com/?aff=7
uProxyServer = 109.204.121.123:80
uURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
mURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
mWinlogon: Userinit = userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Groove GFS Browser Helper: {12DB2EA6-0BB3-01EB-26E9-41BB5AF16DF1} - C:\Windows\SysWOW64\sqlwiddd.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: uTorrentControl_v2 Toolbar: {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Copernic Desktop Search - Home] "C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe" /tray
uRun: [AdobeBridge] <no file>
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\Users\Joyus\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\BELKIN~1.LNK - C:\Program Files\Belkin\Network USB Hub Control Center\Connect.exe
StartupFolder: C:\Users\Joyus\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Serviio.lnk - C:\Program Files\Serviio\bin\ServiioConsole.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/v/ra3RgI_VSoCPalw7aL2ig_0fSS8.cab
TCP: NameServer = 192.168.0.251
TCP: Interfaces\{2515440E-C81A-46BA-8475-7C4B10852F49} : DHCPNameServer = 192.168.0.251
TCP: Interfaces\{2515440E-C81A-46BA-8475-7C4B10852F49}\3597374756D6542727F627 : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{2515440E-C81A-46BA-8475-7C4B10852F49}\74F6273756C616E6463702355636572756F5548545 : DHCPNameServer = 192.168.0.251
TCP: Interfaces\{2515440E-C81A-46BA-8475-7C4B10852F49}\A4F686E62E08993702960586F6E656 : DHCPNameServer = 88.82.13.60 88.82.13.60
TCP: Interfaces\{61EA32F7-C5E3-4EC1-B198-AAF08ABBFB57} : DHCPNameServer = 192.168.0.251
TCP: Interfaces\{BD6D1853-6383-4AC9-99A3-A59160B4AF95} : DHCPNameServer = 88.82.13.60 88.82.13.60
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://asus.msn.com
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-12-6 80512]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-12-6 42624]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-9-25 56208]
R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2012-8-31 210016]
R0 vidsflt53;Acronis Disk Storage Filter (53);C:\Windows\System32\drivers\vsflt53.sys [2012-8-31 141920]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-12-21 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-12-21 370288]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2012-4-6 379520]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-4-6 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-2 361984]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-12-21 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-12-21 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-12-21 44808]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2011-1-31 66560]
R2 ReflectService.exe;Macrium Reflect Image Mounting Service;C:\Program Files\Macrium\Reflect\ReflectService.exe [2012-8-21 301760]
R2 SamsungAllShareV2.0;Samsung AllShare PC;C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-3-2 25504]
R2 Serviio;Serviio;C:\Program Files\Serviio\bin\ServiioService.exe [2012-8-9 207872]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2007-10-2 78952]
R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-10-19 67664]
R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-8-28 92632]
R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\drivers\AiCharger.sys [2012-4-6 17152]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2012-4-6 96896]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-4-6 46136]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2012-4-6 214144]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-4-6 93712]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-12-6 138024]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2012-4-6 250984]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-4-6 452200]
R3 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2011-4-28 241488]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-4-6 53376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-10-17 1153368]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-10-19 160944]
S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-10-19 267480]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-10-19 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2012-3-26 22528]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2012-12-21 31800]
S3 SimpleSlideShowServer;SimpleSlideShowServer;C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-3-2 27584]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-18 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-18 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-16 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-12-21 19:33:24 -------- d-----w- C:\Users\Joyus\AppData\Local\VS Revo Group
2012-12-21 19:33:18 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys
2012-12-21 19:33:12 -------- d-----w- C:\Program Files\VS Revo Group
2012-12-21 17:09:29 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-12-21 17:09:28 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-12-21 17:09:27 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-12-21 17:09:10 41224 ----a-w- C:\Windows\avastSS.scr
2012-12-21 17:08:56 -------- d-----w- C:\ProgramData\AVAST Software
2012-12-21 17:08:56 -------- d-----w- C:\Program Files\AVAST Software
2012-12-21 03:03:18 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-21 03:03:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-21 03:03:16 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-21 03:03:15 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-18 21:12:04 -------- d-----w- C:\Windows\SysWow64\3025
2012-12-12 10:59:58 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-12-12 10:59:58 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-12-12 10:58:47 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-12-12 10:51:40 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-12-12 10:51:40 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-12-11 21:12:13 -------- d-----w- C:\Windows\SysWow64\3024
2012-12-11 12:00:13 -------- d-----w- C:\Users\Joyus\AppData\Local\{5F6E4928-B7C8-4966-802B-693D86D9B2D5}
2012-12-11 12:00:00 -------- d-----w- C:\Users\Joyus\AppData\Roaming\Windows Live Writer
2012-12-11 12:00:00 -------- d-----w- C:\Users\Joyus\AppData\Local\Windows Live Writer
2012-12-09 14:55:08 -------- d-----w- C:\Users\Joyus\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-12-08 20:54:51 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-12-08 20:53:56 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2012-12-07 20:10:53 -------- d-----w- C:\ProgramData\Zoomex
2012-12-06 21:49:59 -------- d-----w- C:\Users\Joyus\Desktopzkw
2012-12-05 16:00:35 -------- d-----w- C:\Users\Joyus\AppData\Roaming\Adobe Mini Bridge CS5
2012-12-05 14:18:19 -------- d-----w- C:\Users\Joyus\AppData\Roaming\PearlMountain
2012-12-05 14:18:19 -------- d-----w- C:\ProgramData\PearlMountain
2012-12-04 22:49:20 -------- dc-h--w- C:\ProgramData\{E495C549-FA37-49F8-9EF7-A92CE55058C9}
2012-12-04 22:48:56 -------- dc-h--w- C:\ProgramData\{BB82CA89-D29D-45D2-8C0C-C824A39D588E}
2012-12-04 22:47:51 -------- dc-h--w- C:\ProgramData\{896AFBDD-72FF-40B8-B6B8-33C6022AD113}
2012-12-04 22:47:19 -------- dc-h--w- C:\ProgramData\{9C90450F-E325-424C-B16B-8809320C3F92}
2012-12-04 22:45:55 -------- dc-h--w- C:\ProgramData\{E314972B-E8D6-465D-AE74-6CC08535701F}
2012-12-04 22:45:29 -------- dc-h--w- C:\ProgramData\{EC2F7042-ADE8-4F04-9A7E-2316AD6311E2}
2012-12-04 22:44:54 -------- dc-h--w- C:\ProgramData\{5BCAA0F1-4CEB-4ED4-9E18-B9D4FB521338}
2012-12-04 22:44:39 -------- dc-h--w- C:\ProgramData\{89E2929F-C967-49CB-9FE3-FD86B97312FE}
2012-12-04 22:44:29 -------- dc-h--w- C:\ProgramData\{CB2950A3-A919-41C2-8920-64738E7DDEE8}
2012-12-04 22:44:06 -------- dc-h--w- C:\ProgramData\{B21E6C95-1429-4BC6-AA4D-4219C78235A1}
2012-12-04 22:43:56 -------- dc-h--w- C:\ProgramData\{0DEDF45C-1DEC-4670-AACA-9EC906125BFB}
2012-12-04 22:43:35 -------- dc-h--w- C:\ProgramData\{34007C15-AD5B-4CB2-A047-04AB415A841A}
2012-12-04 22:43:23 -------- dc-h--w- C:\ProgramData\{3D9F190A-0F10-4AD6-809B-E15B73D0B8BE}
2012-12-04 22:43:04 -------- dc-h--w- C:\ProgramData\{54AE07EB-BBE5-4429-9DF3-C156DB112B54}
2012-12-04 22:42:52 -------- dc-h--w- C:\ProgramData\{F7D319B6-E312-49A7-AA67-4737E676DD03}
2012-12-04 22:42:27 -------- dc-h--w- C:\ProgramData\{35056848-1DF5-4D37-85C5-0134DA6F6DFD}
2012-12-04 22:42:01 -------- dc-h--w- C:\ProgramData\{3FC6E797-6A27-41D8-BCD6-DFD8BCD6103E}
2012-12-04 22:41:44 -------- dc-h--w- C:\ProgramData\{33BC0E96-6441-46C9-9F09-529996C10736}
2012-12-04 22:40:45 -------- dc-h--w- C:\ProgramData\{A86A537E-18B3-414C-8CA0-92F4066C1B5C}
2012-12-04 22:40:38 -------- d-----w- C:\Program Files\Common Files\Topaz Labs
2012-12-04 22:40:17 -------- dc-h--w- C:\ProgramData\{6172A493-DBB5-49D2-B3DC-94690BB85ACF}
2012-12-04 22:40:10 -------- d-----w- C:\Program Files (x86)\Topaz Labs
2012-12-04 22:40:10 -------- d-----w- C:\Program Files (x86)\Common Files\Topaz Labs
2012-12-04 22:30:43 -------- d-----w- C:\Windows\SysWow64\1018
2012-12-04 19:54:50 -------- d-----w- C:\Program Files (x86)\Picture Collage Maker Pro
2012-12-02 19:12:24 -------- d-----w- C:\Windows\SysWow64\3023
2012-11-29 06:59:10 -------- d-----w- C:\Program Files\Serviio
2012-11-28 22:46:31 955888 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-11-28 22:46:31 839152 ----a-w- C:\Windows\System32\deployJava1.dll
2012-11-25 19:12:08 -------- d-----w- C:\Windows\SysWow64\3022
.
==================== Find3M ====================
.
2012-12-21 15:39:31 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe
2012-12-12 05:46:48 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 05:46:48 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-10-04 17:41:16 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
.
============= FINISH: 16:02:02.88 ===============

#3 gringo_pr

Bleepin Gringo

Malware Response Team
120,402 posts

Gender:Male
Location:Puerto rico

Posted 26 December 2012 - 12:44 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

Please do not run any tools unless instructed to do so.
- We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
Please do not attach logs or use code boxes, just copy and paste the text.
- Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
Please read every post completely before doing anything.
- Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
Please provide feedback about your experience as we go.
- A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

Download Security Check by screen317 from here.
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

Download & SAVE to your Desktop RogueKiller or from here
Quit all programs that you may have started.
Please disconnect any USB or external drives from the computer before you run this scan!
For Vista or Windows 7, right-click and select "Run as Administrator to start"
For Windows XP, double-click to start.
Wait until Prescan has finished ...
Then Click on "Scan" button
Wait until the Status box shows "Scan Finished"
click on "delete"
Wait until the Status box shows "Deleting Finished"
Click on "Report" and copy/paste the content of the Notepad into your next reply.
The log should be found in RKreport[1].txt on your Desktop
Exit/Close RogueKiller+

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic

Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here --><-- Don't worry every little bit helps.

#4 budbecks

Member

Members
34 posts

Posted 26 December 2012 - 03:47 PM

# AdwCleaner v2.102 - Logfile created 12/26/2012 at 20:38:06
# Updated 23/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Joyus - JOYUS-NEWLAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Joyus\Desktop\removal\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v2
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Users\Joyus\AppData\Local\Conduit
Folder Deleted : C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Deleted : C:\Users\Joyus\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Joyus\AppData\LocalLow\uTorrentControl_v2

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12A2FC4C-4B48-444D-BF0E-BEEC0855CF6F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B488C3E-4273-4F8F-82D7-C3D05DA1A3F5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3605 octets] - [26/12/2012 20:38:06]

########## EOF - C:\AdwCleaner[S1].txt - [3665 octets] ##########

RogueKiller V8.4.1 [Dec 24 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Joyus [Admin rights]
Mode : Remove -- Date : 12/26/2012 20:44:44

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\Run : Nuance PDF Reader-reminder ("C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini") -> DELETED
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (109.204.121.123:80) -> NOT REMOVED, USE PROXYFIX
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

For Windows 7
[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST950032 5AS SATA Disk Device +++++
--- User ---
[MBR] 9c7bd044aa993a39a82f1a1b3b814b23
[BSP] e321fb9d60f48e0204fc4dd56fe97deb : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 205084 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 472442880 | Size: 246255 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SanDisk Cruzer Fit USB Device +++++
--- User ---
[MBR] 659cd89007d3026cf8251ab66a999f1b
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 32 | Size: 3818 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2]_D_12262012_02d2044.txt >>
RKreport[1]_S_12262012_02d2043.txt ; RKreport[2]_D_12262012_02d2044.txt

#5 gringo_pr

Bleepin Gringo

Malware Response Team
120,402 posts

Gender:Male
Location:Puerto rico

Posted 26 December 2012 - 04:55 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

In your next post I need the following
Log from Combofix
let me know of any problems you may have had
How is the computer doing now?

