Hijack.userInit virus

gco1133 · July 6, 2013

Hi Please help with the removal of this logs below

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/10/2010 12:35:55
System Uptime: 06/07/2013 23:58:17 (1 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Pentium® Dual-Core CPU       T4500 @ 2.30GHz | CPU | 2300/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 49.713 GiB free.
D: is FIXED (NTFS) - 233 GiB total, 0.712 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP189: 27/06/2013 12:03:30 - ComboFix created restore point
RP190: 05/07/2013 01:06:48 - Scheduled Checkpoint
RP191: 05/07/2013 23:00:00 - Restore Operation
RP192: 07/07/2013 00:03:10 - Installed AVG 2013
RP193: 07/07/2013 00:03:58 - Installed AVG 2013
.
==== Installed Programs ======================
.
7-Zip 9.17 beta
888poker
Adobe Acrobat 4.0
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7)
Advertising Center
Amazon.co.uk
Ask Toolbar
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
Atheros Driver Installation Program
AVG 2013
Bejeweled 2 Deluxe
Bing Bar
Bridge Base Online
Bridge Studio version 2.23
Bundled software uninstaller
Canon Easy-PhotoPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MG3100 series MP Drivers
Canon MG3100 series On-screen Manual
Canon MG3100 series User Registration
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
CCleaner
Chuzzle Deluxe
Conexant HD Audio
D3DX10
Diner Dash 2 Restaurant Rescue
eBay
ESET Online Scanner v3
FATE
FoxTab PDF Converter
Free Ride Games Player
Google Chrome
Google Chrome Frame
Google Toolbar for Internet Explorer
Google Update Helper
ImagXpress
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Internet Explorer Toolbar 4.7 by SweetPacks
Java 7 Update 7
Java Auto Updater
Java 6 Update 17
Jewel Quest II
Junk Mail filter update
Littlewoods Casino
London and South East
Malwarebytes Anti-Malware version 1.70.0.1100
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Default Manager
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Train Simulator
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 22.0 (x86 en-GB)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 9 Essentials
Nero BackItUp
Nero BackItUp and Burn
Nero BurnRights
Nero BurnRights Help
Nero ControlCenter
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero RescueAgent
Nero StartSmart
Nero StartSmart Help
NeroExpress
neroxml
Office Suite X 3.3
OptimizerPro
pdfsam
Penguins!
Photo Service - powered by myphotobook
Plants vs. Zombies
PlayReady PC Runtime amd64
Polar Bowler
QuickTime
Realtek USB 2.0 Card Reader
Rise and Fall
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Skype Toolbars
Skype™ 5.10
SpanishNow!
Spybot - Search & Destroy
Swag Bucks Toolbar
SweetIM for Messenger 3.7
Synaptics Pointing Device Driver
The Great Escape
Toshiba Assist
TOSHIBA Bulletin Board
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Manuals
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA Online Product Information
TOSHIBA Recovery Media Creator
TOSHIBA Recovery Media Creator Reminder
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
Toshiba TEMPRO
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
TRORMCLauncher
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update Manager for SweetPacks 1.1
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.2
Web Assistant 2.0.0.100
WildTangent Games
WildTangent ORB Game Console
William Hill CASINO CLUB
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yontoo 2.051
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
07/07/2013 00:00:39, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
07/07/2013 00:00:38, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
07/07/2013 00:00:37, Error: Application Popup [1060] - \??\C:\Users\GrahamO\AppData\Local\Temp\djgthpae.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
06/07/2013 23:58:59, Error: Service Control Manager [7001] - The SBSD Security Center Service service depends on the Security Center service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
06/07/2013 23:34:59, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
06/07/2013 23:32:36, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
06/07/2013 09:25:22, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
06/07/2013 09:25:21, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
06/07/2013 09:25:21, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
06/07/2013 09:25:18, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
06/07/2013 09:25:12, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
06/07/2013 09:25:04, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver Avgldx64 discache spldr Wanarpv6
06/07/2013 09:25:04, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
06/07/2013 09:25:03, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
06/07/2013 09:25:03, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.
06/07/2013 01:40:01, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
06/07/2013 01:39:17, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
06/07/2013 01:31:25, Error: Service Control Manager [7034] - The Web Assistant Updater service terminated unexpectedly. It has done this 1 time(s).
06/07/2013 00:34:56, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
06/07/2013 00:34:56, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
06/07/2013 00:34:24, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
06/07/2013 00:34:24, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
06/07/2013 00:34:02, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
05/07/2013 10:27:00, Error: Service Control Manager [7034] - The AVGIDSAgent service terminated unexpectedly. It has done this 1 time(s).
02/07/2013 15:58:54, Error: Service Control Manager [7030] - The SProtection service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
.
==== End Of File ===========================DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.7.2
Run by GrahamO at 0:42:00 on 2013-07-07
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.3964.1954 [GMT 1:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Outdated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Outdated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
C:\Users\GrahamO\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Windows\system32\svchost.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Windows\system32\svchost.exe
C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\QuickTime\qttask.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\svchost.exe -k defragsvc
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

uProxyServer = hxxp=127.0.0.1:49475
uProxyOverride = <local>
mURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = userinit.exe,,C:\Users\GrahamO\AppData\Local\nsycuvkh\vyqofytx.exe
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\npchrome_frame.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Swag Bucks Toolbar: {8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
uRun: [Yontoo Desktop] "C:\Users\GrahamO\AppData\Roaming\Yontoo\YontooDesktop.exe"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [VyqOfytx] C:\Users\GrahamO\AppData\Local\nsycuvkh\vyqofytx.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [NBAgent] "c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
mRun: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
dRun: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
dRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
StartupFolder: C:\Users\GrahamO\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TRDCRE~1.LNK - C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe
StartupFolder: C:\Users\GrahamO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vyqofytx.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -

TCP: NameServer = 192.168.0.1
TCP: Interfaces\{7BC6162B-8FA6-4F02-9D16-FCC1846E815F} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{7BC6162B-8FA6-4F02-9D16-FCC1846E815F}\F4230275966696 : DHCPNameServer = 10.66.59.71 10.66.59.70
TCP: Interfaces\{A22D127C-938C-4DC7-8264-DF55CA381631} : DHCPNameServer = 194.168.4.100 194.168.8.100
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\npchrome_frame.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
x64-Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\GrahamO\AppData\Roaming\Mozilla\Firefox\Profiles\y804vfuy.default\

FF - prefs.js: browser.search.selectedEngine - WhiteSmoke New Customized Web Search

FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Free Ride Games\npExentCtl.dll
FF - plugin: C:\Program Files (x86)\Free Ride Games\npGameTreatWidget.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\GrahamO\AppData\Roaming\Mozilla\Firefox\Profiles\y804vfuy.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\plugins\np-mswmp.dll
FF - plugin: C:\Users\GrahamO\AppData\Roaming\Mozilla\Firefox\Profiles\y804vfuy.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-06-29 14:08; {739df940-c5ee-4bab-9d7e-270894ae687a}; C:\Users\GrahamO\AppData\Roaming\Mozilla\Firefox\Profiles\y804vfuy.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
FF - ExtSQL: 2013-07-02 17:25; uysmcj@wboyuu.org; C:\Users\GrahamO\AppData\Roaming\Mozilla\Firefox\Profiles\y804vfuy.default\extensions\uysmcj@wboyuu.org
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6R8FsJFoSb
FF - user.js: extensions.incredibar_i.upn2n - 92825072926610887
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10643
FF - user.js: extensions.incredibar_i.ppd - 6666646935
FF - user.js: extensions.incredibar_i.newTab - false