Gringo

#6 budbecks

Member

Members
34 posts

Posted 26 December 2012 - 08:11 PM

This seems to have stopped auto redirect when starting IExplorer

I will restart and double check later

ComboFix 12-12-25.02 - Joyus 27/12/2012 0:00.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3561.1689 [GMT 0:00]
Running from: c:\users\Joyus\Desktop\removal\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\prefs.js
c:\programdata\FullRemove.exe
c:\windows\msvcr71.dll
c:\windows\WinRAR
c:\windows\WinRAR\uninstall.exe
D:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-27 to 2012-12-27 )))))))))))))))))))))))))))))))
.
.
2012-12-27 01:01 . 2012-12-27 01:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-21 19:33 . 2012-12-21 19:33 -------- d-----w- c:\users\Joyus\AppData\Local\VS Revo Group
2012-12-21 19:33 . 2009-12-30 10:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2012-12-21 19:33 . 2012-12-21 19:33 -------- d-----w- c:\program files\VS Revo Group
2012-12-21 17:09 . 2012-10-30 22:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-12-21 17:09 . 2012-10-30 22:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-12-21 17:09 . 2012-10-30 22:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-12-21 17:09 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-12-21 17:09 . 2012-10-30 22:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-12-21 17:09 . 2012-10-30 22:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-12-21 17:09 . 2012-10-30 22:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-12-21 17:09 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2012-12-21 17:09 . 2012-10-30 22:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-12-21 17:08 . 2012-12-21 17:08 -------- d-----w- c:\programdata\AVAST Software
2012-12-21 17:08 . 2012-12-21 17:08 -------- d-----w- c:\program files\AVAST Software
2012-12-21 03:03 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 03:03 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 03:03 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 03:03 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-18 21:12 . 2012-12-18 21:12 -------- d-----w- c:\windows\SysWow64\3025
2012-12-12 10:59 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 10:59 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-12 10:58 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 10:51 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 10:51 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-11 21:12 . 2012-12-18 21:12 -------- d-----w- c:\windows\SysWow64\3024
2012-12-11 12:00 . 2012-12-11 12:02 -------- d-----w- c:\users\Joyus\AppData\Local\Windows Live Writer
2012-12-11 12:00 . 2012-12-11 12:00 -------- d-----w- c:\users\Joyus\AppData\Roaming\Windows Live Writer
2012-12-09 14:55 . 2012-12-09 14:55 -------- d-----w- c:\users\Joyus\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-12-08 20:54 . 2012-12-08 20:54 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2012-12-08 20:54 . 2012-12-08 20:54 -------- d-----w- c:\program files\Microsoft Office
2012-12-08 20:53 . 2012-12-08 20:53 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-12-08 20:52 . 2012-12-08 20:52 -------- d-----r- C:\MSOCache
2012-12-07 20:10 . 2012-12-08 20:51 -------- d-----w- c:\programdata\Zoomex
2012-12-06 21:49 . 2012-12-06 21:50 -------- d-----w- c:\users\Joyus\Desktopzkw
2012-12-05 16:00 . 2012-12-05 16:00 -------- d-----w- c:\users\Joyus\AppData\Roaming\Adobe Mini Bridge CS5
2012-12-05 14:18 . 2012-12-05 14:18 -------- d-----w- c:\users\Joyus\AppData\Roaming\PearlMountain
2012-12-05 14:18 . 2012-12-05 14:18 -------- d-----w- c:\programdata\PearlMountain
2012-12-04 22:49 . 2012-12-04 22:49 -------- dc-h--w- c:\programdata\{E495C549-FA37-49F8-9EF7-A92CE55058C9}
2012-12-04 22:48 . 2012-12-04 22:48 -------- dc-h--w- c:\programdata\{BB82CA89-D29D-45D2-8C0C-C824A39D588E}
2012-12-04 22:47 . 2012-12-04 22:47 -------- dc-h--w- c:\programdata\{896AFBDD-72FF-40B8-B6B8-33C6022AD113}
2012-12-04 22:47 . 2012-12-04 22:47 -------- dc-h--w- c:\programdata\{9C90450F-E325-424C-B16B-8809320C3F92}
2012-12-04 22:45 . 2012-12-04 22:45 -------- dc-h--w- c:\programdata\{E314972B-E8D6-465D-AE74-6CC08535701F}
2012-12-04 22:45 . 2012-12-04 22:45 -------- dc-h--w- c:\programdata\{EC2F7042-ADE8-4F04-9A7E-2316AD6311E2}
2012-12-04 22:44 . 2012-12-04 22:44 -------- dc-h--w- c:\programdata\{5BCAA0F1-4CEB-4ED4-9E18-B9D4FB521338}
2012-12-04 22:44 . 2012-12-04 22:44 -------- dc-h--w- c:\programdata\{89E2929F-C967-49CB-9FE3-FD86B97312FE}
2012-12-04 22:44 . 2012-12-04 22:44 -------- dc-h--w- c:\programdata\{CB2950A3-A919-41C2-8920-64738E7DDEE8}
2012-12-04 22:44 . 2012-12-04 22:44 -------- dc-h--w- c:\programdata\{B21E6C95-1429-4BC6-AA4D-4219C78235A1}
2012-12-04 22:43 . 2012-12-04 22:43 -------- dc-h--w- c:\programdata\{0DEDF45C-1DEC-4670-AACA-9EC906125BFB}
2012-12-04 22:43 . 2012-12-04 22:43 -------- dc-h--w- c:\programdata\{34007C15-AD5B-4CB2-A047-04AB415A841A}
2012-12-04 22:43 . 2012-12-04 22:43 -------- dc-h--w- c:\programdata\{3D9F190A-0F10-4AD6-809B-E15B73D0B8BE}
2012-12-04 22:43 . 2012-12-04 22:43 -------- dc-h--w- c:\programdata\{54AE07EB-BBE5-4429-9DF3-C156DB112B54}
2012-12-04 22:42 . 2012-12-04 22:42 -------- dc-h--w- c:\programdata\{F7D319B6-E312-49A7-AA67-4737E676DD03}
2012-12-04 22:42 . 2012-12-04 22:42 -------- dc-h--w- c:\programdata\{35056848-1DF5-4D37-85C5-0134DA6F6DFD}
2012-12-04 22:42 . 2012-12-04 22:42 -------- dc-h--w- c:\programdata\{3FC6E797-6A27-41D8-BCD6-DFD8BCD6103E}
2012-12-04 22:41 . 2012-12-04 22:41 -------- dc-h--w- c:\programdata\{33BC0E96-6441-46C9-9F09-529996C10736}
2012-12-04 22:40 . 2012-12-04 22:40 -------- dc-h--w- c:\programdata\{A86A537E-18B3-414C-8CA0-92F4066C1B5C}
2012-12-04 22:40 . 2012-12-04 22:49 -------- d-----w- c:\program files\Common Files\Topaz Labs
2012-12-04 22:40 . 2012-12-04 22:40 -------- dc-h--w- c:\programdata\{6172A493-DBB5-49D2-B3DC-94690BB85ACF}
2012-12-04 22:40 . 2012-12-04 22:48 -------- d-----w- c:\program files (x86)\Common Files\Topaz Labs
2012-12-04 22:40 . 2012-12-04 22:48 -------- d-----w- c:\program files (x86)\Topaz Labs
2012-12-04 22:30 . 2012-12-11 21:12 -------- d-----w- c:\windows\SysWow64\1018
2012-12-04 19:54 . 2012-12-04 19:55 -------- d-----w- c:\program files (x86)\Picture Collage Maker Pro
2012-12-03 22:17 . 2012-12-03 22:17 -------- d-----w- c:\program files (x86)\Adobe Media Player
2012-12-02 19:12 . 2012-12-02 19:12 -------- d-----w- c:\windows\SysWow64\3023
2012-11-29 06:59 . 2012-11-29 06:59 -------- d-----w- c:\program files\Serviio
2012-11-28 22:46 . 2012-11-28 22:45 955888 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-28 22:46 . 2012-11-28 22:45 839152 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-28 22:46 . 2012-11-28 22:45 268784 ----a-w- c:\windows\system32\javaws.exe
2012-11-28 22:45 . 2012-11-28 22:45 189424 ----a-w- c:\windows\system32\javaw.exe
2012-11-28 22:45 . 2012-11-28 22:45 188912 ----a-w- c:\windows\system32\java.exe
2012-11-28 22:45 . 2012-11-28 22:45 -------- d-----w- c:\program files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-21 15:39 . 2012-07-13 11:25 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2012-12-12 05:46 . 2012-07-16 22:58 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 05:46 . 2012-07-16 22:58 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-23 08:44 . 2012-10-23 08:44 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-16 08:38 . 2012-11-28 09:06 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 09:06 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 09:06 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-14 11:51 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 11:51 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 11:51 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 11:51 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-12 10:53 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 11:51 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 11:51 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 11:51 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 11:51 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 11:51 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 11:51 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 11:51 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 11:51 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 11:51 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 11:51 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 11:51 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{12DB2EA6-0BB3-01EB-26E9-41BB5AF16DF1}]
2009-07-14 01:16 73728 ----a-w- c:\windows\SysWOW64\sqlwiddd.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Copernic Desktop Search - Home"="c:\program files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe" [2012-07-23 1651200]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-08-28 247768]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-10-19 17875120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-10-19 3331312]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"SonicMasterTray"="c:\program files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-07-21 5716608]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-09-13 2317312]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2012-04-27 2637784]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-06-25 1073352]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-07-27 36800]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"AllShareAgent"="c:\program files (x86)\Samsung\AllShare\AllShareAgent.exe" [2012-03-01 285072]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
c:\users\Joyus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Belkin Network USB Hub Control Center.lnk - c:\program files\Belkin\Network USB Hub Control Center\Connect.exe [2012-9-18 790651]
Serviio.lnk - c:\program files\Serviio\bin\ServiioConsole.exe [2012-8-9 493056]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-10-19 549040]
FancyStart daemon.lnk - c:\windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe [2012-4-6 12862]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-10-19 160944]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 atillk64;atillk64;c:\program files (x86)\AMD\System Monitor\atillk64.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2012-03-26 22528]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2011-01-18 250984]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-16 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-10-28 80512]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-10-28 42624]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [2012-08-31 210016]
S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys [2012-08-31 141920]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-03 379520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-02 204288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-02 361984]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe [2011-01-31 66560]
S2 ReflectService.exe;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2012-08-21 301760]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Serviio;Serviio;c:\program files\Serviio\bin\ServiioService.exe [2012-08-09 207872]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [2007-10-02 78952]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2011-10-15 17152]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys [2011-07-15 96896]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys [2011-07-15 214144]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-12-31 138024]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]
S3 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2011-08-17 53376]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-16 05:46]
.
2012-12-21 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-12-21 22:50]
.
2012-12-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-16 22:58]
.
2012-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-16 22:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-10-14 2278504]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2012-04-27 395384]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.privitize.com/?aff=7
mStart Page = hxxp://search.privitize.com/?aff=7
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 109.204.121.123:80
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.251
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/v/ra3RgI_VSoCPalw7aL2ig_0fSS8.cab
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-WinRAR - c:\windows\WinRAR\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2970566802-3955279507-3644801842-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\jpg*E¥Iv\&]¥=œ]
"0"=hex:14,00,1f,44,47,1a,03,59,72,3f,a7,44,89,c5,55,95,fe,6b,30,ee,20,00,00,
00,1a,00,ee,bb,fe,23,00,00,10,00,30,81,e2,33,1e,4e,76,46,83,5a,98,39,5c,3b,\
"MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff
.
[HKEY_USERS\S-1-5-21-2970566802-3955279507-3644801842-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\jpg*þÿÿÿE¥IvE¥Iv\«`á_à]
"0"=hex:4c,00,31,00,00,00,00,00,36,41,e7,7e,10,00,61,64,6f,62,65,00,38,00,08,
00,04,00,ef,be,32,41,1a,a2,36,41,e7,7e,2a,00,00,00,b2,71,00,00,00,00,3a,00,\
"MRUListEx"=hex:03,00,00,00,02,00,00,00,01,00,00,00,00,00,00,00,ff,ff,ff,ff
"1"=hex:4c,00,31,00,00,00,00,00,36,41,c3,80,10,00,61,64,6f,62,65,00,38,00,08,
00,04,00,ef,be,32,41,1a,a2,36,41,c3,80,2a,00,00,00,b2,71,00,00,00,00,3a,00,\
"2"=hex:4c,00,31,00,00,00,00,00,36,41,e5,80,10,00,61,64,6f,62,65,00,38,00,08,
00,04,00,ef,be,32,41,1a,a2,36,41,e5,80,2a,00,00,00,b2,71,00,00,00,00,3a,00,\
"3"=hex:4c,00,31,00,00,00,00,00,36,41,eb,80,10,00,61,64,6f,62,65,00,38,00,08,
00,04,00,ef,be,32,41,1a,a2,36,41,eb,80,2a,00,00,00,b2,71,00,00,00,00,3a,00,\
.
[HKEY_USERS\S-1-5-21-2970566802-3955279507-3644801842-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*E¥Iv\&]¥=œ]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2970566802-3955279507-3644801842-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*E¥Iv\&]¥=œ\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-2970566802-3955279507-3644801842-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥IvE¥Iv\«`á_à]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2970566802-3955279507-3644801842-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥IvE¥Iv\«`á_à\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-2970566802-3955279507-3644801842-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.*jpg*E¥Iv\&]¥=œ]
@Allowed: (Read) (RestrictedCode)
"0"=hex:64,00,65,00,76,00,6f,00,6e,00,2e,00,6a,70,67,00,45,a5,49,76,18,5c,26,
5d,a5,0e,3d,9c,10,01,00,00,8a,00,36,00,00,00,00,00,00,00,00,00,00,00,64,00,\
"MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff
.
[HKEY_USERS\S-1-5-21-2970566802-3955279507-3644801842-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.*jpg*þÿÿÿE¥IvE¥Iv\«`á_à]
@Allowed: (Read) (RestrictedCode)
"MRUListEx"=hex:03,00,00,00,02,00,00,00,01,00,00,00,00,00,00,00,ff,ff,ff,ff
"0"=hex:49,00,4d,00,47,00,5f,00,30,00,37,00,32,00,34,00,73,00,2e,00,6a,70,67,
00,fe,ff,ff,ff,45,a5,49,76,45,a5,49,76,18,5c,ab,60,e1,5f,0c,e0,10,01,00,00,\
"1"=hex:49,00,4d,00,47,00,5f,00,30,00,37,00,32,00,31,00,73,00,2e,00,6a,70,67,
00,fe,ff,ff,ff,45,a5,49,76,45,a5,49,76,18,5c,ab,60,e1,5f,0c,e0,10,01,00,00,\
"2"=hex:49,00,4d,00,47,00,5f,00,30,00,37,00,32,00,33,00,73,00,2e,00,6a,70,67,
00,fe,ff,ff,ff,45,a5,49,76,45,a5,49,76,18,5c,ab,60,e1,5f,0c,e0,10,01,00,00,\
"3"=hex:49,00,4d,00,47,00,5f,00,30,00,37,00,32,00,32,00,73,00,2e,00,6a,70,67,
00,fe,ff,ff,ff,45,a5,49,76,45,a5,49,76,18,5c,ab,60,e1,5f,0c,e0,10,01,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"v5Licence0"="15-NQF6-6WRH-XFP7-U8VM-7P7N-WW5USAH"
"Activated"="Y"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-27 01:09:20
ComboFix-quarantined-files.txt 2012-12-27 01:09
.
Pre-Run: 55,654,572,032 bytes free
Post-Run: 55,248,568,320 bytes free
.
- - End Of File - - 7A352E34306008D39DD6AFF22AA608F6

#7 budbecks

Member

Members
34 posts

Posted 27 December 2012 - 04:57 AM

Restarted and still got redirect on IE at least.

Avast blocks it. Also it seems when im writing in a text box online (much like this one) it will redirect also.

#8 gringo_pr

Bleepin Gringo

Malware Response Team
120,402 posts

Gender:Male
Location:Puerto rico

Posted 27 December 2012 - 12:42 PM

In your next post I need the following
Log from Combofix
let me know of any problems you may have had
How is the computer doing now?

Gringo

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.

Double click the aswMBR.exe icon to run it
it will ask to download extra definitions - ALLOW IT
Click the Scan button to start the scan
On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo

#9 budbecks

Member

Members
34 posts

Posted 27 December 2012 - 02:12 PM

Had to attatch TDSSKiller log as it was to big.

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-27 18:36:46
-----------------------------
18:36:46.468 OS Version: Windows x64 6.1.7601 Service Pack 1
18:36:46.468 Number of processors: 4 586 0x100
18:36:46.471 ComputerName: JOYUS-NEWLAPTOP UserName: Joyus
18:36:49.063 Initialize success
18:36:50.118 AVAST engine defs: 12122701
18:37:12.550 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000078
18:37:12.555 Disk 0 Vendor: ST950032 0003 Size: 476940MB BusType: 11
18:37:12.593 Disk 0 MBR read successfully
18:37:12.598 Disk 0 MBR scan
18:37:12.606 Disk 0 Windows 7 default MBR code
18:37:12.619 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
18:37:12.637 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 205084 MB offset 52430848
18:37:12.668 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 246255 MB offset 472442880
18:37:12.716 Disk 0 scanning C:\Windows\system32\drivers
18:37:26.603 Service scanning
18:37:55.403 Modules scanning
18:37:55.421 Disk 0 trace - called modules:
18:37:55.487 ntoskrnl.exe CLASSPNP.SYS disk.sys vsflt53.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
18:37:55.500 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d0c060]
18:37:55.512 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa8004b7e9c0]
18:37:55.523 5 vsflt53.sys[fffff88000f8dcfd] -> nt!IofCallDriver -> [0xfffffa800469cac0]
18:37:55.534 7 amd_xata.sys[fffff880011add2c] -> nt!IofCallDriver -> \Device\00000078[0xfffffa8004698700]
18:37:56.669 AVAST engine scan C:\Windows
18:38:02.717 AVAST engine scan C:\Windows\system32
18:42:26.435 AVAST engine scan C:\Windows\system32\drivers
18:42:40.203 AVAST engine scan C:\Users\Joyus
18:57:21.438 AVAST engine scan C:\ProgramData
19:00:46.329 Scan finished successfully
19:05:19.925 Disk 0 MBR has been saved successfully to "C:\Users\Joyus\Desktop\removal\MBR.dat"
19:05:19.938 The log file has been saved successfully to "C:\Users\Joyus\Desktop\removal\aswMBR.txt"

Attached Files

TDSSKiller.2.8.15.0_27.12.2012_18.31.31_logPART1.txt 395.46K 0 downloads

Edited by budbecks, 27 December 2012 - 02:17 PM.