FF - user.js: extensions.incredibar_i.id - a095438d00000000000000266c839e9a
FF - user.js: extensions.incredibar_i.instlDay - 15600
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1418:09:17
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extentions.y2layers.installId - bd79189f-65b3-4e2b-ad9d-37539c0751fe
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,buzzdock,YontooNewOffers
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-4 45856]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [2013-6-26 1598128]
R2 X5XSEx_Pr143;X5XSEx_Pr143;C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.sys [2012-11-30 56136]
R2 Yontoo Desktop Updater;Yontoo Desktop Updater;C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe [2013-4-3 23552]
R3 FwLnk;FwLnk Driver;C:\Windows\System32\drivers\FwLnk.sys [2010-4-8 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-3-4 75816]
R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2010-9-17 35008]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2010-4-8 51512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-4-19 1153368]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S2 Web Assistant Updater;Web Assistant Updater;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe --> C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-4-8 232992]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-2-11 124368]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-9 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-13 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .vbs: VBSFile=C:\Windows\System32\WScript.exe "%1" %* [userChoice]
.
=============== Created Last 30 ================
.
2013-07-06 23:06:18 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
2013-07-06 22:36:56 -------- d-----w- C:\Users\GrahamO\AppData\Local\{FC5D5148-09DB-4D5B-A911-881FD1C4D43E}
2013-07-06 22:34:55 -------- d-sh--w- C:\$RECYCLE.BIN
2013-07-06 22:32:29 -------- d-s---w- C:\ComboFix
2013-07-06 08:28:52 -------- d-----w- C:\Program Files (x86)\ESET
2013-07-06 07:05:12 -------- d-----w- C:\Users\GrahamO\AppData\Local\{51F63C5B-4059-4E82-B92F-8BDDEEC0830F}
2013-07-05 23:03:47 -------- d-----w- C:\Program Files\CCleaner
2013-07-05 22:40:45 -------- d-----w- C:\Users\GrahamO\AppData\Local\{5E2D7EF7-C79E-465E-9E70-1E6C94992179}
2013-07-05 21:53:48 -------- d-----w- C:\Users\GrahamO\AppData\Roaming\GetRightToGo
2013-07-05 10:19:50 -------- d-----w- C:\Users\GrahamO\AppData\Local\{339C0B1C-04A1-4F9E-AB94-C7746447E78F}
2013-07-05 09:30:26 -------- d-----w- C:\Users\GrahamO\AppData\Roaming\Xulow
2013-07-05 09:30:26 -------- d-----w- C:\Users\GrahamO\AppData\Roaming\Ciwyq
2013-07-04 22:58:10 221184 --s---w- C:\Users\GrahamO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vyqofytx.exe
2013-07-04 22:19:26 -------- d-----w- C:\Users\GrahamO\AppData\Local\{7461E46F-6C8E-4173-85E9-44C386E59F11}
2013-07-04 09:51:52 -------- d-----w- C:\Users\GrahamO\AppData\Local\{2E78804B-EC45-42CE-828F-D76AA55A8301}
2013-07-03 08:55:41 -------- d-----w- C:\Users\GrahamO\AppData\Local\{4DF9BEF0-E4B7-4F14-B22F-89EB11C15286}
2013-07-02 20:55:18 -------- d-----w- C:\Users\GrahamO\AppData\Local\{91EEF3E5-D41E-4504-A347-4B08415E98DD}
2013-07-02 15:01:49 -------- d-----w- C:\Users\GrahamO\AppData\Local\Bundled software uninstaller
2013-07-02 08:43:41 -------- d-----w- C:\Users\GrahamO\AppData\Local\{27B0EB01-310E-425F-8BF6-355092C1D762}
2013-07-02 08:13:26 -------- d-----w- C:\Users\GrahamO\AppData\Local\{A51A6FDE-72FB-4D81-AF81-064E641B62E1}
2013-07-01 19:48:09 -------- d-----w- C:\Users\GrahamO\AppData\Local\{7D859D2A-EEB3-4CB3-8800-0677F23BC93C}
2013-07-01 07:47:45 -------- d-----w- C:\Users\GrahamO\AppData\Local\{2639304B-DFD0-4D3C-B224-A1ADF5E8EA32}
2013-06-30 13:30:44 -------- d-----w- C:\Users\GrahamO\AppData\Local\{482CE160-AE5F-4AC4-8212-9C2921547CDB}
2013-06-29 22:00:14 -------- d-----w- C:\Users\GrahamO\AppData\Local\{C758CF1E-BE98-4A5E-883A-1A5DD27B123B}
2013-06-29 13:08:08 -------- d-----w- C:\Users\GrahamO\AppData\Local\CRE
2013-06-29 13:07:08 -------- d-----w- C:\ProgramData\StarApp
2013-06-29 13:07:01 -------- d-----w- C:\ProgramData\BetterSoft
2013-06-29 13:05:56 -------- d-----w- C:\ProgramData\InstallMate
2013-06-29 09:38:06 -------- d-----w- C:\Users\GrahamO\AppData\Local\{F509AE58-F395-4ECC-BBA3-B5F788882BB3}
2013-06-28 11:24:11 -------- d-----w- C:\Users\GrahamO\AppData\Local\{6469CF85-1785-434D-B5AB-830931304C4F}
2013-06-27 23:23:47 -------- d-----w- C:\Users\GrahamO\AppData\Local\{F21E1D90-730D-42C7-A27C-314D72D5E2CC}
2013-06-27 09:59:16 -------- d-----w- C:\Users\GrahamO\AppData\Local\{AAD82743-AAFA-47CC-A910-3D945C583D4C}
2013-06-26 21:37:49 -------- d-----w- C:\Users\GrahamO\AppData\Local\{94167E6E-C42E-48C0-BBE3-51B394427D98}
2013-06-26 09:20:06 -------- d-----w- C:\Users\GrahamO\AppData\Local\{162B0C4E-AEAD-44EF-9E2F-F830B72EBA68}
2013-06-25 20:22:20 -------- d-----w- C:\Users\GrahamO\AppData\Local\{7C3D6D3C-225D-4F8B-90B0-EAF31FED2E7C}
2013-06-25 13:47:01 -------- d-----w- C:\Users\GrahamO\AppData\Local\nsycuvkh
2013-06-25 06:35:39 -------- d-----w- C:\Users\GrahamO\AppData\Local\{2993CF24-2E2A-4820-B76B-08959243912F}
2013-06-24 13:58:40 -------- d-----w- C:\Users\GrahamO\AppData\Local\{6698643B-BE07-45CF-861C-C635E1FD1CD2}
2013-06-22 21:16:33 -------- d-----w- C:\Users\GrahamO\AppData\Local\{BF49B3D9-767E-4D30-91D3-6DD1C5275963}
2013-06-21 21:23:20 -------- d-----w- C:\Users\GrahamO\AppData\Local\{B94B55D9-5C54-44A7-AF4C-3FEC5CDC8B9B}
2013-06-20 21:07:16 -------- d-----w- C:\Users\GrahamO\AppData\Local\{731F5D6C-E67B-4108-99B4-3499E2140344}
2013-06-19 22:15:22 -------- d-----w- C:\Users\GrahamO\AppData\Local\{EFEB07FD-79F7-466F-AEA0-CE5C3336B67A}
2013-06-18 16:07:29 286720 ----a-w- C:\Windows\iun506.exe
2013-06-18 15:54:06 -------- d-----w- C:\Users\GrahamO\AppData\Local\{F27132E2-723F-44F5-8549-42CB53AE29ED}
2013-06-17 21:33:39 -------- d-----w- C:\Users\GrahamO\AppData\Local\{2A183F83-0E4F-4A96-A7C5-2AC20AF04A70}
2013-06-17 09:33:15 -------- d-----w- C:\Users\GrahamO\AppData\Local\{22FE8593-616C-4C3B-9881-335F477A79A7}
2013-06-16 21:24:22 -------- d-----w- C:\Users\GrahamO\AppData\Local\{E6808DD9-5F4A-444D-8FF6-B4D8F1AB3CD2}
2013-06-16 07:57:35 -------- d-----w- C:\Users\GrahamO\AppData\Local\{95461CE2-2478-429C-96D3-7141E532AF72}
2013-06-15 10:12:07 -------- d-----w- C:\Users\GrahamO\AppData\Local\{70D814FC-309F-4395-9392-373274D0DC85}
2013-06-14 20:52:16 -------- d-----w- C:\Users\GrahamO\AppData\Local\{CCE77B32-0CF4-4669-9227-DB92CA7AA0C4}
2013-06-14 08:51:53 -------- d-----w- C:\Users\GrahamO\AppData\Local\{65CAF464-2143-4AC0-A0FD-5BD8E8E1E388}
2013-06-13 20:51:29 -------- d-----w- C:\Users\GrahamO\AppData\Local\{A640ADBE-F24D-4DC1-80DB-B29F1221526A}
2013-06-13 20:05:10 -------- d-----w- C:\Users\GrahamO\AppData\Local\{8343EB04-B828-40DB-BD21-A4872D945020}
2013-06-13 07:47:55 -------- d-----w- C:\Users\GrahamO\AppData\Local\{EFE7F1E8-8B12-44FA-B94C-3D3FCEF0FB75}
2013-06-12 15:40:07 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-12 15:16:13 -------- d-----w- C:\Users\GrahamO\AppData\Local\{A0765830-2B53-4155-B074-A29343D7F7D9}
2013-06-11 10:50:07 -------- d-----w- C:\Users\GrahamO\AppData\Local\{CE769B9F-7107-48F9-AF55-8627ADD4BDAB}
2013-06-10 19:37:43 -------- d-----w- C:\Users\GrahamO\AppData\Local\{06B46BD8-BA52-4BCA-9C0A-6BFCF16B0A57}
2013-06-10 09:51:47 -------- d-----w- C:\Users\GrahamO\AppData\Local\{1D14C8B5-5464-4E29-8828-08E209785AB7}
2013-06-09 20:58:38 -------- d-----w- C:\Users\GrahamO\AppData\Local\{88179468-06DF-430C-817A-FEA931AEC898}
2013-06-08 13:22:11 -------- d-----w- C:\Users\GrahamO\AppData\Local\{D227D4C5-6FE0-49A5-9450-B365BDD68628}
2013-06-07 09:24:00 -------- d-----w- C:\Users\GrahamO\AppData\Local\{31CFD4F4-2827-466F-9567-6470C2F5C0A8}
.
==================== Find3M ====================
.
2013-06-26 17:14:54 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-06-12 16:04:04 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 16:04:04 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-08 12:28:46 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-08 11:13:19 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-31 02:03:37 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-01 15:53:13 175616 ----a-w- C:\Windows\System32\msclmd.dll
2013-05-01 15:53:13 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys
2010-10-11 14:34:39 278528 ----a-w- C:\Program Files (x86)\Common Files\FDEUnInstaller.exe
.
============= FINISH: 0:42:18.95 ===============