#10 budbecks

Member

Members
34 posts

Posted 27 December 2012 - 02:17 PM

18:34:17.0001 6852 [ C22BE42F4CFDAABE0CD89DB669A94EAC ] C:\Windows\System32\spool\drivers\x64\3\hpfpr70w.dll
18:34:17.0001 6852 C:\Windows\System32\spool\drivers\x64\3\hpfpr70w.dll - ok
18:34:17.0012 6852 [ 6D5D668F1D0B242836F1FFB04C136436 ] C:\Windows\System32\spool\drivers\x64\3\HPCDMC64.dll
18:34:17.0012 6852 C:\Windows\System32\spool\drivers\x64\3\HPCDMC64.dll - ok
18:34:17.0023 6852 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
18:34:17.0023 6852 C:\Windows\System32\srclient.dll - ok
18:34:17.0033 6852 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
18:34:17.0033 6852 C:\Windows\System32\spp.dll - ok
18:34:17.0040 6852 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
18:34:17.0040 6852 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
18:34:17.0052 6852 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
18:34:17.0052 6852 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
18:34:17.0063 6852 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
18:34:17.0063 6852 C:\Windows\System32\sxsstore.dll - ok
18:34:17.0073 6852 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
18:34:17.0073 6852 C:\Windows\servicing\CbsApi.dll - ok
18:34:17.0084 6852 [ DB70FE36AC8F594E9E69479C076BADB8 ] C:\Windows\System32\HelpPaneProxy.dll
18:34:17.0084 6852 C:\Windows\System32\HelpPaneProxy.dll - ok
18:34:17.0094 6852 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
18:34:17.0094 6852 C:\Windows\System32\radardt.dll - ok
18:34:17.0105 6852 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
18:34:17.0105 6852 C:\Windows\System32\dllhost.exe - ok
18:34:17.0116 6852 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
18:34:17.0116 6852 C:\Windows\System32\IDStore.dll - ok
18:34:17.0126 6852 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
18:34:17.0126 6852 C:\Windows\System32\AtBroker.exe - ok
18:34:17.0138 6852 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
18:34:17.0138 6852 C:\Windows\System32\PlaySndSrv.dll - ok
18:34:17.0150 6852 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
18:34:17.0150 6852 C:\Windows\System32\userinit.exe - ok
18:34:17.0160 6852 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
18:34:17.0160 6852 C:\Windows\System32\MsCtfMonitor.dll - ok
18:34:17.0171 6852 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
18:34:17.0171 6852 C:\Windows\System32\msutb.dll - ok
18:34:17.0181 6852 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
18:34:17.0181 6852 C:\Windows\System32\HotStartUserAgent.dll - ok
18:34:17.0192 6852 [ B2742EA6ED844D747E2348A504E491CB ] C:\Windows\System32\dxva2.dll
18:34:17.0192 6852 C:\Windows\System32\dxva2.dll - ok
18:34:17.0203 6852 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
18:34:17.0203 6852 C:\Windows\System32\dwm.exe - ok
18:34:17.0213 6852 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
18:34:17.0213 6852 C:\Windows\System32\dwmredir.dll - ok
18:34:17.0223 6852 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
18:34:17.0224 6852 C:\Windows\System32\dssenh.dll - ok
18:34:17.0234 6852 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
18:34:17.0234 6852 C:\Windows\System32\dwmcore.dll - ok
18:34:17.0244 6852 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:34:17.0244 6852 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
18:34:17.0255 6852 [ B15D20BE4CB586E142FB466411C8F5CF ] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
18:34:17.0255 6852 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe - ok
18:34:17.0266 6852 [ 63A0FE3B1B094DAE328F46FCADABDBE4 ] C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
18:34:17.0266 6852 C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe - ok
18:34:17.0277 6852 [ 0FEDC24834D26DDB558D12C15F182FDD ] C:\Program Files\ASUS\P4G\BatteryLife.exe
18:34:17.0277 6852 C:\Program Files\ASUS\P4G\BatteryLife.exe - ok
18:34:17.0288 6852 [ 710346F1C319257A754A7C0ACC99A480 ] C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
18:34:17.0288 6852 C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe - ok
18:34:17.0295 6852 [ 85C57CD47F292E248E56A41E7E7A19C6 ] C:\Program Files (x86)\ASUS\Splendid\OVS.dll
18:34:17.0295 6852 C:\Program Files (x86)\ASUS\Splendid\OVS.dll - ok
18:34:17.0306 6852 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
18:34:17.0306 6852 C:\Windows\SysWOW64\taskschd.dll - ok
18:34:17.0316 6852 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
18:34:17.0316 6852 C:\Windows\SysWOW64\mscoree.dll - ok
18:34:17.0326 6852 [ 7E5F5E64C91FEDFE72E4C1728094BA69 ] C:\Program Files\ASUS\P4G\DevMng.dll
18:34:17.0326 6852 C:\Program Files\ASUS\P4G\DevMng.dll - ok
18:34:17.0337 6852 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
18:34:17.0337 6852 C:\Windows\explorer.exe - ok
18:34:17.0347 6852 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
18:34:17.0348 6852 C:\Windows\System32\ExplorerFrame.dll - ok
18:34:17.0358 6852 [ BD59EB5148E62D227DB2509F06634D50 ] C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
18:34:17.0358 6852 C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll - ok
18:34:17.0370 6852 [ 50E6288786474CC1275108D33FCC9488 ] C:\Program Files\ASUS\P4G\OvrClk.dll
18:34:17.0370 6852 C:\Program Files\ASUS\P4G\OvrClk.dll - ok
18:34:17.0381 6852 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
18:34:17.0382 6852 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
18:34:17.0392 6852 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
18:34:17.0392 6852 C:\Windows\SysWOW64\xmllite.dll - ok
18:34:17.0404 6852 [ 98AB7A3AC4155640146F6BEC422C81E4 ] C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll
18:34:17.0404 6852 C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll - ok
18:34:17.0414 6852 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
18:34:17.0414 6852 C:\Windows\System32\d3d10_1.dll - ok
18:34:17.0425 6852 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
18:34:17.0425 6852 C:\Windows\System32\d3d10_1core.dll - ok
18:34:17.0436 6852 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
18:34:17.0436 6852 C:\Windows\System32\dxgi.dll - ok
18:34:17.0446 6852 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
18:34:17.0446 6852 C:\Windows\SysWOW64\imagehlp.dll - ok
18:34:17.0457 6852 [ 9A2F3F65C483A017E59BAFA52CADD823 ] C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
18:34:17.0457 6852 C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe - ok
18:34:17.0469 6852 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
18:34:17.0469 6852 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
18:34:17.0480 6852 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
18:34:17.0480 6852 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
18:34:17.0491 6852 [ 92F8656D0167412A2379517C3F704FFB ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
18:34:17.0491 6852 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
18:34:17.0502 6852 [ CE705CA9F05E070C53A4826EC9C6D4D5 ] C:\Windows\System32\aticfx64.dll
18:34:17.0502 6852 C:\Windows\System32\aticfx64.dll - ok
18:34:17.0513 6852 [ F05FC2C0FECF55B05351AA760166F18F ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
18:34:17.0513 6852 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe - ok
18:34:17.0523 6852 [ 2E61D255D7DC82928FDD738D66EA509D ] C:\Windows\System32\atiuxp64.dll
18:34:17.0524 6852 C:\Windows\System32\atiuxp64.dll - ok
18:34:17.0534 6852 [ 5746BD7E255DD6A8AFA06F7C42C1BA41 ] C:\Windows\System32\cmd.exe
18:34:17.0534 6852 C:\Windows\System32\cmd.exe - ok
18:34:17.0540 6852 [ 867C93CE4B4CCFCDE65CE48A769CD227 ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
18:34:17.0540 6852 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
18:34:17.0552 6852 [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
18:34:17.0552 6852 C:\Windows\System32\conhost.exe - ok
18:34:17.0563 6852 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
18:34:17.0563 6852 C:\Windows\System32\wbem\cimwin32.dll - ok
18:34:17.0573 6852 [ 96CBDFBCE6D5C426823008638A153DDA ] C:\Windows\System32\atidxx64.dll
18:34:17.0573 6852 C:\Windows\System32\atidxx64.dll - ok
18:34:17.0585 6852 [ CC6C87D669307A3386BEFE4D72CE4E3F ] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
18:34:17.0585 6852 C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll - ok
18:34:17.0596 6852 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
18:34:17.0596 6852 C:\Windows\System32\EhStorShell.dll - ok
18:34:17.0606 6852 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
18:34:17.0606 6852 C:\Windows\System32\ntshrui.dll - ok
18:34:17.0617 6852 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
18:34:17.0617 6852 C:\Windows\System32\IconCodecService.dll - ok
18:34:17.0627 6852 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
18:34:17.0627 6852 C:\Windows\System32\framedynos.dll - ok
18:34:17.0638 6852 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
18:34:17.0638 6852 C:\Windows\System32\runonce.exe - ok
18:34:17.0648 6852 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
18:34:17.0648 6852 C:\Windows\System32\uDWM.dll - ok
18:34:17.0659 6852 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
18:34:17.0659 6852 C:\Windows\SysWOW64\runonce.exe - ok
18:34:17.0669 6852 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
18:34:17.0669 6852 C:\Windows\System32\wmi.dll - ok
18:34:17.0680 6852 [ 4F72C8B661DEC62F4DF0F15D33106372 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\AGFNEX64.dll
18:34:17.0680 6852 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\AGFNEX64.dll - ok
18:34:17.0691 6852 [ 061C71A7BD897F28DB052E7AD2B284A1 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
18:34:17.0691 6852 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe - ok
18:34:17.0702 6852 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
18:34:17.0702 6852 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
18:34:17.0714 6852 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
18:34:17.0714 6852 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
18:34:17.0725 6852 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
18:34:17.0725 6852 C:\Windows\SysWOW64\MMDevAPI.dll - ok
18:34:17.0736 6852 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
18:34:17.0736 6852 C:\Windows\SysWOW64\mstask.dll - ok
18:34:17.0746 6852 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
18:34:17.0746 6852 C:\Windows\SysWOW64\AudioSes.dll - ok
18:34:17.0757 6852 [ EC38AF4505D0D682EACC681E3E8165F6 ] C:\Program Files\Serviio\lib\ffmpeg.exe
18:34:17.0757 6852 C:\Program Files\Serviio\lib\ffmpeg.exe - ok
18:34:17.0767 6852 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
18:34:17.0767 6852 C:\Windows\SysWOW64\avicap32.dll - ok
18:34:17.0777 6852 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
18:34:17.0777 6852 C:\Windows\SysWOW64\cmd.exe - ok
18:34:17.0788 6852 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
18:34:17.0788 6852 C:\Windows\System32\wbem\wmiprov.dll - ok
18:34:17.0794 6852 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
18:34:17.0794 6852 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
18:34:17.0807 6852 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
18:34:17.0807 6852 C:\Windows\SysWOW64\winbrand.dll - ok
18:34:17.0817 6852 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll
18:34:17.0818 6852 C:\Windows\SysWOW64\ieframe.dll - ok
18:34:17.0828 6852 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
18:34:17.0828 6852 C:\Windows\System32\aelupsvc.dll - ok
18:34:17.0839 6852 [ 149126216A694E6BA84E92ECA77AAE3B ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
18:34:17.0839 6852 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe - ok
18:34:17.0850 6852 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
18:34:17.0850 6852 C:\Windows\SysWOW64\shdocvw.dll - ok
18:34:17.0861 6852 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
18:34:17.0861 6852 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
18:34:17.0872 6852 [ 1917BE7C440DC7CF04304F0AFD7FDD16 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
18:34:17.0872 6852 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe - ok
18:34:17.0883 6852 [ 98CADC34741738CFC24F5CDFDAA408FA ] C:\Windows\SysWOW64\ACEngSvr.exe
18:34:17.0883 6852 C:\Windows\SysWOW64\ACEngSvr.exe - ok
18:34:17.0894 6852 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Joyus\AppData\Local\Temp\B713F73B-2D27-4AA2-AB35-EAC27088EA11.exe
18:34:17.0894 6852 C:\Users\Joyus\AppData\Local\Temp\B713F73B-2D27-4AA2-AB35-EAC27088EA11.exe - ok
18:34:17.0905 6852 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
18:34:17.0905 6852 C:\Windows\SysWOW64\mscms.dll - ok
18:34:17.0915 6852 [ 5CFB72E40A3C5F1070333BCF7E52E651 ] C:\Program Files\Elantech\ETDApi.dll
18:34:17.0915 6852 C:\Program Files\Elantech\ETDApi.dll - ok
18:34:17.0926 6852 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
18:34:17.0926 6852 C:\Windows\SysWOW64\ddraw.dll - ok
18:34:17.0937 6852 [ AA11E1368EEB237DD100BAC6AFFE1C57 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
18:34:17.0937 6852 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe - ok
18:34:17.0947 6852 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
18:34:17.0947 6852 C:\Windows\SysWOW64\dciman32.dll - ok
18:34:17.0958 6852 [ 4A7C441D99D86704D194E7678873B95D ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
18:34:17.0958 6852 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe - ok
18:34:17.0969 6852 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
18:34:17.0969 6852 C:\Windows\SysWOW64\hid.dll - ok
18:34:17.0980 6852 [ 31D59387099070963EAD4CE14C5B5F04 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
18:34:17.0980 6852 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll - ok
18:34:17.0991 6852 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
18:34:17.0992 6852 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
18:34:18.0003 6852 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
18:34:18.0003 6852 C:\Windows\SysWOW64\riched20.dll - ok
18:34:18.0014 6852 [ B6F3CBD88209650E531A3DE8071EEFDB ] C:\Windows\SysWOW64\aticfx32.dll
18:34:18.0014 6852 C:\Windows\SysWOW64\aticfx32.dll - ok
18:34:18.0024 6852 [ 91D8A051CC5297E49FDEF2428973F978 ] C:\Windows\SysWOW64\atiu9pag.dll
18:34:18.0024 6852 C:\Windows\SysWOW64\atiu9pag.dll - ok
18:34:18.0034 6852 [ ABF63BAFECBB76031E4F34816707374A ] C:\Windows\SysWOW64\atiumdag.dll
18:34:18.0034 6852 C:\Windows\SysWOW64\atiumdag.dll - ok
18:34:18.0044 6852 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
18:34:18.0044 6852 C:\Windows\System32\mstask.dll - ok
18:34:18.0051 6852 [ 42BE93BC96729BEF029B4185504193EC ] C:\Windows\SysWOW64\atiumdva.dll
18:34:18.0051 6852 C:\Windows\SysWOW64\atiumdva.dll - ok
18:34:18.0062 6852 [ 6D6596E046CA6A61DE250AD3A281A1AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
18:34:18.0062 6852 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll - ok
18:34:18.0073 6852 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
18:34:18.0073 6852 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
18:34:18.0085 6852 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
18:34:18.0085 6852 C:\Windows\SysWOW64\EhStorShell.dll - ok
18:34:18.0095 6852 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
18:34:18.0095 6852 C:\Windows\SysWOW64\ntshrui.dll - ok
18:34:18.0105 6852 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
18:34:18.0105 6852 C:\Windows\SysWOW64\slc.dll - ok
18:34:18.0116 6852 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
18:34:18.0116 6852 C:\Windows\SysWOW64\imageres.dll - ok
18:34:18.0128 6852 [ 858716CED10DBBF0BC5748F71ED2F59D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
18:34:18.0128 6852 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll - ok
18:34:18.0140 6852 [ 9170C065FC76758E5D317B8FBA884F0C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll
18:34:18.0140 6852 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll - ok
18:34:18.0151 6852 [ 6F0A1EBBE35F76C3F4FB9E259BCD057F ] C:\Program Files (x86)\ASUS\Splendid\ACOVS.exe
18:34:18.0151 6852 C:\Program Files (x86)\ASUS\Splendid\ACOVS.exe - ok
18:34:18.0161 6852 [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
18:34:18.0161 6852 C:\Windows\System32\oleres.dll - ok
18:34:18.0173 6852 [ 9276AD561E976FE381D72FD3F7F3E3DF ] C:\Program Files (x86)\ASUS\Splendid\my_Intel.exe
18:34:18.0173 6852 C:\Program Files (x86)\ASUS\Splendid\my_Intel.exe - ok
18:34:18.0184 6852 [ 9E5868DB59C6D8E949F724DBBC639A31 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll
18:34:18.0185 6852 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll - ok
18:34:18.0196 6852 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
18:34:18.0196 6852 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
18:34:18.0207 6852 [ 00B0757070CEF908AB5727D028A5376B ] C:\Program Files (x86)\ASUS\Splendid\Asus_DLL.dll
18:34:18.0208 6852 C:\Program Files (x86)\ASUS\Splendid\Asus_DLL.dll - ok
18:34:18.0219 6852 [ 2A72853494912BB034AF7AC1C86EC04E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
18:34:18.0219 6852 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll - ok
18:34:18.0230 6852 [ AC6A3801F3CDE7EB41B3F52E9B0A1C2B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
18:34:18.0230 6852 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll - ok
18:34:18.0242 6852 [ AEDDFD540E3E6BECDB14C30D1F12B78A ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
18:34:18.0242 6852 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
18:34:18.0253 6852 [ DDFBFD8959F32AC0CF3947F36BAC3081 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
18:34:18.0253 6852 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
18:34:18.0265 6852 [ 43104328E99680FCF282E71CC45CB5D2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
18:34:18.0265 6852 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll - ok
18:34:18.0276 6852 [ B9A616D92F64A4AAF426389DDE76576C ] C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
18:34:18.0276 6852 C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll - ok
18:34:18.0286 6852 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
18:34:18.0286 6852 C:\Windows\System32\esent.dll - ok
18:34:18.0296 6852 [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
18:34:18.0296 6852 C:\Windows\System32\alg.exe - ok
18:34:18.0303 6852 [ E8494519BCB9E3B1B72E5604993A76E3 ] C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
18:34:18.0303 6852 C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe - ok
18:34:18.0314 6852 [ 9217D874131AE6FF8F642F124F00A555 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:34:18.0314 6852 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe - ok
18:34:18.0325 6852 [ D1CEEA2B47CB998321C579651CE3E4F8 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:34:18.0325 6852 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe - ok
18:34:18.0336 6852 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:34:18.0336 6852 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
18:34:18.0346 6852 [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
18:34:18.0346 6852 C:\Windows\ehome\ehrecvr.exe - ok
18:34:18.0357 6852 [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
18:34:18.0357 6852 C:\Windows\ehome\ehsched.exe - ok
18:34:18.0367 6852 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
18:34:18.0367 6852 C:\Windows\System32\linkinfo.dll - ok
18:34:18.0378 6852 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
18:34:18.0378 6852 C:\Windows\System32\FXSSVC.exe - ok
18:34:18.0389 6852 [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
18:34:18.0389 6852 C:\Program Files\Windows Sidebar\sidebar.exe - ok
18:34:18.0400 6852 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:34:18.0400 6852 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe - ok
18:34:18.0412 6852 [ 58BC9B644E6B252C8337AD501B04692A ] C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
18:34:18.0412 6852 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe - ok
18:34:18.0423 6852 [ 6E50CFA46527B39015B750AAD161C5CC ] C:\Program Files\iPod\bin\iPodService.exe
18:34:18.0423 6852 C:\Program Files\iPod\bin\iPodService.exe - ok
18:34:18.0434 6852 [ 7FD0D355941B67162BFB70773D948F88 ] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe
18:34:18.0434 6852 C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe - ok
18:34:18.0445 6852 [ C66CD088BF31CD56E5AF14EFD6B1C093 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:34:18.0445 6852 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
18:34:18.0456 6852 [ 215DF39F5A4D23FC21F018760B3A261C ] C:\Program Files\Elantech\ETDCtrl.exe
18:34:18.0456 6852 C:\Program Files\Elantech\ETDCtrl.exe - ok
18:34:18.0466 6852 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] C:\Windows\System32\msdtc.exe
18:34:18.0467 6852 C:\Windows\System32\msdtc.exe - ok
18:34:18.0477 6852 [ C43D50453404EF1C6801EFFC2492A202 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:34:18.0477 6852 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
18:34:18.0488 6852 [ A190DA6546501CB4146BBCC0B6A3F48B ] C:\Windows\System32\msiexec.exe
18:34:18.0488 6852 C:\Windows\System32\msiexec.exe - ok
18:34:18.0498 6852 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
18:34:18.0499 6852 C:\Windows\System32\Locator.exe - ok
18:34:18.0508 6852 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
18:34:18.0509 6852 C:\Windows\System32\sppsvc.exe - ok
18:34:18.0519 6852 [ DF1FC619B2806574C80CE639A8E03A68 ] C:\PROGRA~1\Serviio\bin\SERVII~3.EXE
18:34:18.0519 6852 C:\PROGRA~1\Serviio\bin\SERVII~3.EXE - ok
18:34:18.0530 6852 [ 69D76CE06BB629B69165C81D83A4B03E ] C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
18:34:18.0530 6852 C:\Program Files\Trend Micro\Titanium\TiMiniService.exe - ok
18:34:18.0540 6852 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe
18:34:18.0540 6852 C:\Windows\System32\UI0Detect.exe - ok
18:34:18.0552 6852 [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
18:34:18.0552 6852 C:\Windows\System32\vds.exe - ok
18:34:18.0562 6852 [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
18:34:18.0563 6852 C:\Windows\System32\VSSVC.exe - ok
18:34:18.0573 6852 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] C:\Windows\System32\Wat\WatAdminSvc.exe
18:34:18.0573 6852 C:\Windows\System32\Wat\WatAdminSvc.exe - ok
18:34:18.0584 6852 [ 37DEB76A2CF005841C4E45DE2B94D84F ] C:\Windows\AsScrPro.exe
18:34:18.0584 6852 C:\Windows\AsScrPro.exe - ok
18:34:18.0595 6852 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe
18:34:18.0595 6852 C:\Windows\System32\wbengine.exe - ok
18:34:18.0606 6852 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:34:18.0606 6852 C:\Program Files\Windows Live\Mesh\wlcrasvc.exe - ok
18:34:18.0616 6852 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
18:34:18.0616 6852 C:\Windows\SysWOW64\mfc42.dll - ok
18:34:18.0627 6852 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
18:34:18.0627 6852 C:\Windows\System32\wbem\WmiApSrv.exe - ok
18:34:18.0638 6852 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
18:34:18.0638 6852 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
18:34:18.0648 6852 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
18:34:18.0648 6852 C:\Windows\SysWOW64\odbc32.dll - ok
18:34:18.0659 6852 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
18:34:18.0659 6852 C:\Windows\SysWOW64\odbcint.dll - ok
18:34:18.0669 6852 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
18:34:18.0669 6852 C:\Windows\System32\SearchIndexer.exe - ok
18:34:18.0680 6852 [ 25DEF2EF843275862FFBF55487CEFDDD ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_135.ocx
18:34:18.0680 6852 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_135.ocx - ok
18:34:18.0692 6852 [ 7544263D5BEDD291399BD970AB055F6A ] C:\Program Files\Trend Micro\Titanium\TmDbgLog.dll
18:34:18.0692 6852 C:\Program Files\Trend Micro\Titanium\TmDbgLog.dll - ok
18:34:18.0703 6852 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe
18:34:18.0703 6852 C:\Windows\SysWOW64\regsvr32.exe - ok
18:34:18.0713 6852 [ E852C399D73B84E682816F55C9F8ABB4 ] C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
18:34:18.0713 6852 C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe - ok
18:34:18.0724 6852 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
18:34:18.0724 6852 C:\Windows\SysWOW64\dsound.dll - ok
18:34:18.0736 6852 [ 9111AEDC276C8BB2D9CA568CD3EB92BA ] C:\Program Files\Trend Micro\Titanium\VizorUniclientLibrary.dll
18:34:18.0736 6852 C:\Program Files\Trend Micro\Titanium\VizorUniclientLibrary.dll - ok
18:34:18.0747 6852 [ 50A142496351756730CB683E00391562 ] C:\Program Files\Trend Micro\AMSP\utilDebugLog.dll
18:34:18.0747 6852 C:\Program Files\Trend Micro\AMSP\utilDebugLog.dll - ok
18:34:18.0759 6852 [ 8158913139DD41770A6A0DB62374A15A ] C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
18:34:18.0759 6852 C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll - ok
18:34:18.0770 6852 [ 97902BF4AE575FD11D092616DB62E2C4 ] C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
18:34:18.0770 6852 C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll - ok
18:34:18.0781 6852 [ B9562B9088E56D01F04F72A2452018F9 ] C:\Program Files\Trend Micro\AMSP\utilMsgBuffer.dll
18:34:18.0781 6852 C:\Program Files\Trend Micro\AMSP\utilMsgBuffer.dll - ok
18:34:18.0793 6852 [ B1FDCFFF7609E121C10751A669AB1611 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll
18:34:18.0793 6852 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll - ok
18:34:18.0804 6852 [ 35048D8E8A0BF7A797CD5757ACD7EED0 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
18:34:18.0805 6852 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe - ok
18:34:18.0811 6852 [ C759FF2C5880DE29284A53A5FF976B0C ] C:\Windows\System32\pcadm.dll
18:34:18.0811 6852 C:\Windows\System32\pcadm.dll - ok
18:34:18.0822 6852 [ 205D43DD91BCD857BCA16FF16EF6DE20 ] C:\Program Files\Trend Micro\AMSP\outer_AMSP_ClientLibrary.dll
18:34:18.0822 6852 C:\Program Files\Trend Micro\AMSP\outer_AMSP_ClientLibrary.dll - ok
18:34:18.0832 6852 [ 717484C33B2993DEC02A3DEB44E74534 ] C:\Program Files\Trend Micro\AMSP\utilIPC.dll
18:34:18.0833 6852 C:\Program Files\Trend Micro\AMSP\utilIPC.dll - ok
18:34:18.0844 6852 [ C3A5FFD57C2563204CD9351F0C7A0DEA ] C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll
18:34:18.0844 6852 C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll - ok
18:34:18.0855 6852 [ 9423C9A80BFAE56CBACF82097AE17F78 ] C:\Program Files\Trend Micro\AMSP\utilThread.dll
18:34:18.0855 6852 C:\Program Files\Trend Micro\AMSP\utilThread.dll - ok
18:34:18.0866 6852 [ A1A6FC56A1D0DADC164637FE43C40605 ] C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll
18:34:18.0866 6852 C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll - ok
18:34:18.0877 6852 [ 559BCDFE4F46B4AD2CAC0528A9BCB7AA ] C:\Program Files\Trend Micro\AMSP\utilRPC.dll
18:34:18.0877 6852 C:\Program Files\Trend Micro\AMSP\utilRPC.dll - ok
18:34:18.0888 6852 [ 6693F4D635561B765AC40CE754187AA8 ] C:\Program Files\Trend Micro\AMSP\utilAccessControl.dll
18:34:18.0888 6852 C:\Program Files\Trend Micro\AMSP\utilAccessControl.dll - ok
18:34:18.0899 6852 [ E8E8E3EA96C03FA5403B6814B539E0A8 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
18:34:18.0899 6852 C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll - ok
18:34:18.0910 6852 [ 85605784E07B17A6C3C69444BF8792DA ] C:\Program Files\Trend Micro\AMSP\utilInstallation.dll
18:34:18.0910 6852 C:\Program Files\Trend Micro\AMSP\utilInstallation.dll - ok
18:34:18.0921 6852 [ DB62CB0840BF84E9DFD646F39B6EF742 ] C:\Program Files\Trend Micro\AMSP\utilComponentInfo.dll
18:34:18.0921 6852 C:\Program Files\Trend Micro\AMSP\utilComponentInfo.dll - ok
18:34:18.0932 6852 [ EBE9542554DAF801DA24CFDBC6AA209E ] C:\Program Files\Trend Micro\AMSP\utilGenericLoader.dll
18:34:18.0932 6852 C:\Program Files\Trend Micro\AMSP\utilGenericLoader.dll - ok
18:34:18.0943 6852 [ A6E2D1522F23C854611F272EBEB30948 ] C:\Program Files\Trend Micro\AMSP\utilJsonHandle.dll
18:34:18.0943 6852 C:\Program Files\Trend Micro\AMSP\utilJsonHandle.dll - ok
18:34:18.0954 6852 [ 442235AC4F20B195F932990CAE47408E ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll
18:34:18.0954 6852 C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll - ok
18:34:18.0965 6852 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
18:34:18.0965 6852 C:\Windows\SysWOW64\wmp.dll - ok
18:34:18.0975 6852 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
18:34:18.0975 6852 C:\Windows\SysWOW64\wmploc.DLL - ok
18:34:18.0986 6852 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
18:34:18.0986 6852 C:\Windows\System32\dsound.dll - ok
18:34:18.0997 6852 [ 6E1A517E6FFA4ADC9790F0739A04D0B8 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
18:34:18.0997 6852 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll - ok
18:34:19.0008 6852 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
18:34:19.0008 6852 C:\Windows\System32\opengl32.dll - ok
18:34:19.0018 6852 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
18:34:19.0018 6852 C:\Windows\System32\glu32.dll - ok
18:34:19.0029 6852 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
18:34:19.0029 6852 C:\Windows\System32\ddraw.dll - ok
18:34:19.0039 6852 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
18:34:19.0039 6852 C:\Windows\System32\dciman32.dll - ok
18:34:19.0049 6852 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
18:34:19.0049 6852 C:\Windows\System32\msimg32.dll - ok
18:34:19.0059 6852 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
18:34:19.0059 6852 C:\Windows\System32\oledlg.dll - ok
18:34:19.0066 6852 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
18:34:19.0066 6852 C:\Windows\System32\RtkCfg64.dll - ok
18:34:19.0076 6852 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
18:34:19.0076 6852 C:\Windows\SysWOW64\devrtl.dll - ok
18:34:19.0086 6852 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
18:34:19.0087 6852 C:\Windows\System32\ie4uinit.exe - ok
18:34:19.0097 6852 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
18:34:19.0097 6852 C:\Windows\System32\iedkcs32.dll - ok
18:34:19.0107 6852 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
18:34:19.0107 6852 C:\Windows\System32\themeui.dll - ok
18:34:19.0118 6852 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
18:34:19.0118 6852 C:\Windows\System32\timedate.cpl - ok
18:34:19.0128 6852 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
18:34:19.0128 6852 C:\Windows\System32\actxprxy.dll - ok
18:34:19.0139 6852 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
18:34:19.0139 6852 C:\Windows\System32\shdocvw.dll - ok
18:34:19.0149 6852 [ 661CEEDE98A2E0E5CDD7DE239EB38353 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
18:34:19.0150 6852 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
18:34:19.0160 6852 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
18:34:19.0160 6852 C:\Windows\System32\msftedit.dll - ok
18:34:19.0171 6852 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
18:34:19.0171 6852 C:\Windows\System32\gameux.dll - ok
18:34:19.0181 6852 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
18:34:19.0181 6852 C:\Windows\System32\msls31.dll - ok
18:34:19.0192 6852 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
18:34:19.0193 6852 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
18:34:19.0204 6852 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
18:34:19.0204 6852 C:\Windows\System32\DeviceCenter.dll - ok
18:34:19.0215 6852 [ 98A5AA92664BF679A6A36DDA8948F504 ] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe
18:34:19.0215 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe - ok
18:34:19.0226 6852 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
18:34:19.0226 6852 C:\Windows\System32\thumbcache.dll - ok
18:34:19.0237 6852 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
18:34:19.0237 6852 C:\Windows\System32\networkexplorer.dll - ok
18:34:19.0248 6852 [ B2A2E2CC6D175AF8A1DEF377AA9691DC ] C:\Program Files\Trend Micro\Titanium\UIFramework\libcef.dll
18:34:19.0248 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\libcef.dll - ok
18:34:19.0259 6852 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll
18:34:19.0259 6852 C:\Windows\SysWOW64\opengl32.dll - ok
18:34:19.0270 6852 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll
18:34:19.0270 6852 C:\Windows\SysWOW64\glu32.dll - ok
18:34:19.0280 6852 [ C81A97A261AE847AA6F9E57729A3E60A ] C:\Program Files\Trend Micro\Titanium\UIFramework\TmDbgLog.dll
18:34:19.0280 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\TmDbgLog.dll - ok
18:34:19.0292 6852 [ ECC454E6AB61BB3AD00AFB9F5C081E2C ] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorUniclientLibrary.dll
18:34:19.0292 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\VizorUniclientLibrary.dll - ok
18:34:19.0303 6852 [ F4BFB815F3E7751D55D605EBAD84CDA2 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
18:34:19.0303 6852 C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe - ok
18:34:19.0315 6852 [ 4CE1C9F944C5EC5B6B7F0C833A273DEA ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilDebugLog.dll
18:34:19.0315 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\utilDebugLog.dll - ok
18:34:19.0321 6852 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
18:34:19.0321 6852 C:\Windows\System32\msiltcfg.dll - ok
18:34:19.0332 6852 [ 320681DF28D82CDCA7E3EED0846625DB ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
18:34:19.0332 6852 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
18:34:19.0343 6852 [ 7BDA9423415F7612454B91DF4FA11576 ] C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc80-mt-1_36.dll
18:34:19.0343 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc80-mt-1_36.dll - ok
18:34:19.0355 6852 [ 381CF052785F8C644128A50B8F5DD184 ] C:\Program Files\Elantech\ETDFavorite.dll
18:34:19.0355 6852 C:\Program Files\Elantech\ETDFavorite.dll - ok
18:34:19.0365 6852 [ A4FBAA985D1DC842631473DC604100B2 ] C:\Program Files\Elantech\ETDApix.dll
18:34:19.0365 6852 C:\Program Files\Elantech\ETDApix.dll - ok
18:34:19.0376 6852 [ 50EE778BF4C4EE52CF1FB49E268710CD ] C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc80-mt-1_36.dll
18:34:19.0376 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc80-mt-1_36.dll - ok
18:34:19.0389 6852 [ ADE6A6FEBF1FC2B7080636B9051582EA ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilMsgBuffer.dll
18:34:19.0389 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\utilMsgBuffer.dll - ok
18:34:19.0400 6852 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
18:34:19.0401 6852 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
18:34:19.0412 6852 [ 4E39830415EEA68CFCB737FE3D6A0E28 ] C:\Program Files\Elantech\ETDCmds.dll
18:34:19.0412 6852 C:\Program Files\Elantech\ETDCmds.dll - ok
18:34:19.0423 6852 [ 96F8E8118661EC51D47719F037EBFD12 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilJsonHandle.dll
18:34:19.0424 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\utilJsonHandle.dll - ok
18:34:19.0435 6852 [ 4275701172E647D59623D42734E132AF ] C:\Program Files\Trend Micro\Titanium\UIFramework\outer_AMSP_ClientLibrary.dll
18:34:19.0435 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\outer_AMSP_ClientLibrary.dll - ok
18:34:19.0447 6852 [ 4992425091F14FBD303D856E1FE0BF02 ] C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe
18:34:19.0447 6852 C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe - ok
18:34:19.0458 6852 [ ACE195303472D15FA4B6BEE30F319657 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilIPC.dll
18:34:19.0458 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\utilIPC.dll - ok
18:34:19.0470 6852 [ 08875F073FD0AA75BD81EFC6AA955F20 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilThread.dll
18:34:19.0470 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\utilThread.dll - ok
18:34:19.0480 6852 [ CFF3C4ABDCC5356B0674743BDF0FB674 ] C:\Windows\System32\mshtml.dll
18:34:19.0480 6852 C:\Windows\System32\mshtml.dll - ok
18:34:19.0492 6852 [ 794B73472A43C9E18DE264340096D58C ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilRPC.dll
18:34:19.0492 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\utilRPC.dll - ok
18:34:19.0503 6852 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
18:34:19.0503 6852 C:\Windows\SysWOW64\olepro32.dll - ok
18:34:19.0514 6852 [ F9909B83C000A953F21B2358494C0E19 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilAccessControl.dll
18:34:19.0514 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\utilAccessControl.dll - ok
18:34:19.0525 6852 [ 12133C6195D0A801F57E27CCFC79D20F ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
18:34:19.0525 6852 C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe - ok
18:34:19.0536 6852 [ D437C6B6C1CA63C3D5BF5A280A4FE60A ] C:\Program Files (x86)\Skype\Phone\Skype.exe
18:34:19.0537 6852 C:\Program Files (x86)\Skype\Phone\Skype.exe - ok
18:34:19.0547 6852 [ 57BBB3DB2D8D1949D11964FCE332D7CD ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilInstallation.dll
18:34:19.0547 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\utilInstallation.dll - ok
18:34:19.0559 6852 [ C2F5DFC47BCA388DFAB8236FE1B38A98 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilComponentInfo.dll
18:34:19.0559 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\utilComponentInfo.dll - ok
18:34:19.0566 6852 [ D859B2E8E7160FC4081124E6D1F98C4A ] C:\Program Files\Elantech\ETDCtrlHelper.exe
18:34:19.0566 6852 C:\Program Files\Elantech\ETDCtrlHelper.exe - ok
18:34:19.0578 6852 [ C0017E791FFA01A7BD09683BA7A0F4D0 ] C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE
18:34:19.0578 6852 C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE - ok
18:34:19.0589 6852 [ 1DD260C2E7C1934F90CB4F4EF33D04A5 ] C:\Program Files (x86)\Copernic Desktop Search - Home\SearchPlatform-s.dll
18:34:19.0589 6852 C:\Program Files (x86)\Copernic Desktop Search - Home\SearchPlatform-s.dll - ok
18:34:19.0600 6852 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
18:34:19.0600 6852 C:\Windows\System32\consent.exe - ok
18:34:19.0610 6852 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
18:34:19.0610 6852 C:\Windows\System32\stobject.dll - ok
18:34:19.0621 6852 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
18:34:19.0621 6852 C:\Windows\System32\batmeter.dll - ok
18:34:19.0631 6852 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
18:34:19.0631 6852 C:\Windows\System32\prnfldr.dll - ok
18:34:19.0642 6852 [ 86D3BEA2B995DCEA877D25725D77DC5E ] C:\Program Files (x86)\ASUS\APRP\aprp.exe
18:34:19.0642 6852 C:\Program Files (x86)\ASUS\APRP\aprp.exe - ok
18:34:19.0652 6852 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
18:34:19.0653 6852 C:\Windows\AppPatch\AcLayers.dll - ok
18:34:19.0663 6852 [ F6FD82845D9A0D3DE9294CB8743FB1FE ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilGenericLoader.dll
18:34:19.0663 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\utilGenericLoader.dll - ok
18:34:19.0674 6852 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
18:34:19.0674 6852 C:\Windows\System32\DXP.dll - ok
18:34:19.0684 6852 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
18:34:19.0684 6852 C:\Windows\SysWOW64\samlib.dll - ok
18:34:19.0695 6852 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
18:34:19.0695 6852 C:\Windows\System32\Syncreg.dll - ok
18:34:19.0706 6852 [ 83BC28AC2BFE8CE1717A55AC14E9463E ] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
18:34:19.0706 6852 C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe - ok
18:34:19.0717 6852 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
18:34:19.0717 6852 C:\Windows\ehome\ehSSO.dll - ok
18:34:19.0727 6852 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\SysWOW64\mshtml.dll
18:34:19.0727 6852 C:\Windows\SysWOW64\mshtml.dll - ok
18:34:19.0738 6852 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
18:34:19.0738 6852 C:\Windows\System32\AltTab.dll - ok
18:34:19.0748 6852 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
18:34:19.0748 6852 C:\Windows\System32\QUTIL.DLL - ok
18:34:19.0758 6852 [ 7EE22E13DEC8A6D18F4643C1EA34B0F0 ] C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
18:34:19.0758 6852 C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe - ok
18:34:19.0770 6852 [ 68CE18072E9CDFE63DD2E083868C7433 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
18:34:19.0770 6852 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
18:34:19.0781 6852 [ FDDC4D6EC3B2BD3B5A04C22881305621 ] C:\Windows\SysWOW64\SFCOM.dll
18:34:19.0781 6852 C:\Windows\SysWOW64\SFCOM.dll - ok
18:34:19.0791 6852 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
18:34:19.0792 6852 C:\Windows\System32\WPDShServiceObj.dll - ok
18:34:19.0802 6852 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
18:34:19.0802 6852 C:\Windows\System32\ActionCenter.dll - ok
18:34:19.0813 6852 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
18:34:19.0813 6852 C:\Windows\SysWOW64\wdmaud.drv - ok
18:34:19.0819 6852 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
18:34:19.0819 6852 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
18:34:19.0832 6852 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
18:34:19.0832 6852 C:\Windows\SysWOW64\ksuser.dll - ok
18:34:19.0842 6852 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
18:34:19.0842 6852 C:\Windows\SysWOW64\avrt.dll - ok
18:34:19.0853 6852 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
18:34:19.0853 6852 C:\Windows\SysWOW64\msacm32.drv - ok
18:34:19.0864 6852 [ 79A3B950988F8D2B81906D0C0473158B ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
18:34:19.0864 6852 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe - ok
18:34:19.0875 6852 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
18:34:19.0875 6852 C:\Windows\SysWOW64\midimap.dll - ok
18:34:19.0886 6852 [ 1578ED9A1C0AA2A32461072B2BC8123C ] C:\Program Files\Trend Micro\Titanium\UIFramework\instInstallationLibrary.dll
18:34:19.0886 6852 C:\Program Files\Trend Micro\Titanium\UIFramework\instInstallationLibrary.dll - ok
18:34:19.0898 6852 [ 8AEF9A4D7A841D082A98A1C5D4CFFFB9 ] C:\Program Files (x86)\ASUS\AsusVibe\AsusVibe2.0.exe
18:34:19.0898 6852 C:\Program Files (x86)\ASUS\AsusVibe\AsusVibe2.0.exe - ok
18:34:19.0909 6852 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
18:34:19.0909 6852 C:\Windows\System32\bthprops.cpl - ok
18:34:19.0920 6852 [ 66AA43F07DEE7FE8F22D955E06A1FB0B ] C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
18:34:19.0920 6852 C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll - ok
18:34:19.0931 6852 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
18:34:19.0932 6852 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
18:34:19.0942 6852 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
18:34:19.0943 6852 C:\Windows\System32\srchadmin.dll - ok
18:34:19.0953 6852 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
18:34:19.0953 6852 C:\Windows\System32\tquery.dll - ok
18:34:19.0964 6852 [ 5AEBF6FA9805C9101220AA4FB4FA17E7 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
18:34:19.0964 6852 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe - ok
18:34:19.0976 6852 [ C61D476C867D215FB9CE136CE6BF0C14 ] C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
18:34:19.0976 6852 C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll - ok
18:34:19.0987 6852 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
18:34:19.0987 6852 C:\Windows\System32\rasdlg.dll - ok
18:34:19.0997 6852 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
18:34:19.0997 6852 C:\Windows\System32\FXSST.dll - ok
18:34:20.0008 6852 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
18:34:20.0008 6852 C:\Windows\System32\dot3api.dll - ok
18:34:20.0018 6852 [ B166415C55E416022B3339EBD6CB216E ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
18:34:20.0019 6852 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe - ok
18:34:20.0030 6852 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
18:34:20.0030 6852 C:\Windows\System32\wlanhlp.dll - ok
18:34:20.0040 6852 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
18:34:20.0040 6852 C:\Windows\System32\msimtf.dll - ok
18:34:20.0050 6852 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
18:34:20.0050 6852 C:\Windows\System32\mssrch.dll - ok
18:34:20.0060 6852 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
18:34:20.0060 6852 C:\Windows\System32\FXSAPI.dll - ok
18:34:20.0071 6852 [ E0D73E76182A5B58CA10CC193FFC675B ] C:\Program Files (x86)\ASUS\FancyStart\FancyStart.exe
18:34:20.0071 6852 C:\Program Files (x86)\ASUS\FancyStart\FancyStart.exe - ok
18:34:20.0078 6852 [ 82CC8F77E9EC61C6B4D48DD4D5CA78E7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:34:20.0078 6852 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
18:34:20.0089 6852 [ ECF45E3FC8C63E44ED45D38A8672E7F1 ] C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe
18:34:20.0089 6852 C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe - ok
18:34:20.0100 6852 [ 5CEDF292F4573A1F36CC7DE598ECCFC7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
18:34:20.0100 6852 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
18:34:20.0112 6852 [ 11379ADAEB0D8FB11DA78B9152BFEFFA ] C:\Program Files (x86)\ASUS\Wireless Console 3\FreeImage.dll
18:34:20.0112 6852 C:\Program Files (x86)\ASUS\Wireless Console 3\FreeImage.dll - ok
18:34:20.0123 6852 [ FD0D2E1FAEBAE5031BE2EB8000D973F1 ] C:\Program Files\Internet Explorer\iexplore.exe
18:34:20.0123 6852 C:\Program Files\Internet Explorer\iexplore.exe - ok
18:34:20.0134 6852 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
18:34:20.0134 6852 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
18:34:20.0145 6852 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
18:34:20.0145 6852 C:\Windows\System32\WWanAPI.dll - ok
18:34:20.0156 6852 [ 40B28FBD1E4DEF0910E2AC3EAE4D43CF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll
18:34:20.0156 6852 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll - ok
18:34:20.0167 6852 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
18:34:20.0167 6852 C:\Windows\System32\wwapi.dll - ok
18:34:20.0178 6852 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
18:34:20.0178 6852 C:\Windows\SysWOW64\msiltcfg.dll - ok
18:34:20.0189 6852 [ ABBA6869E600C7F1DDAB73DFFF122D42 ] C:\PROGRA~1\Belkin\NETWOR~1\Connect.exe
18:34:20.0189 6852 C:\PROGRA~1\Belkin\NETWOR~1\Connect.exe - ok
18:34:20.0199 6852 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
18:34:20.0199 6852 C:\Windows\System32\msidle.dll - ok
18:34:20.0211 6852 [ D57FE6A1236041D29787A960397FA616 ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
18:34:20.0211 6852 C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe - ok
18:34:20.0222 6852 [ F2E46D4A13688042B55E1A4254298FE2 ] C:\Program Files (x86)\ASUS\Wireless Console 3\RtlLib.dll
18:34:20.0222 6852 C:\Program Files (x86)\ASUS\Wireless Console 3\RtlLib.dll - ok
18:34:20.0233 6852 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
18:34:20.0233 6852 C:\Windows\System32\QAGENT.DLL - ok
18:34:20.0244 6852 [ 4AFFDCAADCB1DBBFFAF06C7F82E7F6FC ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
18:34:20.0244 6852 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
18:34:20.0255 6852 [ 972DCC74D4CDCB64086E7CFACBDB74CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
18:34:20.0255 6852 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok
18:34:20.0266 6852 [ C0E1D09C01019F27F2B06BBA152CDB07 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
18:34:20.0267 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll - ok
18:34:20.0278 6852 [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll
18:34:20.0278 6852 C:\Windows\System32\d2d1.dll - ok
18:34:20.0288 6852 [ 7B845BFE314509D08AB5865CB141E332 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
18:34:20.0289 6852 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
18:34:20.0299 6852 [ A67050F159C5DEC50E92EE3F716DD293 ] C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
18:34:20.0300 6852 C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll - ok
18:34:20.0311 6852 [ 389A0D023452C0A943C65C04A810FC4F ] C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
18:34:20.0311 6852 C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll - ok
18:34:20.0322 6852 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
18:34:20.0322 6852 C:\Windows\System32\mssprxy.dll - ok
18:34:20.0329 6852 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
18:34:20.0329 6852 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
18:34:20.0340 6852 [ A7146C0C90D7BA0F251AC073E655D4D2 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
18:34:20.0340 6852 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
18:34:20.0351 6852 [ 9DEE004269DADEE715BD572410AA6076 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
18:34:20.0351 6852 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
18:34:20.0362 6852 [ F577910A133A592234EBAAD3F3AFA258 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:34:20.0362 6852 C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
18:34:20.0374 6852 [ 867BA8D62B2A821E0370F0F4087A04AE ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
18:34:20.0374 6852 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe - ok
18:34:20.0385 6852 [ B63E5C7807334A3A8F731062F15462CC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:34:20.0385 6852 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
18:34:20.0397 6852 [ 1C338290116B8D8D91018E8E6C66E555 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe
18:34:20.0397 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe - ok