AdvancedSetup · July 7, 2013

Hello and :welcome:

Please run the following and post back the logs.

STEP 01

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

Please download ERUNT from one of the following links: Link1 | Link2 | Link3
ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
Double click on erunt-setup.exe to Install ERUNT by following the prompts.
Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
Choose a location for the backup.
- Note: the default location is C:\Windows\ERDNT which is acceptable.
Make sure that at least the first two check boxes are selected.
Click on OK
Then click on YES to create the folder.
Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe
STEP 02
Please download Malwarebytes Anti-Rootkit from HERE
- Unzip the contents to a folder in a convenient location.
- Open the folder where the contents were unzipped and run mbar.exe
- Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
- Click on the Cleanup button to remove any threats and reboot if prompted to do so.
- Wait while the system shuts down and the cleanup process is performed.
- Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
- When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt
STEP 03
Please download Junkware Removal Tool to your desktop.
- Shutdown your antivirus to avoid any conflicts.
- Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
- The tool will open and start scanning your system.
- Please be patient as this can take a while to complete.
- On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
- Post the contents of JRT.txt into your next reply message
- When completed make sure to re-enable your antivirus
STEP 04
Please download AdwCleaner by Xplode to your desktop.
- Close all open programs and internet browsers.
- Double click on AdwCleaner.exe to run the tool.
- If prompted by the User Account Control click Yes to allow it to run.
- Under Actions click on the Delete button.
- Click OK on all prompts.
- You will be prompted to restart your computer. A text file will open after the restart.
- Please post the entire contents of that logfile to your next reply.
- You can find the logfile at C:\AdwCleaner[s1].txt where the number in brackets indicates how often it was run.
STEP 05