18:34:20.0409 6852 [ 880798F61D6FAA41556CE9FA25E146F5 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
18:34:20.0409 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe - ok
18:34:20.0420 6852 [ C637FC4638A96165256B28D38DE7B953 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
18:34:20.0421 6852 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
18:34:20.0432 6852 [ 794918BA6D0EEB27C9132F5B90A39C0C ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
18:34:20.0432 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc - ok
18:34:20.0443 6852 [ 7C02774740B2EA1F5237808B1A363D34 ] C:\Program Files (x86)\ASUS\Wireless Console 3\IpLib.dll
18:34:20.0443 6852 C:\Program Files (x86)\ASUS\Wireless Console 3\IpLib.dll - ok
18:34:20.0454 6852 [ 2635B1A6B11105AACE0440CEC6830189 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll
18:34:20.0454 6852 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll - ok
18:34:20.0465 6852 [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll
18:34:20.0465 6852 C:\Windows\System32\DWrite.dll - ok
18:34:20.0476 6852 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
18:34:20.0476 6852 C:\Windows\SysWOW64\msvcp100.dll - ok
18:34:20.0486 6852 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
18:34:20.0486 6852 C:\Windows\SysWOW64\msvcr100.dll - ok
18:34:20.0498 6852 [ 8C835AC25FE7CFA572F2918EDDB55EB0 ] C:\Program Files (x86)\Acronis\TrueImageHome\Common\resource.dll
18:34:20.0498 6852 C:\Program Files (x86)\Acronis\TrueImageHome\Common\resource.dll - ok
18:34:20.0509 6852 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
18:34:20.0509 6852 C:\Windows\System32\wmdrmdev.dll - ok
18:34:20.0520 6852 [ 8F77B32860FA6541F7F4AE494EEA670F ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Esl\Aiod.dll
18:34:20.0520 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Esl\Aiod.dll - ok
18:34:20.0531 6852 [ 9568BB33BBAD356EDD6CDE988E570523 ] C:\Windows\System32\jscript9.dll
18:34:20.0531 6852 C:\Windows\System32\jscript9.dll - ok
18:34:20.0542 6852 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
18:34:20.0542 6852 C:\Windows\System32\drmv2clt.dll - ok
18:34:20.0552 6852 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
18:34:20.0553 6852 C:\Windows\System32\en-US\tquery.dll.mui - ok
18:34:20.0564 6852 [ DD1173E82083162858D1D4EAF43EC69B ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
18:34:20.0564 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll - ok
18:34:20.0575 6852 [ DA6A7AF9E7030C7C2933A697EE1189BE ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
18:34:20.0575 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe - ok
18:34:20.0583 6852 [ 3F2D0111ED59CF2847E0E2551117D3F3 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodist.exe
18:34:20.0583 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodist.exe - ok
18:34:20.0594 6852 [ D4764F0DEBBFB6E18553CA00964C08D7 ] C:\PROGRA~2\COPERN~1\APPLIC~1.DLL
18:34:20.0594 6852 C:\PROGRA~2\COPERN~1\APPLIC~1.DLL - ok
18:34:20.0606 6852 [ 73C9AF63AC99814D4CD9107BE4C5B3F3 ] C:\Program Files (x86)\Acronis\TrueImageHome\Common\thread_pool.dll
18:34:20.0606 6852 C:\Program Files (x86)\Acronis\TrueImageHome\Common\thread_pool.dll - ok
18:34:20.0617 6852 [ 34CA7536C887700B3A529EEF502BE431 ] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
18:34:20.0617 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe - ok
18:34:20.0628 6852 [ 483026A61C7EDE17BF58506F4E5591BB ] C:\Program Files (x86)\Acronis\TrueImageHome\Common\rpc_client.dll
18:34:20.0628 6852 C:\Program Files (x86)\Acronis\TrueImageHome\Common\rpc_client.dll - ok
18:34:20.0640 6852 [ D5B783DACE1BBDD382A63C894BAB8E1E ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
18:34:20.0640 6852 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe - ok
18:34:20.0652 6852 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
18:34:20.0652 6852 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
18:34:20.0663 6852 [ 083649EF692A066880C9326020915AFE ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
18:34:20.0663 6852 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
18:34:20.0675 6852 [ 9D143DE584AF0B120766B74AA41D1F28 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll
18:34:20.0675 6852 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll - ok
18:34:20.0686 6852 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
18:34:20.0686 6852 C:\Windows\System32\FntCache.dll - ok
18:34:20.0697 6852 [ 179EED57FED3C7422A559633641032BA ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
18:34:20.0697 6852 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
18:34:20.0708 6852 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
18:34:20.0708 6852 C:\Windows\System32\wmploc.DLL - ok
18:34:20.0718 6852 [ F1ED09F4F1FE819031F9140B76F20395 ] C:\Program Files (x86)\ASUS\Wireless Console 3\libeay32.dll
18:34:20.0719 6852 C:\Program Files (x86)\ASUS\Wireless Console 3\libeay32.dll - ok
18:34:20.0729 6852 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
18:34:20.0729 6852 C:\Windows\SysWOW64\cryptui.dll - ok
18:34:20.0740 6852 [ 13790C4FB6311ECE6D6763A7EC2313FB ] C:\Program Files\AVAST Software\Avast\aswAra.dll
18:34:20.0740 6852 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
18:34:20.0751 6852 [ F0E7DEC6F7A3610949BDED0CA8CCB3EA ] C:\Program Files\AVAST Software\Avast\aswData.dll
18:34:20.0751 6852 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
18:34:20.0761 6852 [ CD76F9CC2F4DD608CF2AB377F6CCF698 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
18:34:20.0761 6852 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
18:34:20.0773 6852 [ AB6E3DF509C6BD59062F685A40395C23 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
18:34:20.0773 6852 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
18:34:20.0783 6852 [ AB04C6CE5DF23819B914F822E9AA0EDF ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
18:34:20.0784 6852 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
18:34:20.0794 6852 [ A3FA99A16F10D44EDB7A8C340FA2EE1B ] C:\Windows\SysWOW64\jscript9.dll
18:34:20.0794 6852 C:\Windows\SysWOW64\jscript9.dll - ok
18:34:20.0806 6852 [ 27A6ADA12783F1065924460674BE4191 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodistdll.dll
18:34:20.0806 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodistdll.dll - ok
18:34:20.0816 6852 [ C5AD4CD78347DF338A9E11365302249C ] C:\Program Files\AVAST Software\Avast\aswJsFlt64.dll
18:34:20.0817 6852 C:\Program Files\AVAST Software\Avast\aswJsFlt64.dll - ok
18:34:20.0827 6852 [ 5BD727C488374AD7DFEC6FC3B2285806 ] C:\PROGRA~1\AVASTS~1\Avast\AavmRpch64.dll
18:34:20.0827 6852 C:\PROGRA~1\AVASTS~1\Avast\AavmRpch64.dll - ok
18:34:20.0835 6852 [ 3E0AB1C6506F149CC5ABA66433D35E62 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libeay32.dll
18:34:20.0835 6852 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libeay32.dll - ok
18:34:20.0846 6852 [ 114E5342884A174F0E261526F07B63A1 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libcurl.dll
18:34:20.0846 6852 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libcurl.dll - ok
18:34:20.0858 6852 [ 83502D796852329CDFC906FEE2B5EDE4 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\ssleay32.dll
18:34:20.0858 6852 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\ssleay32.dll - ok
18:34:20.0870 6852 [ D90DAD5EEA33A178BAC56FFF2847D4C2 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll
18:34:20.0870 6852 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll - ok
18:34:20.0881 6852 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
18:34:20.0881 6852 C:\Windows\SysWOW64\d3d9.dll - ok
18:34:20.0892 6852 [ 06B4C8D5D9708A7494AC7C02CD54650E ] C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
18:34:20.0892 6852 C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll - ok
18:34:20.0903 6852 [ 124715CD10C62A78404F1A3B1048D062 ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
18:34:20.0903 6852 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok
18:34:20.0914 6852 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
18:34:20.0914 6852 C:\Windows\SysWOW64\msimtf.dll - ok
18:34:20.0925 6852 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
18:34:20.0925 6852 C:\Windows\SysWOW64\msls31.dll - ok
18:34:20.0935 6852 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
18:34:20.0935 6852 C:\Windows\SysWOW64\d2d1.dll - ok
18:34:20.0946 6852 [ DC367BBF467511585BAFD37EA5F5728D ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\IMSLib.dll
18:34:20.0946 6852 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\IMSLib.dll - ok
18:34:20.0958 6852 [ 388CE212A119271EEA68F42712F3F64F ] C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
18:34:20.0958 6852 C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL - ok
18:34:20.0969 6852 [ 6307849B9BE3C206DB46A62316BF191F ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libeay32.dll
18:34:20.0969 6852 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libeay32.dll - ok
18:34:20.0980 6852 [ D54420989778D9B9EFF179C083D5ADCA ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
18:34:20.0981 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll - ok
18:34:20.0992 6852 [ E7C665D4AFAAB45A9086D02FFC87A4B4 ] C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
18:34:20.0992 6852 C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll - ok
18:34:21.0003 6852 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
18:34:21.0003 6852 C:\Windows\SysWOW64\d3d8thk.dll - ok
18:34:21.0013 6852 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
18:34:21.0013 6852 C:\Windows\System32\blackbox.dll - ok
18:34:21.0024 6852 [ 83D0C449C534CC014799BEC0A060726C ] C:\Program Files\AVAST Software\Avast\defs\12122701\uiext.dll
18:34:21.0024 6852 C:\Program Files\AVAST Software\Avast\defs\12122701\uiext.dll - ok
18:34:21.0035 6852 [ AAA55B127EC38BDEBD2A3891A2E5FD54 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\ssleay32.dll
18:34:21.0036 6852 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\ssleay32.dll - ok
18:34:21.0046 6852 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
18:34:21.0046 6852 C:\Windows\SysWOW64\DWrite.dll - ok
18:34:21.0057 6852 [ 3458F7494178818AD51E693757139994 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll
18:34:21.0057 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll - ok
18:34:21.0067 6852 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
18:34:21.0067 6852 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
18:34:21.0078 6852 [ 907B50DE97ED835EFE151F203818216D ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll
18:34:21.0079 6852 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll - ok
18:34:21.0085 6852 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
18:34:21.0085 6852 C:\Windows\SysWOW64\mapi32.dll - ok
18:34:21.0096 6852 [ 54437753867F349BDB6E088A51E0B6AD ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
18:34:21.0096 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc - ok
18:34:21.0107 6852 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
18:34:21.0107 6852 C:\Windows\SysWOW64\wlanapi.dll - ok
18:34:21.0118 6852 [ A82ED6A0F85D578894A6F2D989012E8E ] C:\Program Files\Java\jre7\bin\awt.dll
18:34:21.0118 6852 C:\Program Files\Java\jre7\bin\awt.dll - ok
18:34:21.0128 6852 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
18:34:21.0128 6852 C:\Windows\SysWOW64\wlanutil.dll - ok
18:34:21.0140 6852 [ B0A41262968DD6FCE3933527892D4A24 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
18:34:21.0140 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll - ok
18:34:21.0150 6852 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
18:34:21.0150 6852 C:\Windows\SysWOW64\msxml3.dll - ok
18:34:21.0161 6852 [ 3BF84EE7E982EF54C0E04EC5162C51DA ] C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe
18:34:21.0161 6852 C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe - ok
18:34:21.0172 6852 [ C1D0691BE5DDB0C230D8370BD96BBE8B ] C:\Program Files\Internet Explorer\ieproxy.dll
18:34:21.0172 6852 C:\Program Files\Internet Explorer\ieproxy.dll - ok
18:34:21.0183 6852 [ 97EA663282E10C6306769FEAD4E76867 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ahclient.dll
18:34:21.0183 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ahclient.dll - ok
18:34:21.0194 6852 [ 3C69CE161C7007E9AD53A325492D446A ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll
18:34:21.0194 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll - ok
18:34:21.0207 6852 [ A63445AE437CDFE13570B8AEAE3514C3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll
18:34:21.0207 6852 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll - ok
18:34:21.0219 6852 [ 06CABCD25920159660B4F73B8BE85D5A ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeXMP.dll
18:34:21.0219 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeXMP.dll - ok
18:34:21.0230 6852 [ 35CAB7CF3754C41AEB69DCE1D5ACA5A4 ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
18:34:21.0230 6852 C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
18:34:21.0242 6852 [ 819EB5ABEAE5B1728EDFF0AC8B696769 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ACE.dll
18:34:21.0242 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ACE.dll - ok
18:34:21.0252 6852 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
18:34:21.0253 6852 C:\Windows\System32\wmpps.dll - ok
18:34:21.0262 6852 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
18:34:21.0263 6852 C:\Windows\System32\wmpmde.dll - ok
18:34:21.0274 6852 [ C7E02E0BF58E7764CD8E0B526C56C434 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobePDFL.dll
18:34:21.0274 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobePDFL.dll - ok
18:34:21.0285 6852 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
18:34:21.0285 6852 C:\Windows\System32\WinSATAPI.dll - ok
18:34:21.0297 6852 [ 3DA188549C891A2A419DC8542D2F24C9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\031abbfbd476fdc0c392160b67f2c662\mscorlib.ni.dll
18:34:21.0297 6852 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\031abbfbd476fdc0c392160b67f2c662\mscorlib.ni.dll - ok
18:34:21.0310 6852 [ C83AA72213EC6B5A15F00DA47C56A4C0 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
18:34:21.0310 6852 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
18:34:21.0321 6852 [ BBB587A1F994825B85F293852A6241D8 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
18:34:21.0321 6852 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
18:34:21.0331 6852 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
18:34:21.0332 6852 C:\Windows\SysWOW64\dxgi.dll - ok
18:34:21.0339 6852 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
18:34:21.0339 6852 C:\Windows\SysWOW64\d3d10_1.dll - ok
18:34:21.0349 6852 [ 434F2B2B06796C56710A54A655149131 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll
18:34:21.0349 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll - ok
18:34:21.0360 6852 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
18:34:21.0360 6852 C:\Windows\System32\MSMPEG2ENC.DLL - ok
18:34:21.0371 6852 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
18:34:21.0371 6852 C:\Windows\SysWOW64\d3d10_1core.dll - ok
18:34:21.0381 6852 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
18:34:21.0381 6852 C:\Windows\SysWOW64\d3d10warp.dll - ok
18:34:21.0392 6852 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
18:34:21.0392 6852 C:\Windows\System32\devenum.dll - ok
18:34:21.0403 6852 [ A895EC456426DEC012E306DF0A17C24C ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll
18:34:21.0403 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll - ok
18:34:21.0413 6852 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
18:34:21.0413 6852 C:\Windows\System32\msdmo.dll - ok
18:34:21.0424 6852 [ FDB069972B81AA52BFBA7AE45FF7BF7B ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\JP2KLib.dll
18:34:21.0424 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\JP2KLib.dll - ok
18:34:21.0435 6852 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
18:34:21.0435 6852 C:\Windows\SysWOW64\mlang.dll - ok
18:34:21.0446 6852 [ 759D71FC9442AB5A9B5749C0F6C0C263 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIB.dll
18:34:21.0446 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIB.dll - ok
18:34:21.0457 6852 [ B05953F956EB87A02E62096EAAFA9C5F ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIBUtils.dll
18:34:21.0457 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIBUtils.dll - ok
18:34:21.0468 6852 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
18:34:21.0468 6852 C:\Windows\System32\UIAnimation.dll - ok
18:34:21.0479 6852 [ 699F62EDC37ACF7BDD97C5655AD2A33A ] C:\Program Files (x86)\Copernic Desktop Search - Home\SearchPlatformPlugIns-s.dll
18:34:21.0479 6852 C:\Program Files (x86)\Copernic Desktop Search - Home\SearchPlatformPlugIns-s.dll - ok
18:34:21.0490 6852 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll
18:34:21.0490 6852 C:\Windows\SysWOW64\d3d10.dll - ok
18:34:21.0501 6852 [ 7221E380FB8BFCF0160B9D4E704E7E77 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
18:34:21.0502 6852 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll - ok
18:34:21.0513 6852 [ AB9D511F0CA51F683CD72870AB989141 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AGM.dll
18:34:21.0513 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AGM.dll - ok
18:34:21.0525 6852 [ 247625646FBD32A04F72156031FD5D63 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\aaf8a137263c899815f0acff07eb1562\System.ni.dll
18:34:21.0525 6852 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\aaf8a137263c899815f0acff07eb1562\System.ni.dll - ok
18:34:21.0536 6852 [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll
18:34:21.0536 6852 C:\Windows\SysWOW64\d3d10core.dll - ok
18:34:21.0546 6852 [ 52C45C3A8A5999AE7E879376A68796FD ] C:\Program Files (x86)\ASUS\AsusVibe\GetMulStr.dll
18:34:21.0547 6852 C:\Program Files (x86)\ASUS\AsusVibe\GetMulStr.dll - ok
18:34:21.0557 6852 [ 39E9AACC4C5FB3C3C0B12DE6D491553D ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
18:34:21.0557 6852 C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
18:34:21.0568 6852 [ 3BC416D4B3CFEB6C841594FE1F13F89D ] C:\Program Files (x86)\Copernic Desktop Search - Home\SystemActivity.dll
18:34:21.0568 6852 C:\Program Files (x86)\Copernic Desktop Search - Home\SystemActivity.dll - ok
18:34:21.0580 6852 [ 738D13BBF47F871B3D35E8FD71B014EC ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll
18:34:21.0580 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll - ok
18:34:21.0586 6852 [ 4572923451E55EA5BE3C37B87A1DF529 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\20ce3ca371acfbe996c6a21b5469992d\System.Drawing.ni.dll
18:34:21.0586 6852 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\20ce3ca371acfbe996c6a21b5469992d\System.Drawing.ni.dll - ok
18:34:21.0598 6852 [ F37C25D20C143AB9A6DC55DAA68860C8 ] C:\Program Files (x86)\ASUS\AsusVibe\GetAsusInfomation.dll
18:34:21.0598 6852 C:\Program Files (x86)\ASUS\AsusVibe\GetAsusInfomation.dll - ok
18:34:21.0609 6852 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
18:34:21.0609 6852 C:\Windows\SysWOW64\icm32.dll - ok
18:34:21.0620 6852 [ 87EFA9CF72AA7059022008348BF6085A ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\CoolType.dll
18:34:21.0620 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\CoolType.dll - ok
18:34:21.0631 6852 [ 0CFB90C28768E26498834D780FBBD754 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AXE8SharedExpat.dll
18:34:21.0631 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AXE8SharedExpat.dll - ok
18:34:21.0642 6852 [ 79BFC537A2D5005EDE7CBDE543B2C114 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ARE.dll
18:34:21.0642 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ARE.dll - ok
18:34:21.0653 6852 [ 73CB26E2DD5A28B08C7260CEC63172C1 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Adist.dll
18:34:21.0653 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Adist.dll - ok
18:34:21.0664 6852 [ FE51EEF2F9842C7A14768A48219F96C2 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\adistres.dll
18:34:21.0664 6852 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\adistres.dll - ok
18:34:21.0676 6852 [ 9B40A08F75C8E959CED0AF0EEAFAFE5C ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ff1ceec110e2983a75c2c21f50274ac2\System.Windows.Forms.ni.dll
18:34:21.0676 6852 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ff1ceec110e2983a75c2c21f50274ac2\System.Windows.Forms.ni.dll - ok
18:34:21.0687 6852 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
18:34:21.0687 6852 C:\Windows\System32\browcli.dll - ok
18:34:21.0697 6852 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
18:34:21.0698 6852 C:\Windows\System32\schedcli.dll - ok
18:34:21.0709 6852 [ 029B2CEC25EC85A66289EC8D07DBFCE3 ] C:\Program Files (x86)\Samsung\AllShare\AllShareRemote.dll
18:34:21.0709 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareRemote.dll - ok
18:34:21.0720 6852 [ 26B02AC4AC63504C2074A002F33AF76E ] C:\Program Files (x86)\ASUS\AsusVibe\GetSkin.dll
18:34:21.0720 6852 C:\Program Files (x86)\ASUS\AsusVibe\GetSkin.dll - ok
18:34:21.0731 6852 [ 780A98E812443AC0FAB2B1D39046A6E0 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
18:34:21.0731 6852 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
18:34:21.0743 6852 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
18:34:21.0743 6852 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
18:34:21.0754 6852 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
18:34:21.0754 6852 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
18:34:21.0764 6852 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
18:34:21.0764 6852 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
18:34:21.0776 6852 [ F267A73A51AD84C8489EF8101AD41238 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\96b48b5a8f540eb1a0d4fac6441a5409\System.ServiceProcess.ni.dll
18:34:21.0776 6852 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\96b48b5a8f540eb1a0d4fac6441a5409\System.ServiceProcess.ni.dll - ok
18:34:21.0787 6852 [ 188C5FB78294497776AD6AC030CD4933 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\947466e2a04c48c43a8b255eb236ba71\WindowsBase.ni.dll
18:34:21.0787 6852 C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\947466e2a04c48c43a8b255eb236ba71\WindowsBase.ni.dll - ok
18:34:21.0798 6852 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
18:34:21.0798 6852 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
18:34:21.0809 6852 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
18:34:21.0809 6852 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
18:34:21.0821 6852 [ 71D94ECB6751D1C905CD993183D25C2B ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\6053166746abce42f4c4432e0ec54fc7\PresentationCore.ni.dll
18:34:21.0821 6852 C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\6053166746abce42f4c4432e0ec54fc7\PresentationCore.ni.dll - ok
18:34:21.0832 6852 [ 79E09E8B3C765CA2717D4FAD3452391C ] C:\Program Files (x86)\Samsung\AllShare\en-GB\AllShareAgent.resources.dll
18:34:21.0832 6852 C:\Program Files (x86)\Samsung\AllShare\en-GB\AllShareAgent.resources.dll - ok
18:34:21.0839 6852 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
18:34:21.0839 6852 C:\Windows\System32\d3d9.dll - ok
18:34:21.0849 6852 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
18:34:21.0850 6852 C:\Windows\System32\d3d8thk.dll - ok
18:34:21.0860 6852 [ 48962C95A0E9E553E34DD2499B8AB68F ] C:\Windows\System32\atiu9p64.dll
18:34:21.0860 6852 C:\Windows\System32\atiu9p64.dll - ok
18:34:21.0871 6852 [ F4121A69825D3F6FE1DFD3FB62BB19D0 ] C:\Windows\System32\atiumd64.dll
18:34:21.0871 6852 C:\Windows\System32\atiumd64.dll - ok
18:34:21.0881 6852 [ BA2F5A04C91D0BD751AB609DE61403C1 ] C:\Windows\System32\atiumd6a.dll
18:34:21.0881 6852 C:\Windows\System32\atiumd6a.dll - ok
18:34:21.0892 6852 [ 828DC89DD26D66526A656D676367B9CB ] C:\Program Files\Java\jre7\bin\fontmanager.dll
18:34:21.0892 6852 C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
18:34:21.0904 6852 [ A96DF7F02B248C65DF3947D8B0D588EB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll
18:34:21.0904 6852 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll - ok
18:34:21.0915 6852 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:34:21.0915 6852 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
18:34:21.0926 6852 [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll
18:34:21.0926 6852 C:\Windows\System32\d3d10warp.dll - ok
18:34:21.0937 6852 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\84624546.sys
18:34:21.0937 6852 C:\Windows\System32\drivers\84624546.sys - ok
18:34:21.0948 6852 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
18:34:21.0948 6852 C:\Windows\System32\upnphost.dll - ok
18:34:21.0959 6852 [ 8044B0D9959B03894973BBD805CA4F36 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
18:34:21.0959 6852 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
18:34:21.0970 6852 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
18:34:21.0971 6852 C:\Windows\System32\msvcr100_clr0400.dll - ok
18:34:21.0982 6852 [ 9AF2D062007C2C39BFC04679E13DC0C4 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
18:34:21.0982 6852 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
18:34:21.0994 6852 [ 5285BEB6C5D946C65A0DAB5466576A02 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\0acdeb764dc3715299a163fba3c7bdaa\System.Runtime.Remoting.ni.dll
18:34:21.0994 6852 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\0acdeb764dc3715299a163fba3c7bdaa\System.Runtime.Remoting.ni.dll - ok
18:34:22.0005 6852 [ A3287F8EB6182FB060C818524C7D6A63 ] C:\Windows\System32\dxtrans.dll
18:34:22.0005 6852 C:\Windows\System32\dxtrans.dll - ok
18:34:22.0017 6852 [ 41DE48B4E03F57562F9D833810F7463D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\86f1e41236b3d404d65db53bd0374d1e\System.Configuration.ni.dll
18:34:22.0017 6852 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\86f1e41236b3d404d65db53bd0374d1e\System.Configuration.ni.dll - ok
18:34:22.0028 6852 [ 4938A4350327E1A5DEB0CD134AC1AAA3 ] C:\Windows\System32\ddrawex.dll
18:34:22.0029 6852 C:\Windows\System32\ddrawex.dll - ok
18:34:22.0039 6852 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
18:34:22.0039 6852 C:\Windows\System32\mscoree.dll - ok
18:34:22.0049 6852 [ D6A99F26E31C9F15D8D8CC42FFE6D16B ] C:\Windows\System32\dxtmsft.dll
18:34:22.0050 6852 C:\Windows\System32\dxtmsft.dll - ok
18:34:22.0060 6852 [ 6E6602DE23AB3776007702FC9540E8E9 ] C:\Windows\System32\vbscript.dll
18:34:22.0060 6852 C:\Windows\System32\vbscript.dll - ok
18:34:22.0071 6852 [ 7AAC8CBAD3FE103F380076E7F679CE88 ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en-GB.dll
18:34:22.0071 6852 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en-GB.dll - ok
18:34:22.0082 6852 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll
18:34:22.0082 6852 C:\Windows\System32\ieframe.dll - ok
18:34:22.0094 6852 [ 328100AF2EFD951EAB657384EC361B6F ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
18:34:22.0095 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe - ok
18:34:22.0106 6852 [ D0D99257DDDCDDBE998AF7CA14E85BD0 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
18:34:22.0106 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe - ok
18:34:22.0118 6852 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
18:34:22.0118 6852 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
18:34:22.0129 6852 [ 029B2CEC25EC85A66289EC8D07DBFCE3 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareRemote.dll
18:34:22.0130 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareRemote.dll - ok
18:34:22.0141 6852 [ F8F2506B0D285C4192F3D37CAD365545 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e46c644e0ef0456434b32f3e91b56424\System.Xml.ni.dll
18:34:22.0142 6852 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e46c644e0ef0456434b32f3e91b56424\System.Xml.ni.dll - ok
18:34:22.0153 6852 [ 04CEAE9DD796152CFA73178C67CFA798 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDmsUtil.dll
18:34:22.0153 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDmsUtil.dll - ok
18:34:22.0164 6852 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
18:34:22.0164 6852 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
18:34:22.0175 6852 [ DCF91DAE4059797EC315A21DA8833B8C ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\7584733b0bfcbe669ea38a81b914a83a\System.Management.ni.dll
18:34:22.0176 6852 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\7584733b0bfcbe669ea38a81b914a83a\System.Management.ni.dll - ok
18:34:22.0186 6852 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
18:34:22.0186 6852 C:\Windows\System32\udhisapi.dll - ok
18:34:22.0197 6852 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
18:34:22.0197 6852 C:\Windows\SysWOW64\duser.dll - ok
18:34:22.0209 6852 [ BCED95C3424E3316D455E19B671ACEEC ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WMINet_Utils.dll
18:34:22.0209 6852 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WMINet_Utils.dll - ok
18:34:22.0220 6852 [ 03211597018F96769F7F731039F692E1 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll
18:34:22.0220 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll - ok
18:34:22.0230 6852 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
18:34:22.0230 6852 C:\Windows\SysWOW64\dui70.dll - ok
18:34:22.0241 6852 [ FD435DF8C9CA7A49CCBF7CD2F7627739 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
18:34:22.0241 6852 C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll - ok
18:34:22.0252 6852 [ 9843F58DF3E2908D1FED4DF4B8747E51 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
18:34:22.0252 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe - ok
18:34:22.0263 6852 [ 191819AAB13B329AE23052B449821F29 ] C:\Program Files\Java\jre7\bin\t2k.dll
18:34:22.0263 6852 C:\Program Files\Java\jre7\bin\t2k.dll - ok
18:34:22.0275 6852 [ 32648781F5A304B8A54866735924EE9F ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\9d1f9ff307e93bb9929b2b11661623cb\System.Core.ni.dll
18:34:22.0275 6852 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\9d1f9ff307e93bb9929b2b11661623cb\System.Core.ni.dll - ok
18:34:22.0287 6852 [ 0D992AA48B11EB66059839A3C8B3E185 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\9c60b15ab785a079a19f264b2f67032b\System.Xml.Linq.ni.dll
18:34:22.0287 6852 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\9c60b15ab785a079a19f264b2f67032b\System.Xml.Linq.ni.dll - ok
18:34:22.0298 6852 [ 50F9394F53CF8015C703EBD2EF3BABC6 ] C:\Windows\System32\LocationApi.dll
18:34:22.0298 6852 C:\Windows\System32\LocationApi.dll - ok
18:34:22.0309 6852 [ 65CE2914CAAAFCC81A65B2B375DE082C ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
18:34:22.0309 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll - ok
18:34:22.0320 6852 [ 9111354A308612483F8DA995A1DD1835 ] C:\Windows\System32\SensorsApi.dll
18:34:22.0320 6852 C:\Windows\System32\SensorsApi.dll - ok
18:34:22.0330 6852 [ BD66ECA9479C688412DDDA9F2CCD2C69 ] C:\Windows\System32\d3d10.dll
18:34:22.0331 6852 C:\Windows\System32\d3d10.dll - ok
18:34:22.0341 6852 [ B628DA8B548E6D11A35B86799714CB22 ] C:\Windows\System32\d3d10core.dll
18:34:22.0341 6852 C:\Windows\System32\d3d10core.dll - ok
18:34:22.0347 6852 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
18:34:22.0347 6852 C:\Windows\System32\mlang.dll - ok
18:34:22.0359 6852 [ 1627DD6734BF5C4C97976B7E961989EC ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
18:34:22.0359 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll - ok
18:34:22.0370 6852 [ F0842CF3C0B33C07B2CA1692900F21B4 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll
18:34:22.0370 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll - ok
18:34:22.0382 6852 [ DF57F6F07B8DED7797A25F9CDC15A722 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
18:34:22.0382 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll - ok
18:34:22.0393 6852 [ 39F2F5D7041B6D17897DC26495185D65 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
18:34:22.0393 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll - ok
18:34:22.0404 6852 [ B1C979C02FE013B2B9C0717C26AE1485 ] C:\Windows\SysWOW64\HPZipr12.dll
18:34:22.0404 6852 C:\Windows\SysWOW64\HPZipr12.dll - ok
18:34:22.0415 6852 [ 6DAEDAC569C104793F10FE98C445EDB6 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
18:34:22.0415 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll - ok
18:34:22.0427 6852 [ 0AB7D0E87F3843F8104B3670F5A9AF62 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\pthreadVC2.dll
18:34:22.0427 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\pthreadVC2.dll - ok
18:34:22.0437 6852 [ 9F6258F4166AB24B4B681EB1ED44534C ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll
18:34:22.0437 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll - ok
18:34:22.0449 6852 [ 0F66E8E2340569FB17E774DAC2010E31 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
18:34:22.0449 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll - ok
18:34:22.0460 6852 [ 2E76FF14C5987BE45AB65A91332E3C58 ] C:\Program Files\Windows Sidebar\wlsrvc.dll
18:34:22.0460 6852 C:\Program Files\Windows Sidebar\wlsrvc.dll - ok
18:34:22.0470 6852 [ 347A39B69AC03B8F56D8807B989F5CA8 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll
18:34:22.0470 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll - ok
18:34:22.0482 6852 [ F6FC73383473B1F3E8C185B61478C303 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
18:34:22.0482 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll - ok
18:34:22.0493 6852 [ 883008A9B5BFF94A153D99DBA54CB5C1 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
18:34:22.0493 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe - ok
18:34:22.0504 6852 [ 9CA96539152CCF6D95AB9F991862D226 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
18:34:22.0504 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll - ok
18:34:22.0515 6852 [ F38F9E631EF1FBF1F7F1FFCA4B1980A3 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
18:34:22.0515 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll - ok
18:34:22.0527 6852 [ D5518F78EF709065BFD68A3F575397D7 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
18:34:22.0528 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll - ok
18:34:22.0538 6852 [ B4FEBBAC47297242F04EF7F14FE6DF99 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
18:34:22.0538 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll - ok
18:34:22.0549 6852 [ FE52690AC27BA7728153D85495234635 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
18:34:22.0549 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll - ok
18:34:22.0561 6852 [ EC032D15B26F5AEE5F166CD0E702E733 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\bgd.dll
18:34:22.0561 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\bgd.dll - ok
18:34:22.0571 6852 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
18:34:22.0571 6852 C:\Windows\System32\drprov.dll - ok
18:34:22.0582 6852 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
18:34:22.0582 6852 C:\Windows\System32\ntlanman.dll - ok
18:34:22.0592 6852 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
18:34:22.0592 6852 C:\Windows\System32\davclnt.dll - ok
18:34:22.0598 6852 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
18:34:22.0598 6852 C:\Windows\System32\davhlpr.dll - ok
18:34:22.0610 6852 [ 0EE03D901B5DCD3941686B95FCC98C89 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.dll
18:34:22.0610 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.dll - ok
18:34:22.0620 6852 [ 640FA356E88422165D95C1F94E943745 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
18:34:22.0620 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc - ok
18:34:22.0632 6852 [ 9E438543222120696C04A39BFAC56FB6 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqssm08.dll
18:34:22.0632 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqssm08.dll - ok
18:34:22.0643 6852 [ 526605222F50A2A6E89834DC33ED8BAE ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
18:34:22.0643 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll - ok
18:34:22.0654 6852 [ A2637F7468ECBA25FE7065FC194908AD ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
18:34:22.0654 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll - ok
18:34:22.0666 6852 [ B10F3134F9334CBE3DAE0D17DA009AE3 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
18:34:22.0666 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll - ok
18:34:22.0677 6852 [ 344F22718258E351396E729F8298D5C9 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
18:34:22.0678 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll - ok
18:34:22.0688 6852 [ 5DD7A267900B9C81CAB5EE9F53F06EDA ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
18:34:22.0688 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll - ok
18:34:22.0700 6852 [ CFD954481D5DEB2FC4DD4641007BE81B ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
18:34:22.0700 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll - ok
18:34:22.0711 6852 [ 30E8320D8CAB0471B618887A856567C5 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
18:34:22.0711 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll - ok
18:34:22.0722 6852 [ C4D657C4469D4E860C31AEFB3F00F268 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
18:34:22.0722 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll - ok
18:34:22.0733 6852 [ 5FA3523FD299DE4EF308B6E76ED6E3BC ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
18:34:22.0733 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll - ok
18:34:22.0744 6852 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
18:34:22.0744 6852 C:\Windows\System32\webcheck.dll - ok
18:34:22.0755 6852 [ 40CC7DE3AEB2795711B7E3C9C0D35EC6 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
18:34:22.0755 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll - ok
18:34:22.0766 6852 [ 256EA650682DEA4B4A4E8CBB3A55B671 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
18:34:22.0766 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll - ok
18:34:22.0778 6852 [ ED8AC33CD35235E4B4A5369C725DD304 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
18:34:22.0778 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll - ok
18:34:22.0789 6852 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
18:34:22.0789 6852 C:\Windows\System32\SearchProtocolHost.exe - ok
18:34:22.0799 6852 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
18:34:22.0799 6852 C:\Windows\System32\SyncCenter.dll - ok
18:34:22.0811 6852 [ 0357008DB1D439579523253452E24CBD ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
18:34:22.0811 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll - ok
18:34:22.0821 6852 [ 8738D098F6A79A221B061FE064B0B004 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
18:34:22.0822 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll - ok
18:34:22.0832 6852 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
18:34:22.0832 6852 C:\Windows\System32\msshooks.dll - ok
18:34:22.0843 6852 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
18:34:22.0843 6852 C:\Windows\System32\SearchFilterHost.exe - ok
18:34:22.0849 6852 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
18:34:22.0849 6852 C:\Windows\System32\imapi2.dll - ok
18:34:22.0861 6852 [ 6EB75D77133B9B42C0EB9D4D0F861CD9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
18:34:22.0861 6852 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
18:34:22.0872 6852 [ CAFD6BD0ADCB7A70083960E607DA1266 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
18:34:22.0872 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll - ok
18:34:22.0883 6852 [ 7C72C33F21243956F7A5A350793B3BA4 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
18:34:22.0883 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll - ok
18:34:22.0894 6852 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
18:34:22.0894 6852 C:\Windows\System32\mssph.dll - ok
18:34:22.0904 6852 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
18:34:22.0904 6852 C:\Windows\System32\hgcpl.dll - ok
18:34:22.0916 6852 [ 04DDA60A9E91E7BF7F207E6D6A2D0041 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
18:34:22.0916 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll - ok
18:34:22.0928 6852 [ 8021FB248C29B60D3D50F19D29D8C691 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
18:34:22.0928 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll - ok
18:34:22.0938 6852 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
18:34:22.0938 6852 C:\Windows\System32\fdPHost.dll - ok
18:34:22.0949 6852 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
18:34:22.0949 6852 C:\Windows\System32\fdWSD.dll - ok
18:34:22.0959 6852 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
18:34:22.0959 6852 C:\Windows\System32\mapi32.dll - ok
18:34:22.0969 6852 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
18:34:22.0969 6852 C:\Windows\System32\fdSSDP.dll - ok
18:34:22.0980 6852 [ CE66C6A803098B82EBDF41A3BAC12A0B ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DirectoryScanner.dll
18:34:22.0980 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DirectoryScanner.dll - ok
18:34:22.0987 6852 [ C0829E985C3F6A51352BF3C65BC177AF ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
18:34:22.0987 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll - ok
18:34:22.0998 6852 [ E9CC7457C66C887CC7227B2FD5D727E1 ] C:\Windows\System32\hpzisn12.dll
18:34:22.0998 6852 C:\Windows\System32\hpzisn12.dll - ok
18:34:23.0009 6852 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
18:34:23.0009 6852 C:\Windows\System32\fdProxy.dll - ok
18:34:23.0019 6852 [ 70EC8C2B61D0BB4348FE25A889161918 ] C:\Windows\System32\hpzipt12.dll
18:34:23.0019 6852 C:\Windows\System32\hpzipt12.dll - ok
18:34:23.0030 6852 [ 4E90D415291FEDB58F3881ECB764865F ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
18:34:23.0031 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll - ok
18:34:23.0042 6852 [ D34A527493F39AF4491B3E909DC697CA ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
18:34:23.0042 6852 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
18:34:23.0052 6852 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
18:34:23.0053 6852 C:\Windows\System32\P2P.dll - ok
18:34:23.0064 6852 [ 4A8BC195ABDC93F0DB5DAB7F5093C52F ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\msvcm90.dll
18:34:23.0064 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\msvcm90.dll - ok
18:34:23.0075 6852 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
18:34:23.0075 6852 C:\Windows\System32\ListSvc.dll - ok
18:34:23.0085 6852 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
18:34:23.0085 6852 C:\Windows\System32\Query.dll - ok
18:34:23.0097 6852 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
18:34:23.0097 6852 C:\Windows\System32\pnrpsvc.dll - ok
18:34:23.0103 6852 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
18:34:23.0103 6852 C:\Windows\System32\IdListen.dll - ok
18:34:23.0114 6852 [ C5413BC4F10CEB4C3070BBF04D324117 ] C:\Windows\SysWOW64\msisip.dll
18:34:23.0114 6852 C:\Windows\SysWOW64\msisip.dll - ok
18:34:23.0125 6852 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
18:34:23.0125 6852 C:\Windows\System32\hgprint.dll - ok
18:34:23.0136 6852 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
18:34:23.0136 6852 C:\Windows\System32\NaturalLanguage6.dll - ok
18:34:23.0146 6852 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
18:34:23.0146 6852 C:\Windows\System32\p2psvc.dll - ok
18:34:23.0157 6852 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
18:34:23.0157 6852 C:\Windows\System32\NlsData0009.dll - ok
18:34:23.0167 6852 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
18:34:23.0167 6852 C:\Windows\System32\P2PGraph.dll - ok
18:34:23.0178 6852 [ 4AD76DBBE1F1361EBAEC935D9D3F6A79 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
18:34:23.0179 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc - ok
18:34:23.0193 6852 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
18:34:23.0193 6852 C:\Windows\System32\NlsLexicons0009.dll - ok
18:34:23.0204 6852 [ 55CF0A197DC8972AC829B30ACAE00E5E ] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSplh08.dll
18:34:23.0204 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSplh08.dll - ok
18:34:23.0216 6852 [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll
18:34:23.0216 6852 C:\Windows\System32\icm32.dll - ok
18:34:23.0227 6852 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
18:34:23.0227 6852 C:\Windows\System32\ELSCore.dll - ok
18:34:23.0237 6852 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
18:34:23.0237 6852 C:\Windows\System32\elsTrans.dll - ok
18:34:23.0248 6852 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
18:34:23.0248 6852 C:\Windows\System32\elslad.dll - ok
18:34:23.0259 6852 [ CBBAF06C2AC8882D239C8DC5BFA197FD ] C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbevst.dll
18:34:23.0259 6852 C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbevst.dll - ok
18:34:23.0270 6852 [ CC190B07E357BCD40C2AFB57B9A67B7F ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpreh.dll
18:34:23.0270 6852 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpreh.dll - ok
18:34:23.0281 6852 [ 11542EC1F1C53EDB3CCF5AADF4C9972F ] C:\Windows\System32\NlsData0000.dll
18:34:23.0281 6852 C:\Windows\System32\NlsData0000.dll - ok
18:34:23.0291 6852 [ 51272A935F4F482A70F2A7D1C3A67AEE ] C:\Windows\System32\NlsData000c.dll
18:34:23.0291 6852 C:\Windows\System32\NlsData000c.dll - ok
18:34:23.0302 6852 [ C2142407A2BE3462247500849B3FF8C7 ] C:\Windows\System32\NlsLexicons000c.dll
18:34:23.0302 6852 C:\Windows\System32\NlsLexicons000c.dll - ok
18:34:23.0314 6852 [ 03F9008D7ABB6C4166205E68CBF23785 ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
18:34:23.0314 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll - ok
18:34:23.0324 6852 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
18:34:23.0324 6852 C:\Windows\System32\drivers\spsys.sys - ok
18:34:23.0335 6852 [ F82BC5489AE2EBF31B50905A6E0C540A ] C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareCommon.dll
18:34:23.0335 6852 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareCommon.dll - ok
18:34:23.0347 6852 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
18:34:23.0347 6852 C:\Windows\System32\sppwinob.dll - ok
18:34:23.0353 6852 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
18:34:23.0353 6852 C:\Windows\System32\sppobjs.dll - ok
18:34:23.0365 6852 [ 0E67A060D85FE32EB8B4061BC391457B ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\7f5730b64a58533bb9c64b231e1890b2\System.Web.ni.dll
18:34:23.0365 6852 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\7f5730b64a58533bb9c64b231e1890b2\System.Web.ni.dll - ok
18:34:23.0376 6852 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
18:34:23.0376 6852 C:\Windows\System32\wuaueng.dll - ok
18:34:23.0387 6852 [ 2898035F522BA2989BBA8B9CFB020FD2 ] C:\Program Files\AVAST Software\Avast\defs\12122701\aspColl.dll
18:34:23.0387 6852 C:\Program Files\AVAST Software\Avast\defs\12122701\aspColl.dll - ok
18:34:23.0398 6852 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
18:34:23.0398 6852 C:\Windows\System32\mspatcha.dll - ok
18:34:23.0409 6852 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\SysWOW64\gameux.dll
18:34:23.0409 6852 C:\Windows\SysWOW64\gameux.dll - ok
18:34:23.0419 6852 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
18:34:23.0419 6852 C:\Windows\System32\drttransport.dll - ok
18:34:23.0430 6852 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
18:34:23.0430 6852 C:\Windows\System32\drt.dll - ok
18:34:23.0440 6852 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
18:34:23.0440 6852 C:\Windows\SysWOW64\linkinfo.dll - ok
18:34:23.0450 6852 [ F7D4A7047BCB7D3CC70B0DC23E928022 ] C:\Program Files\AVAST Software\Avast\AhAScr.dll
18:34:23.0450 6852 C:\Program Files\AVAST Software\Avast\AhAScr.dll - ok
18:34:23.0461 6852 [ 0A866897039E42DF8080BE5DD83BC8E0 ] C:\Windows\SysWOW64\jscript.dll
18:34:23.0461 6852 C:\Windows\SysWOW64\jscript.dll - ok
18:34:23.0471 6852 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
18:34:23.0471 6852 C:\Windows\System32\wups2.dll - ok
18:34:23.0482 6852 [ 6F84FD1384F21751F3216CCA7011C37B ] C:\Program Files\AVAST Software\Avast\defs\12122701\aswRawFS64.dll
18:34:23.0482 6852 C:\Program Files\AVAST Software\Avast\defs\12122701\aswRawFS64.dll - ok
18:34:23.0489 6852 ============================================================
18:34:23.0489 6852 Scan finished
18:34:23.0489 6852 ============================================================
18:34:23.0510 1324 Detected object count: 7
18:34:23.0510 1324 Actual detected object count: 7
18:34:42.0087 1324 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
18:34:42.0087 1324 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:34:42.0087 1324 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:34:42.0087 1324 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:34:42.0087 1324 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
18:34:42.0087 1324 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:34:42.0102 1324 nlsX86cc ( UnsignedFile.Multi.Generic ) - skipped by user
18:34:42.0102 1324 nlsX86cc ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:34:42.0102 1324 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
18:34:42.0102 1324 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:34:42.0102 1324 Serviio ( UnsignedFile.Multi.Generic ) - skipped by user
18:34:42.0102 1324 Serviio ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:34:42.0102 1324 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
18:34:42.0102 1324 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:34:57.0923 2916 Deinitialize success