Please go here to run the online antivirus scannner from ESET.
- Turn off the real time scanner of any existing antivirus program while performing the online scan
- Tick the box next to YES, I accept the Terms of Use.
- Click Start
- When asked, allow the activex control to install
- Click Start
- Make sure that the option Remove found threats is unticked
- Click on Advanced Settings and ensure these options are ticked:
  - Scan for potentially unwanted applications
  - Scan for potentially unsafe applications
  - Enable Anti-Stealth Technology
- Click Scan
- Wait for the scan to finish
- If any threats were found, click the 'List of found threats' , then click Export to text file....
- Save it to your desktop, then please copy and paste that log as a reply to this topic.
Thanks

gco1133 · July 7, 2013

Thanks Rootkit logs attached after second scan

Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.07.07.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
GrahamO :: GRAHAMO-TOSH [administrator]

07/07/2013 10:41:03
mbar-log-2013-07-07 (10-41-03).txt

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 4
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Replace on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Replace on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Replace on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit (Hijack.UserInit) -> Bad: (userinit.exe,,C:\Users\GrahamO\AppData\Local\nsycuvkh\vyqofytx.exe) Good: (userinit.exe) -> Replace on reboot.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16618

Java version: 1.6.0_17

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.294000 GHz
Memory total: 4156522496, free: 1677037568

Downloaded database version: v2013.07.07.02
Initializing...
------------ Kernel report ------------
07/07/2013 09:56:02
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\TVALZ_O.SYS
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgidsha.sys
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx64.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\FwLnk.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\tdcmdpst.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\CHDRT64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\usbscan.sys
\SystemRoot\system32\DRIVERS\usbprint.sys
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\pgeffect.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\Sftvollh.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\Sftfslh.sys
\SystemRoot\system32\DRIVERS\Sftplaylh.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys
\SystemRoot\system32\DRIVERS\Sftredirlh.sys
\SystemRoot\system32\DRIVERS\avgloga.sys
\SystemRoot\system32\DRIVERS\avgrkx64.sys
\SystemRoot\system32\DRIVERS\avgldx64.sys
\SystemRoot\system32\DRIVERS\avgmfx64.sys
\SystemRoot\system32\DRIVERS\avgtdia.sys
\SystemRoot\system32\DRIVERS\avgidsdrivera.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80057a9060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa80046b6050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80057a9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80057a9b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80057a9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80046b6050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 420C2042

Partition information:

    Partition 0 type is Other (0x27)
    Partition is ACTIVE.
    Partition starts at LBA: 2048 Numsec = 819200
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 821248 Numsec = 487903232

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 488724480 Numsec = 488046640

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Read File: File "c:\programdata\avg2013\chjw\521097ad10979697.dat:07df5d69-0a10-4f60-b82b-3b3ac4814872" is sparse (flags = 32768)
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|UpdatesDisableNotify --> [PUM.Disabled.SecurityCenter]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|AntiVirusDisableNotify --> [PUM.Disabled.SecurityCenter]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|FirewallDisableNotify --> [PUM.Disabled.SecurityCenter]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit --> [Hijack.UserInit]
Scan finished
Creating System Restore point...
Cleaning up...
Removal successful. No system shutdown is required.
=======================================

Removal queue found; removal started
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_0_2048_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16618

Java version: 1.6.0_17

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.294000 GHz
Memory total: 4156522496, free: 1750851584

Initializing...
------------ Kernel report ------------
07/07/2013 10:40:57
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\TVALZ_O.SYS
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgidsha.sys
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx64.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\FwLnk.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\tdcmdpst.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\CHDRT64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\usbscan.sys
\SystemRoot\system32\DRIVERS\usbprint.sys
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\pgeffect.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\Sftvollh.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\Sftfslh.sys
\SystemRoot\system32\DRIVERS\Sftplaylh.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys
\SystemRoot\system32\DRIVERS\Sftredirlh.sys
\SystemRoot\system32\DRIVERS\avgloga.sys
\SystemRoot\system32\DRIVERS\avgrkx64.sys
\SystemRoot\system32\DRIVERS\avgldx64.sys
\SystemRoot\system32\DRIVERS\avgmfx64.sys
\SystemRoot\system32\DRIVERS\avgtdia.sys
\SystemRoot\system32\DRIVERS\avgidsdrivera.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80057a9060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa80046b6050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80057a9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80057a9b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80057a9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80046b6050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 420C2042

Partition information:

    Partition 0 type is Other (0x27)
    Partition is ACTIVE.
    Partition starts at LBA: 2048 Numsec = 819200
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 821248 Numsec = 487903232

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 488724480 Numsec = 488046640

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Read File: File "c:\programdata\avg2013\chjw\521097ad10979697.dat:07df5d69-0a10-4f60-b82b-3b3ac4814872" is sparse (flags = 32768)
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|UpdatesDisableNotify --> [PUM.Disabled.SecurityCenter]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|AntiVirusDisableNotify --> [PUM.Disabled.SecurityCenter]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|FirewallDisableNotify --> [PUM.Disabled.SecurityCenter]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit --> [Hijack.UserInit]
Scan finished
Creating System Restore point...
Cleaning up...
Removal successful. No system shutdown is required.
=======================================