#11 gringo_pr

Bleepin Gringo

Malware Response Team
120,402 posts

Gender:Male
Location:Puerto rico

Posted 27 December 2012 - 03:17 PM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.

Double click on OTL.exe to run it.
Under Output, ensure that Minimal Output is selected.
Under Extra Registry section, select Use SafeList.
Click the Scan All Users checkbox.
Click on Run Scan at the top left hand corner.
When done, two Notepad files will open.
- OTL.txt <-- Will be opened and the that I need posted back here
- Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
Please post the contents of OTL.txt in your next reply.

Gringo

#12 budbecks

Member

Members
34 posts

Posted 27 December 2012 - 03:52 PM

OTL logfile created on: 27/12/2012 20:23:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Joyus\Desktop\removal
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.48 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 33.25% Memory free
6.95 Gb Paging File | 4.05 Gb Available in Paging File | 58.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200.28 Gb Total Space | 51.10 Gb Free Space | 25.51% Space Free | Partition Type: NTFS
Drive D: | 240.48 Gb Total Space | 225.69 Gb Free Space | 93.85% Space Free | Partition Type: NTFS
Drive F: | 3.72 Gb Total Space | 1.44 Gb Free Space | 38.77% Space Free | Partition Type: FAT32

Computer Name: JOYUS-NEWLAPTOP | User Name: Joyus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Joyus\Desktop\removal\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe (Copernic Inc.)
PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files\Belkin\Network USB Hub Control Center\Connect.exe (Belkin International, Inc.)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avutil-51.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avformat-54.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\96b48b5a8f540eb1a0d4fac6441a5409\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\7f5730b64a58533bb9c64b231e1890b2\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\0acdeb764dc3715299a163fba3c7bdaa\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ff1ceec110e2983a75c2c21f50274ac2\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\20ce3ca371acfbe996c6a21b5469992d\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\6053166746abce42f4c4432e0ec54fc7\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\9d1f9ff307e93bb9929b2b11661623cb\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e46c644e0ef0456434b32f3e91b56424\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\947466e2a04c48c43a8b255eb236ba71\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\86f1e41236b3d404d65db53bd0374d1e\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\aaf8a137263c899815f0acff07eb1562\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\031abbfbd476fdc0c392160b67f2c662\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (Amsp) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe File not found
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (ReflectService.exe) -- C:\Program Files\Macrium\Reflect\ReflectService.exe ()
SRV:64bit: - (Serviio) -- C:\Program Files\Serviio\bin\ServiioService.exe ()
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (TiMiniService) -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe (Trend Micro Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (SamsungAllShareV2.0) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Samsung Electronics Co., Ltd.)
SRV - (SimpleSlideShowServer) -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe (Samsung Electronics Co., Ltd.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (nlsX86cc) -- C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (vididr) -- C:\Windows\SysNative\drivers\vididr.sys (Acronis)
DRV:64bit: - (vidsflt53) -- C:\Windows\SysNative\drivers\vsflt53.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Rovi Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\drivers\amdxhc.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\drivers\amdhub30.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (tmcomm) -- C:\Windows\SysNative\drivers\tmcomm.sys (Trend Micro Inc.)
DRV:64bit: - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.)
DRV:64bit: - (tmactmon) -- C:\Windows\SysNative\drivers\tmactmon.sys (Trend Micro Inc.)
DRV:64bit: - (tmevtmgr) -- C:\Windows\SysNative\drivers\tmevtmgr.sys (Trend Micro Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (Revoflt) -- C:\Windows\SysNative\drivers\revoflt.sys (VS Revo Group)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (sxuptp) -- C:\Windows\SysNative\drivers\sxuptp.sys (silex technology, Inc.)
DRV - (AiCharger) -- C:\Windows\SysWOW64\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.privitize.com/?aff=7
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{D3471CB7-BEE1-4F59-B0C8-CFCBFADDF88D}: "URL" = ${SEARCH_URL}{searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2970566802-3955279507-3644801842-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.privitize.com/?aff=7
IE - HKU\S-1-5-21-2970566802-3955279507-3644801842-1002\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2970566802-3955279507-3644801842-1002\..\SearchScopes,DefaultScope = {008F7754-E9F5-4651-AAEA-39EB2FB06043}
IE - HKU\S-1-5-21-2970566802-3955279507-3644801842-1002\..\SearchScopes\{008F7754-E9F5-4651-AAEA-39EB2FB06043}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=
IE - HKU\S-1-5-21-2970566802-3955279507-3644801842-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2970566802-3955279507-3644801842-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-2970566802-3955279507-3644801842-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 109.204.121.123:80

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011/10/19 04:36:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/09/08 13:53:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/09/26 06:38:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/09/08 13:53:34 | 000,000,000 | ---D | M]

[2012/10/23 20:04:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joyus\AppData\Roaming\Mozilla\Extensions
[2012/10/23 20:04:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joyus\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2012/08/31 21:59:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions
[2012/08/31 21:59:59 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}

========== Chrome ==========

CHR - homepage: http://search.privitize.com/?aff=7
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://search.privitize.com/?aff=7
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: YouTube = C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: avast! WebRep = C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Skype Click to Call = C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\
CHR - Extension: Gmail = C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012/12/27 01:01:34 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {12DB2EA6-0BB3-01EB-26E9-41BB5AF16DF1} - C:\Windows\SysWOW64\sqlwiddd.dll ()
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2970566802-3955279507-3644801842-1002\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKU\S-1-5-21-2970566802-3955279507-3644801842-1002..\Run: [Copernic Desktop Search - Home] C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe (Copernic Inc.)
O4 - HKU\S-1-5-21-2970566802-3955279507-3644801842-1002..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Users\Joyus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Belkin Network USB Hub Control Center.lnk = C:\Program Files\Belkin\Network USB Hub Control Center\Connect.exe (Belkin International, Inc.)
O4 - Startup: C:\Users\Joyus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk = C:\Program Files\Serviio\bin\ServiioConsole.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2970566802-3955279507-3644801842-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2970566802-3955279507-3644801842-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} http://assets.photobox.com/assets/v/ra3RgI_VSoCPalw7aL2ig_0fSS8.cab (PhotoboxPhotowaysUploader5 Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.251
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2515440E-C81A-46BA-8475-7C4B10852F49}: DhcpNameServer = 192.168.0.251
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{61EA32F7-C5E3-4EC1-B198-AAF08ABBFB57}: DhcpNameServer = 192.168.0.251
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD6D1853-6383-4AC9-99A3-A59160B4AF95}: DhcpNameServer = 88.82.13.60 88.82.13.60
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/27 09:53:57 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/12/26 23:55:49 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/12/26 23:55:49 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/12/26 23:55:48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/12/26 23:55:23 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/12/26 23:55:01 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/12/26 20:42:52 | 000,000,000 | ---D | C] -- C:\Users\Joyus\Desktop\RK_Quarantine
[2012/12/25 16:41:43 | 000,000,000 | ---D | C] -- C:\Users\Joyus\Desktop\xmas day card
[2012/12/24 14:58:45 | 000,000,000 | ---D | C] -- C:\Users\Joyus\Desktop\removal
[2012/12/21 19:33:24 | 000,000,000 | ---D | C] -- C:\Users\Joyus\AppData\Local\VS Revo Group
[2012/12/21 19:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2012/12/21 19:33:18 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2012/12/21 19:33:12 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012/12/21 17:09:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/12/21 17:09:31 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/12/21 17:09:31 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/12/21 17:09:29 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/12/21 17:09:29 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/12/21 17:09:28 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/12/21 17:09:27 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/12/21 17:09:27 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/12/21 17:09:10 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/12/21 17:09:09 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/12/21 17:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/12/21 17:08:56 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/12/21 03:03:18 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/12/21 03:03:18 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/12/21 03:03:16 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/12/21 03:03:15 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/12/18 21:12:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\3025
[2012/12/13 03:06:54 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/12/13 03:06:54 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/12/13 03:06:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/12/13 03:06:50 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/12/13 03:06:50 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/12/13 03:06:50 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/12/13 03:06:50 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/12/13 03:06:50 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/12/13 03:06:48 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/12/13 03:06:47 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/12/13 03:06:47 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/12/13 03:06:46 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/12/13 03:06:43 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/12/13 03:06:42 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/12/13 03:06:42 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/12/12 10:53:33 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/12/12 10:53:32 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/12/12 10:53:32 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/12/12 10:53:32 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/12/12 10:53:29 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/12/12 10:53:28 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/12/12 10:53:28 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/12/12 10:53:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/12/12 10:53:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/12/12 10:53:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/12/12 10:53:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/12/12 10:53:26 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/12/12 10:53:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/12 10:53:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/12/12 10:53:24 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/12/12 10:53:24 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/12/12 10:53:24 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/12/12 10:53:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/12 10:53:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/12 10:53:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/12 10:53:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/12/12 10:53:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/12 10:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/12 10:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/12/12 10:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/12/12 10:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/12/12 10:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/12 10:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/12/12 10:53:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/12 10:53:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/12/12 10:53:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/12 10:53:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/12 10:53:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/12 10:53:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/12 10:53:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/12 10:53:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/12 10:53:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/12/12 10:53:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/12/12 10:53:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/12/12 10:53:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/12 10:53:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/12 10:53:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/12/12 10:53:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/12/12 10:53:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/12/12 10:53:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/12/12 10:53:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/12 10:53:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/12 10:53:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/12/12 10:53:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/12/12 10:53:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/12 10:53:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/12 10:53:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/12 10:53:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/12 10:53:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/12 10:53:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/12 10:53:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/12/12 10:53:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/12/12 10:53:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/12 10:53:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/12 10:53:21 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/12/12 10:53:21 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/12 10:53:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/12/12 10:53:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/12/12 10:53:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/12 10:53:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/12/12 10:53:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/12/12 10:53:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/12/12 10:53:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/12/12 10:53:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/12/12 10:51:40 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012/12/12 10:51:40 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012/12/11 21:12:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\3024
[2012/12/11 12:00:13 | 000,000,000 | ---D | C] -- C:\Users\Joyus\AppData\Local\{5F6E4928-B7C8-4966-802B-693D86D9B2D5}
[2012/12/11 12:00:00 | 000,000,000 | ---D | C] -- C:\Users\Joyus\AppData\Roaming\Windows Live Writer
[2012/12/11 12:00:00 | 000,000,000 | ---D | C] -- C:\Users\Joyus\AppData\Local\Windows Live Writer
[2012/12/09 14:55:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe
[2012/12/09 14:55:08 | 000,000,000 | ---D | C] -- C:\Users\Joyus\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/12/08 20:54:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012/12/08 20:54:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/12/08 20:53:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/12/08 20:53:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/12/08 20:52:54 | 000,000,000 | R--D | C] -- C:\MSOCache
[2012/12/08 14:08:23 | 000,000,000 | ---D | C] -- C:\Users\Joyus\Documents\Poppys Prints Templates ORIGINALS
[2012/12/07 20:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Zoomex
[2012/12/06 21:49:59 | 000,000,000 | ---D | C] -- C:\Users\Joyus\Desktopzkw
[2012/12/05 16:00:35 | 000,000,000 | ---D | C] -- C:\Users\Joyus\AppData\Roaming\Adobe Mini Bridge CS5
[2012/12/05 15:15:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2012/12/05 14:18:19 | 000,000,000 | ---D | C] -- C:\Users\Joyus\AppData\Roaming\PearlMountain
[2012/12/05 14:18:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PearlMountain
[2012/12/04 22:49:20 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E495C549-FA37-49F8-9EF7-A92CE55058C9}
[2012/12/04 22:48:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\{BB82CA89-D29D-45D2-8C0C-C824A39D588E}
[2012/12/04 22:47:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\{896AFBDD-72FF-40B8-B6B8-33C6022AD113}
[2012/12/04 22:47:19 | 000,000,000 | -H-D | C] -- C:\ProgramData\{9C90450F-E325-424C-B16B-8809320C3F92}
[2012/12/04 22:45:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E314972B-E8D6-465D-AE74-6CC08535701F}
[2012/12/04 22:45:29 | 000,000,000 | -H-D | C] -- C:\ProgramData\{EC2F7042-ADE8-4F04-9A7E-2316AD6311E2}
[2012/12/04 22:44:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\{5BCAA0F1-4CEB-4ED4-9E18-B9D4FB521338}
[2012/12/04 22:44:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\{89E2929F-C967-49CB-9FE3-FD86B97312FE}
[2012/12/04 22:44:29 | 000,000,000 | -H-D | C] -- C:\ProgramData\{CB2950A3-A919-41C2-8920-64738E7DDEE8}
[2012/12/04 22:44:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B21E6C95-1429-4BC6-AA4D-4219C78235A1}
[2012/12/04 22:43:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\{0DEDF45C-1DEC-4670-AACA-9EC906125BFB}
[2012/12/04 22:43:35 | 000,000,000 | -H-D | C] -- C:\ProgramData\{34007C15-AD5B-4CB2-A047-04AB415A841A}
[2012/12/04 22:43:23 | 000,000,000 | -H-D | C] -- C:\ProgramData\{3D9F190A-0F10-4AD6-809B-E15B73D0B8BE}
[2012/12/04 22:43:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\{54AE07EB-BBE5-4429-9DF3-C156DB112B54}
[2012/12/04 22:42:52 | 000,000,000 | -H-D | C] -- C:\ProgramData\{F7D319B6-E312-49A7-AA67-4737E676DD03}
[2012/12/04 22:42:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\{35056848-1DF5-4D37-85C5-0134DA6F6DFD}
[2012/12/04 22:42:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\{3FC6E797-6A27-41D8-BCD6-DFD8BCD6103E}
[2012/12/04 22:41:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\{33BC0E96-6441-46C9-9F09-529996C10736}
[2012/12/04 22:40:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A86A537E-18B3-414C-8CA0-92F4066C1B5C}
[2012/12/04 22:40:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Topaz Labs
[2012/12/04 22:40:17 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6172A493-DBB5-49D2-B3DC-94690BB85ACF}
[2012/12/04 22:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Topaz Labs
[2012/12/04 22:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Topaz Labs
[2012/12/04 22:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs
[2012/12/04 22:30:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1018
[2012/12/04 19:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Collage Maker Pro
[2012/12/04 19:54:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Picture Collage Maker Pro
[2012/12/03 22:17:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2012/12/03 22:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2012/12/02 19:12:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\3023
[2012/12/02 14:50:14 | 000,000,000 | ---D | C] -- C:\Users\Joyus\Desktop\John
[2012/11/29 06:59:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio
[2012/11/29 06:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\Serviio
[2012/11/28 22:46:31 | 000,955,888 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/11/28 22:46:31 | 000,839,152 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/11/28 22:46:31 | 000,268,784 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/11/28 22:45:59 | 000,189,424 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/11/28 22:45:59 | 000,188,912 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/11/28 22:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\Java

========== Files - Modified Within 30 Days ==========

[2012/12/27 20:30:56 | 000,000,110 | ---- | M] () -- C:\.dir
[2012/12/27 20:19:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/27 19:46:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/27 18:37:56 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/27 18:37:56 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/27 18:30:47 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/12/27 18:30:41 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/27 18:29:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/27 18:29:14 | 2800,402,432 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/27 01:01:34 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/12/24 15:07:53 | 000,000,000 | ---- | M] () -- C:\Users\Joyus\defogger_reenable
[2012/12/21 19:33:19 | 000,001,103 | ---- | M] () -- C:\Users\Joyus\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2012/12/21 19:01:42 | 000,002,464 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/12/21 19:01:36 | 000,001,410 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/12/21 17:09:27 | 000,000,350 | -H-- | M] () -- C:\Windows\tasks\avast! Emergency Update.job
[2012/12/21 17:09:27 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/12/21 03:23:44 | 004,962,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/19 20:46:44 | 000,001,456 | ---- | M] () -- C:\Users\Joyus\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/12/16 17:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/12/16 14:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/12/16 14:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/12/16 14:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/12/15 21:33:29 | 000,001,085 | ---- | M] () -- C:\Users\Joyus\Desktop\Public - Shortcut.lnk
[2012/12/12 05:46:48 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/12/12 05:46:48 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/12/09 14:00:52 | 000,794,482 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/09 14:00:52 | 000,676,192 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/09 14:00:52 | 000,129,236 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/08 14:09:01 | 001,341,707 | ---- | M] () -- C:\Users\Joyus\Documents\Poppys Prints Templates ORIGINALS.zip
[2012/12/04 19:55:40 | 000,001,128 | ---- | M] () -- C:\Users\Joyus\Application Data\Microsoft\Internet Explorer\Quick Launch\Picture Collage Maker Pro.lnk
[2012/12/03 20:57:39 | 000,001,456 | ---- | M] () -- C:\Users\Joyus\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/12/03 00:33:45 | 000,129,456 | ---- | M] () -- C:\Users\Joyus\Desktop\network-devices-and-lan-05-rj45-wiring-diagram.jpg
[2012/11/29 06:59:16 | 000,001,845 | ---- | M] () -- C:\Users\Joyus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk
[2012/11/28 22:45:47 | 000,955,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/11/28 22:45:47 | 000,839,152 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/11/28 22:45:47 | 000,268,784 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/11/28 22:45:47 | 000,189,424 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/11/28 22:45:47 | 000,188,912 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe

========== Files Created - No Company Name ==========

[2012/12/26 23:55:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/12/26 23:55:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/12/26 23:55:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/12/26 23:55:48 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/12/26 23:55:48 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/12/24 15:07:53 | 000,000,000 | ---- | C] () -- C:\Users\Joyus\defogger_reenable
[2012/12/21 19:33:19 | 000,001,103 | ---- | C] () -- C:\Users\Joyus\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2012/12/21 17:09:27 | 000,000,350 | -H-- | C] () -- C:\Windows\tasks\avast! Emergency Update.job
[2012/12/21 17:09:27 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/12/15 21:33:29 | 000,001,085 | ---- | C] () -- C:\Users\Joyus\Desktop\Public - Shortcut.lnk
[2012/12/11 20:24:10 | 000,108,126 | ---- | C] () -- C:\Users\Joyus\Desktop\IMG_0237.JPG
[2012/12/08 14:08:55 | 001,341,707 | ---- | C] () -- C:\Users\Joyus\Documents\Poppys Prints Templates ORIGINALS.zip
[2012/12/06 17:49:36 | 009,530,015 | ---- | C] () -- C:\Users\Joyus\Documents\DESIGNJET 5000 5000PS Service Manual.pdf
[2012/12/05 22:23:47 | 000,001,456 | ---- | C] () -- C:\Users\Joyus\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/12/04 19:55:40 | 000,001,128 | ---- | C] () -- C:\Users\Joyus\Application Data\Microsoft\Internet Explorer\Quick Launch\Picture Collage Maker Pro.lnk
[2012/12/03 22:22:44 | 000,001,077 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
[2012/12/03 22:21:42 | 000,001,213 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
[2012/12/03 22:19:45 | 000,001,175 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
[2012/12/03 22:19:16 | 000,001,268 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
[2012/12/03 22:14:50 | 000,001,359 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.exe.lnk
[2012/12/03 22:14:38 | 000,001,525 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2012/12/03 00:33:44 | 000,129,456 | ---- | C] () -- C:\Users\Joyus\Desktop\network-devices-and-lan-05-rj45-wiring-diagram.jpg
[2012/11/29 06:59:39 | 000,000,110 | ---- | C] () -- C:\.dir
[2012/11/29 06:59:16 | 000,001,845 | ---- | C] () -- C:\Users\Joyus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk
[2012/10/15 14:49:12 | 000,001,456 | ---- | C] () -- C:\Users\Joyus\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/09/12 13:13:47 | 000,003,584 | ---- | C] () -- C:\Users\Joyus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/10 20:49:03 | 000,205,527 | ---- | C] () -- C:\Windows\hpwins26.dat.temp
[2012/09/10 16:28:23 | 000,000,370 | ---- | C] () -- C:\Windows\hpwmdl26.dat.temp
[2012/09/08 12:37:47 | 000,205,227 | ---- | C] () -- C:\Windows\hpwins26.dat
[2012/09/04 07:05:28 | 000,000,803 | ---- | C] () -- C:\Windows\hpntwksetup.ini
[2012/08/15 12:02:57 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\srcliennt.dll
[2012/08/15 12:02:57 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\srcliennnt.dll
[2012/08/15 12:02:57 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\srcliennnnt.dll
[2012/08/15 12:02:57 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\srcliennnnnt.dll
[2012/08/15 12:02:57 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\srcliennnnnnt.dll
[2012/08/15 12:02:57 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\srcliennnnnnnt.dll
[2012/08/09 21:53:22 | 000,000,072 | ---- | C] () -- C:\Windows\pcxhy.sys
[2012/07/13 11:25:19 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/04/06 14:53:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/04/06 14:50:35 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/11/02 05:59:32 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/10/19 04:11:04 | 000,780,394 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/18 19:49:51 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\accessibilllitycpl.dll
[2011/02/18 19:49:51 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\accessibillitycpl.dll

========== ZeroAccess Check ==========

[2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 05:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 04:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 12:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 176 bytes -> C:\ProgramData\Temp:1AAB2E68

< End of report >

#13 gringo_pr

Bleepin Gringo

Malware Response Team
120,402 posts

Gender:Male
Location:Puerto rico

Posted 27 December 2012 - 04:47 PM

Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

Double-click OTL.exe to start the program.

Copy and Paste the following code into the Posted Image

text box.

:OTL
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.privitize.com/?aff=7
IE - HKLM\..\SearchScopes\{D3471CB7-BEE1-4F59-B0C8-CFCBFADDF88D}: "URL" = ${SEARCH_URL}{searchTerms}
IE - HKU\S-1-5-21-2970566802-3955279507-3644801842-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.privitize.com/?aff=7
[2012/08/31 21:59:59 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2012/12/07 20:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Zoomex
:Files
ipconfig /flushdns /c
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default
:Commands
[PURITY]
[emptyjava]
[EMPTYFLASH]
[reboot]

Then click the Run Fix button at the top.
Click .
OTL may ask to reboot the machine. Please do so if asked.
The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Gringo

#14 budbecks

Member

Members
34 posts

Posted 27 December 2012 - 05:02 PM

Privitise is not redirecting anymore i dont think

I lost all my bookmarks in chrome, should have back them up never mind.

========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D3471CB7-BEE1-4F59-B0C8-CFCBFADDF88D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3471CB7-BEE1-4F59-B0C8-CFCBFADDF88D}\ not found.
HKU\S-1-5-21-2970566802-3955279507-3644801842-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Plugins folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\modules folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\META-INF folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\lib folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults\preferences folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\skin folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\sl folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\lib folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\core folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_POPUP\js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_POPUP folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_EMBEDDED folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib folder moved successfully.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\script folder moved successfully.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view scheduled to be moved on reboot.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH scheduled to be moved on reboot.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG scheduled to be moved on reboot.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION scheduled to be moved on reboot.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS scheduled to be moved on reboot.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER scheduled to be moved on reboot.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\404 folder moved successfully.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\img folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\css folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\img folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\css folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd folder moved successfully.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg scheduled to be moved on reboot.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui scheduled to be moved on reboot.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\js folder moved successfully.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js\resources folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\images folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\css folder moved successfully.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options scheduled to be moved on reboot.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\myStuffDialogs folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js\resources folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js folder moved successfully.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features scheduled to be moved on reboot.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\api folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\res folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\css folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\js folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\images folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox folder moved successfully.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} scheduled to be moved on reboot.
C:\ProgramData\Zoomex\data folder moved successfully.
C:\ProgramData\Zoomex folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Joyus\Desktop\removal\cmd.bat deleted successfully.
C:\Users\Joyus\Desktop\removal\cmd.txt deleted successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Session Storage folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#www.redrivercatalog.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#www.paypalobjects.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#www.paypal.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#www.nwolb.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#www.dhgate.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#www.dailymotion.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#www.bbc.co.uk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#www.adobe.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#static1.dmcdn.net folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#static.befunky.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#stat.ed.cupidplc.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#secureinclude.ebaystatic.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#s7g1.scene7.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#s.ytimg.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#s-assets.tp-cdn.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#joystickjunkies.co.uk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#is1.j.tv2n.net folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#image.dhgate.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#ia.media-imdb.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#effectivemeasure.net folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#d.yimg.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#core.saymedia.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#cfiles.5min.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#cdn.oggifinogi.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#cache.btrll.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#bandstores.co.uk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#arcot.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\xritephoto.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\xfactor.itv.com\_uploads\siteassets\swf\FLVPlayer.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\xfactor.itv.com\_uploads\siteassets\swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\xfactor.itv.com\_uploads\siteassets folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\xfactor.itv.com\_uploads folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\xfactor.itv.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.redrivercatalog.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.paypalobjects.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.paypal.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.nwolb.com\Brands\RSA_js\rsa_fso.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.nwolb.com\Brands\RSA_js folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.nwolb.com\Brands folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.nwolb.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.itv.com\Mercury folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.itv.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.faceinhole.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.dhgate.com\scripts\evercookie.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.dhgate.com\scripts folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.dhgate.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.dailymotion.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.bbc.co.uk\emp folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.bbc.co.uk\##EFFD37471FD40556 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.bbc.co.uk\##EFFC373F1FD40155 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\www.bbc.co.uk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\videohosting.sidereel.com\##774A93821E2A2B05 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\videohosting.sidereel.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\tag.audiencetv.hiro.tv\US_FARM_AudienceT# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\tag.audiencetv.hiro.tv\##441A80D3F6243E45 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\tag.audiencetv.hiro.tv folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\t.cxt.ms\lso.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\t.cxt.ms folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\static1.dmcdn.net folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\static.issuu.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\stat.ed.cupidplc.com\images\ed2.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\stat.ed.cupidplc.com\images folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\stat.ed.cupidplc.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\software.hiro.tv folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\skymovies.sky.com\##C4BF1FC4C78E8D59 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\skymovies.sky.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\secureinclude.ebaystatic.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\secure-uk.imrworldwide.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\s7g1.scene7.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\s.ytimg.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\s-assets.tp-cdn.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\pf.kizoa.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\p.iivt.com\iivt.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\p.iivt.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\online.hmrc.gov.uk\js\device-profile\cookie.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\online.hmrc.gov.uk\js\device-profile folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\online.hmrc.gov.uk\js folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\online.hmrc.gov.uk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\new.livejasmincdn.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\mts.mansion.com\MtsStorage.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\mts.mansion.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\mpsnare.iesnare.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\mochiads.com\__ms_1# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\mochiads.com\__ms_# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\mochiads.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\megazebra-facebo#\ok-marble-static.mega-zebra.com\##F14FDA62EE381D0D folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\megazebra-facebo#\ok-marble-static.mega-zebra.com\##F14DEA62EE37DE0D folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\megazebra-facebo#\ok-marble-static.mega-zebra.com\##F01E3301EDEA034C folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\megazebra-facebo#\ok-marble-static.mega-zebra.com\##E9522301EA38824C folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\megazebra-facebo#\ok-marble-static.mega-zebra.com\##A624A6F1104BB70D folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\megazebra-facebo#\ok-marble-static.mega-zebra.com\##A5A43A30CFAA01B9 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\megazebra-facebo#\ok-marble-static.mega-zebra.com\##A5A0D428C0E3FDB9 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\megazebra-facebo#\ok-marble-static.mega-zebra.com\##5624D304D0E268BD folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\megazebra-facebo#\ok-marble-static.mega-zebra.com\##5624D20CD0E16CBD folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\megazebra-facebo#\ok-marble-static.mega-zebra.com\##2624A7011147B70D folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\megazebra-facebo#\ok-marble-static.mega-zebra.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\megazebra-facebo# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\media1.break.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\media.kelbymediagroup.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\mansioncasino.com\flash\flash_object_81.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\mansioncasino.com\flash folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\mansioncasino.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\mail.google.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#xritephoto.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#xfactor.itv.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#www.sonos.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#www.paypalobjects.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#www.mywebpresenters.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#www.media.barclays.co.uk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#www.itv.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#www.faceinhole.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#www.dhgate.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#www.channel4.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#www.bbc.co.uk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#www.askmefast.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#videohosting.sidereel.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#tag.audiencetv.hiro.tv folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#t.cxt.ms folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#static.issuu.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#software.hiro.tv folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#skype.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#skymovies.sky.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#secure-uk.imrworldwide.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#s0.2mdn.net folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#s.ytimg.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#s-assets.tp-cdn.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#pf.kizoa.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#p.iivt.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#online.hmrc.gov.uk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#new.livejasmincdn.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#mts.mansion.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#mpsnare.iesnare.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#mochiads.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#media1.break.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#media.kelbymediagroup.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#mansioncasino.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#mail.google.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#login.yahoo.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#is1.j.tv2n.net folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#image.dhgate.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#ia.media-imdb.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#i0.poll.fm folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#hiro.viewster.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#go.sky.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#embed.wistia.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#effectivemeasure.net folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#core.saymedia.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#cfiles.5min.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#cdn.zopim.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#cdn.playwire.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#cdn.oggifinogi.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#cc1.midasplayer.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#bw1.midasplayer.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#assets.bunchball.net folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#as1.suitesmart.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#affiliate-robot.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#admin.brightcove.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#ad.e-kolay.net folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#a.vimeocdn.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys\#37.128.191.193 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer\sys folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support\flashplayer folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\support folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\##D19375AE0FDBBA3C folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\##45EC4C9792AE2268 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com\##327625EA92F392E6 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\macromedia.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\login.yahoo.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\is1.j.tv2n.net folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\images-na.ssl-images-amazon.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\image.dhgate.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\ia.media-imdb.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\i0.poll.fm\swf\storage.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\i0.poll.fm\swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\i0.poll.fm folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\hiro.viewster.com\US_FARM_viewste# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\hiro.viewster.com\##590D0E96AA4C2B7A folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\hiro.viewster.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\go.sky.com\##EE7F77D90BD38948 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\go.sky.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\embed.wistia.com\flash\embed_player_v2.0.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\embed.wistia.com\flash folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\embed.wistia.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\effectivemeasure.net folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\d.yimg.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\core.saymedia.com\bb\20121119_1019_82246d3a\pc\vepc.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\core.saymedia.com\bb\20121119_1019_82246d3a\pc folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\core.saymedia.com\bb\20121119_1019_82246d3a folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\core.saymedia.com\bb folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\core.saymedia.com\#ve folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\core.saymedia.com\#com\videoegg folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\core.saymedia.com\#com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\core.saymedia.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cfiles.5min.com\www.huffing# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cfiles.5min.com\AO# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cfiles.5min.com\5minSessionTrack# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cfiles.5min.com\5minSessionTra# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cfiles.5min.com\5minS# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cfiles.5min.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cdn3.telemetryverification.net folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cdn.zopim.com\swf\ZClientController.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cdn.zopim.com\swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cdn.zopim.com\jebeU9iynvWr16aU# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cdn.zopim.com\jebeU9iynvWr16a# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cdn.zopim.com\5KZIxkfyuf6xSkde# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cdn.zopim.com\5KZIxkfyuf6xSkd# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cdn.zopim.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cdn.playwire.com\bolt.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cdn.playwire.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cdn.oggifinogi.com\OggiUtilities_a0f87d6d_# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cdn.oggifinogi.com\OggiUtilities_315c0f4d_# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cdn.oggifinogi.com\OggiUtilities_1cc95cbb_# folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cdn.oggifinogi.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cc1.midasplayer.com\swf\CCMain.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cc1.midasplayer.com\swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\cc1.midasplayer.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\bw1.midasplayer.com\swf\bubblewitch.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\bw1.midasplayer.com\swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\bw1.midasplayer.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\as1.suitesmart.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\arcot.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\affiliate-robot.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\admin.brightcove.com\##C06509FF679F0D6A folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\admin.brightcove.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\ad.e-kolay.net\bt.swf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\ad.e-kolay.net folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\a.vimeocdn.com folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF\37.128.191.193 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\L6XFQ9FF folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\CP6XLLJR folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Pepper Data folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Media Cache folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Local Storage folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\__MACOSX\_locales folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\__MACOSX folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\zh_TW folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\zh_CN folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\vi folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\uk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\tr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\th folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\se folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ru folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ro folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pt_PT folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pt_BR folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\no folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\nl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\lv folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\lt folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ko folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ja folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\it folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\id folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hu folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hi folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fil folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fi folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\es folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\en folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\el folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\de folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\da folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\cs folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ca folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\bg folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ar folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\zh_TW folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\zh_CN folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\vi folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\ur folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\uk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\tr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\th folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\sv folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\sr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\sl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\sk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\ru folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\ro folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\pt_PT folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\pt_BR folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\pl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\nl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\nb folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\ms folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\lv folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\ko folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\ja folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\it folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\id folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\hu folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\hr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\hi folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\he folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\fr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\fi folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\fa folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\et folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\es folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\en_GB folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\en folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\el folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\de folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\da folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\cs folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\ca folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\bn folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\bg folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\be folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales\ar folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\_locales folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\skin\images\icons folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\skin\images folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\skin\css folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\skin folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\scripts folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\libs folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\zh_TW folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\zh_CN folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\vi folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\uk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\tr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\th folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\sv folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\sr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\sl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\sk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\ru folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\ro folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\pt_PT folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\pt_BR folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\pl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\no folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\nl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\lv folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\lt folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\ko folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\ja folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\it folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\id folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\hu folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\hr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\hi folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\he folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\fr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\fil folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\fi folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\et folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\es_419 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\es folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\en_US folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\en_GB folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\en folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\el folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\de folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\da folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\cs folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\ca folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\bg folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales\ar folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\_locales folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\zh_TW folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\zh_CN folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\vi folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\uk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\tr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\th folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\sv folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\sr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\sl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\sk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\ru folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\ro folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\pt_PT folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\pt_BR folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\pl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\no folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\nl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\lv folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\lt folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\ko folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\ja folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\it folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\id folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\hu folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\hr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\hi folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\he folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\fr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\fil folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\fi folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\es folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\en folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\el folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\de folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\da folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\cs folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\ca folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\bg folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales\ar folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX\_locales folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\__MACOSX folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\zh_TW folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\zh_CN folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\vi folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\uk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\tr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\th folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\sv folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\sr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\sl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\sk folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\ru folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\ro folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\pt_PT folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\pt_BR folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\pl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\no folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\nl folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\lv folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\lt folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\ko folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\ja folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\it folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\id folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\hu folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\hr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\hi folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\he folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\fr folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\fil folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\fi folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\es folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\en folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\el folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\de folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\da folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\cs folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\ca folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\bg folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales\ar folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\_locales folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extensions folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Extension State folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\databases\http_www.screwfix.com_0 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\databases\http_download.cnet.com_0 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\databases\https_signin.ebay.co.uk_0 folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\databases folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default\Cache folder moved successfully.
C:\Users\Joyus\AppData\Local\Google\Chrome\User Data\Default folder moved successfully.
========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Joyus

User: Public

Total Java Files Cleaned = 0.00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 56504 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Joyus
->Flash cache emptied: 57195 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 12272012_215054

Files\Folders moved on Reboot...
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome folder moved successfully.
C:\Users\Joyus\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} folder moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#15 gringo_pr

Bleepin Gringo

Malware Response Team
120,402 posts

Gender:Male
Location:Puerto rico

Posted 27 December 2012 - 05:58 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image

This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

In your next post I need the following

report from Combofix
let me know of any problems you may have had
How is the computer doing now after running the script?

Gringo