Removal queue found; removal started
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_0_2048_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removal finished

gco1133 · July 7, 2013

Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{90C2C9E9-7911-4A0A-9D5B-4A76A4A1414A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{90DDEEC2-5A6A-40E2-AE4C-511F64DBDFDB}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{90E58E40-0A1A-4483-B37A-C3DAC6652408}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9103FC62-3C05-48C4-ABDA-DE3124A95958}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{910FA202-ADA0-40D5-8FA4-1AC6C04129FB}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9110183E-C51E-49EB-84FB-2D80795D4C95}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{913B5072-DB11-4709-9345-4401B1E6A9C5}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{91604145-F001-440F-A098-CD26127E3AD9}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9169A59A-6438-4E98-A6A6-409D62A6A041}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{91726685-FFDF-4979-91AF-37220D32EB1C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{917326B2-295E-4822-A189-B7E647641CA6}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9185938E-CB6E-4675-A97E-7003FEE915C7}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{91952D49-0366-4673-B6DB-4D91FB4E24A1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{91BDF784-660C-4C36-8F8E-CFC4E7F8FBA9}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{91BF678E-7005-4020-A033-2959844C0661}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{91CB0F4F-A482-448B-BA13-506951E79407}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{91DAF0A5-EF2E-42A7-93D4-022A5172E81B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{91EEF3E5-D41E-4504-A347-4B08415E98DD}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{91FE11BB-0EA1-44E2-9914-2EC7686EF970}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{91FF6297-3203-4079-853F-4089AD88D09C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9203BA5E-5421-462E-A9A6-8CB78440DF35}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9212D5FA-C499-47E9-9E20-297157FAC006}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9237C38F-57E0-4911-93ED-33B5AC0B580A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{92382DA2-BE9C-4EB6-A039-4286A1996561}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{924DFB9D-3DF0-4234-94B0-B8DA8F4C054D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9284C785-343E-49A2-947B-ED505ADF3FE8}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{928FA3B8-C324-408D-A5B3-0ADBBBB4D6F1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{92994C45-B1AA-4B07-950D-DD0A83DFB700}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{92B0B283-C575-41BD-B6B1-AF80EF52183C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{92C8F36B-0C91-4042-99CD-AD1138549DCA}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{93033DB3-34CF-4B3A-9455-0E514099E1F4}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9321DB9A-4B45-44F0-A802-413FEB9B8512}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{932BCBF9-7D6A-415B-9F61-AE5507D40A57}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{932EC1B2-2EBA-41E0-BA1F-07A167C13612}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{93467346-B349-4CB8-ABC4-A2CD8DCBAAAF}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{934ACB9E-1D3F-4972-97AA-2229924B661B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9374C084-42EC-490D-9586-A47850C1BB04}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9390395A-F857-4AE3-82E6-4069C56BD983}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{93BBBEBC-D1DD-4609-950F-89B4B2F36DA4}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{94167E6E-C42E-48C0-BBE3-51B394427D98}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{941D476C-716D-4A9F-B220-1B1A26B7FC5B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{944FEB22-BA75-44DA-BC0C-AF044F0960F8}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{947A9F15-3925-46CA-8745-082F48514ED3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{948C36CA-33CF-4A35-83B5-BD5DF6EE8799}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{948EAF7E-D53C-41FF-9456-74864019FD37}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{949F6426-AF56-4622-B7D4-299241584C48}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{94A1DB55-DB23-4A71-8529-604D841D4075}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{94BCDFD6-6A22-44CD-8755-E28F7073C0EE}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{94C4491D-556B-4711-84AA-2E48A9407029}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{94CE9B3C-2DB2-46E7-A950-B9C3BE19008B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{94EE5AE8-778C-4A3E-A780-341BC87B2134}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{95268EB1-55F1-4181-9517-8BC8498B4828}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{95461CE2-2478-429C-96D3-7141E532AF72}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9585407F-03B2-4C68-AB5B-ED06643BDBA2}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{95A92346-8DB8-444D-8F46-AF5CBB500586}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{95CBFB8E-41F4-47F8-9408-05739ABCFCD1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{95CC9C64-6084-432D-8E9B-85BFDE7CFCE0}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{95CF57C1-9A2D-4B35-8C3B-6A475347FB67}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{95E6D8A2-38E7-4AD9-9B69-0F0ABD22B586}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{96001EC3-7FD4-42EC-9095-8D8C48A0960C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9600BC28-D82F-4505-8C4C-D4D398FDF577}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9600E071-8855-4036-8216-327E0874B2F9}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{961F21CD-C277-4442-8937-A0ED18A4093D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{962F24D6-FC93-43D0-9335-93CF4E051052}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{96A23F51-7357-438A-9995-D5B67D16B26E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{96A536D7-A374-4E83-A484-F2772B8D79E6}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{96E6BA83-5B20-4460-A37F-E5CA71EF3387}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{97093FEC-2E74-4C9B-9F06-6514EA5EA116}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9775A29C-C8EE-4819-AD05-3CCC5D41853E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{977991E5-B4A3-42D2-94F0-80CCB91D7150}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9790919B-7DCC-426F-A7B1-C7CC15795DD7}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{97C134F3-9F0E-43B0-998E-27554418679E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{97C7195B-4FDF-4FD6-B93C-6E9F851D06AC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{97E008EB-3E6D-470B-8C82-CB864B0C204C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{97E9395E-62B4-479A-9D0A-09F4431126DF}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{97EBEFB9-9633-4930-80DF-72AC416F59ED}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{97F40084-1FAF-4818-99B3-256D2A113CA8}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9803123E-370A-431C-90AC-E5DEAEB77255}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{983CA28B-2F90-4F37-9279-E05A7A31DE58}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{985CC96C-EE95-4FA6-936A-3E494B43B6C6}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9865D287-5BC8-4419-BEEC-6128BBD55409}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9896B3CD-7AD9-4D22-869D-C45999C40799}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{98DC67C3-F9B6-47E0-AAC2-0B46DDB149DF}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{98DCE037-48A0-469D-B0AD-2F8163BCA449}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{990A5B4C-F2FE-43C2-BA5D-A50B60853915}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9983B285-0ED6-4AF8-88E7-E77455E163CD}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9988FC47-3047-41ED-A063-048B3D9DAA61}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{998FF2CA-9181-4222-822E-2932C5F2E588}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{99AF0667-E3E1-4D32-8E61-0425EC4F02A9}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{99CFFEE0-00B0-4D12-B924-8680F41EE2F8}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{99DDFA33-1E57-47D1-8F32-0C398377CFFF}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{99E309B7-003D-41AA-BFC6-15B7B4535B16}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{99F0AF04-6066-45B8-92C0-87474E117CCB}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{99F9CBEE-BDA9-47D4-91F6-B87DCA9C4EB1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9A0D4CED-8801-468D-A704-E7B0BC37D562}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9A177EF9-9390-4F51-AEDA-77F47FB0B8CD}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9A64AF0C-BF71-4F9C-B771-FBC18716AB7D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9A651B98-AD67-4FAF-911A-C17B496CE959}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9A70C008-90BC-461F-9B39-2E9796CD83EE}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9AA3E143-1844-41D8-BE32-86791B6099CF}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9AE324E8-BD24-4497-9254-9999E99224B1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9AF8A658-2C13-4CA1-843C-D4A9A0145E4D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9AFCE0EB-D54C-4D48-907B-A43A9BF263B1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9AFDA6B9-FD1F-4E96-8ECA-F8DCDDBA9A07}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9B05BE21-1A6F-4BFE-BCB9-38C80D19E85B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9B150868-E809-4369-BE79-75D958E526EC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9B161CD5-8A0B-490E-A092-EBBEEEE9F03F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9B21BAD6-297B-44FC-8087-D6CED78CD7D0}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9B28A3BE-F297-4904-9F25-404DD0CF7D02}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9B299122-DB9A-4E29-8C14-30D66F8BEB08}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9B53C06C-2EDB-4082-9C94-5CBDE3E77E87}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9B7838E6-347A-4ED8-8F02-31AB57DFB615}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9B9DFEA4-50ED-47FF-8EE3-D577CB22294E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9BA0DE1B-3F03-4F84-B645-7AF5D0D0458C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9BA738B8-4EE4-439A-BCCF-CC1CC9727331}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9BB86AD4-D784-4D59-9446-8E21FF51D84D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9BD0E956-1485-4FCE-BF64-EEBB3167C998}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9BD49A9D-4010-460A-BA43-4DF4EC6DB133}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9BF2903A-B0CA-4D83-BAC6-1DD44589EF68}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9C1540E1-A0DF-4345-8C30-E0DC3AF8E551}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9C2A7104-40F2-4BEB-AFF2-E0350433C870}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9C2D978C-74F9-481A-9492-B99E7963D431}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9C4F0634-3396-40F3-A2D0-82FE2C4B74E3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9C788DC7-F32F-463A-820F-6D06A8997565}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9C876038-02C1-4587-9376-D2C32ABCA853}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9CD79E3A-B765-4E62-8AC7-3FAB169446D3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9D0A62FC-15A3-4B58-83E8-694250DFFA08}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9D3DC4ED-428B-4FDA-93F1-99EEA30427A5}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9D47D6E6-5CBE-4549-80D2-9251192E5E90}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9D6ED365-FC21-4191-BCBC-861B903D8C78}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9D8920C9-BAE6-4134-B24A-C74FF100CF6D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9D97E11A-B219-4737-ACFF-2ED8DE6EA158}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9D9FA6B1-7EA2-4FC8-9C88-D4C3BF9B480F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9DA151D2-A9D9-4512-9B0C-C3FE589FFD5C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9DA2223C-7AB9-4708-A731-AE7B857C7B2D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9DA5F4F4-86F2-422F-9787-2E9A16B9CC58}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9DCFB5B8-BAAA-409A-9299-B61F15E18403}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9DE8E552-B750-44B3-8A4F-1627577E0961}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9DEA086B-D66C-43D3-936F-6BF6E5080850}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9E2AD23F-E0AA-4E28-8501-58C5D4B85F06}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9E49BE69-5854-4FA0-ABBC-715117667FF5}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9E6DF770-CBFB-45F7-A328-79BE575061CC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9E8D5F96-419B-4A14-B185-291C87D39E59}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9EAA4BB5-2953-4B83-ADAF-04E88D394190}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9EBB9069-5D62-4064-8561-0245B2FDBA90}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9EBBA3E6-7D46-474B-8BDB-0B121551DB15}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9EC86966-3393-42C0-AA24-04EEAF685ADC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9ED43A73-1D2E-41C6-A4CF-455F3BC44270}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9F03C90A-CAF2-49B3-8415-B949950D8FA4}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9F48A00B-1552-4923-BE51-D3FA43FDFD99}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9F4BB401-08CA-4EA0-B818-71597557133D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9F4D321E-C661-4E18-AE51-BA8C83667B11}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9F5A57C7-7ABC-4033-98A3-EB4F2198F615}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9F5D4A25-5409-410C-A249-C4E62925FAB3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9F69DCC2-F81F-4FE4-A360-3AEBCA3FA7E4}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9F7B2556-686D-433B-A719-AB23DDFB034D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9FD3923D-90DF-4F84-90A6-3D48E619BE29}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9FEC195C-811D-44DC-9E88-EFA93B33054D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{9FF664B9-46E5-40C5-9D13-BD6C0275996A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A0134386-E031-42E3-8820-BC337102E782}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A019E5CF-D817-4935-874D-1296EB7764D2}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A043077F-BE1D-4E87-AA5E-43397C396C43}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A05279E1-0DE8-4FB5-B8BF-D43B09AC515F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A0602CC0-12EA-4B80-A625-C680FB61791C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A0765830-2B53-4155-B074-A29343D7F7D9}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A0951327-977C-4F59-8F23-A2279C725A12}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A0EDE951-A249-4AE2-8605-69845D0A08B0}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A1232700-5D7B-4673-A71E-BB31CA4DBA71}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A124EC42-5696-4C15-9F76-4B5401D8A578}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A154C68B-A53C-44D6-AFE5-CDE20E0BF1FE}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A15A853D-F6E8-4116-89AB-9A25A8867E91}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A1732852-B673-4BAC-9EE7-5EC2FC14DED9}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A174C412-F45A-4C23-8E9F-37C68CC677B4}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A1936F77-2D0C-42B9-8093-534B9C61F3F3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A1C3D670-9035-4C9D-8B71-4E51437BCA7E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A1D83BB6-CC90-47EC-A918-615DAEE12E9C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A1DC1235-7C03-429A-88C6-A6949C8682DA}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A2038441-09E9-4429-B4E2-C87DC04084F1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A2073008-EAAC-4209-9FD5-E8222A442A12}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A210F74B-1C84-4E8A-ABEC-98B193B033A6}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A235A39E-9EED-4D1B-99FF-5332BBCDC923}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A270D03A-C447-4C05-A7D9-1752B3577C12}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A289EEE2-8C72-4CA1-8C40-CA85096484F3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A28D1A49-ACC8-48FD-AB00-0979114C39DC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A2AE46F7-AAA5-40C8-A7A4-64066BBA7787}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A2C429CB-1C6A-4D6F-8EE8-E343C7365B84}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A2D82572-9513-4C5E-AE84-5A10A34E0C56}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A2F40614-FD04-416E-AF34-BFC81E98D283}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A30BB6FA-FA97-49C8-8DD5-A92E7ED2BE78}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A3189494-8FD8-4163-89CE-CEDC0A183B75}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A343FEFB-6877-41EA-A9F6-C00E4061EBD8}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A34A0913-27AA-4D62-8E06-6A5DB52A7010}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A362ABA6-D18D-4555-BE49-D9D27E9E71B6}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A3A661CA-0142-45DB-8C76-19C8336E53DC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A3C3298B-B828-4906-A9F7-AD33957B5A2C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A42F47FF-55C7-4E18-A0B6-84806348716C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A43131DB-8F4E-4DED-B4F1-BFC2FF8EC68E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A432AF5D-B774-46C5-8FF5-74278C20DE38}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A434A73C-F870-4B3D-9977-F2FB7E9A0B37}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A436FDAA-4CF2-4076-8B4B-61517EFF87AA}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A4471F19-743F-417A-A6BD-F0B31B69C40C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A456DF76-166E-4DF2-BB28-10E3AF65480B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A45AC1FB-8AA6-46E9-913B-B6A882E8C813}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A46D2F5D-7563-4759-9116-22F7C1279096}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A49CF02B-EC6B-42BB-9765-20DDCED0EB9A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A4A585DB-6ABB-4F0B-85DA-67E6FDF75769}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A4BA2911-6FA2-4A17-A2F3-C20EDE059B93}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A4DB922A-AB3C-4F35-951F-13D27E605E2C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A4F063FF-18AF-43FF-B43A-C3A006EE9C1A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A51A6FDE-72FB-4D81-AF81-064E641B62E1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A5240AF2-01AE-4782-A336-B9630ADADC3A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A54EFC7E-1DAE-4B6E-BE71-7391803C7DD1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A59E8CF5-A276-4664-BF94-EED977776F11}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A5A11F3B-0A26-4D51-9D19-97BBEA9820CE}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A5CE089B-9412-4056-B9F9-AE8EFEADC614}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A5D812C6-58C5-4693-A7FA-B8768AF20B6C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A5D9D28B-5735-477B-989E-CE4670C289F4}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A5E3CB54-6CD6-4610-A308-56E1B81004A9}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A632EA0D-D065-40F0-870B-E0D2E4A0085E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A640ADBE-F24D-4DC1-80DB-B29F1221526A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A6697128-27B0-4D36-870F-D960777F723F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A6700F8C-15A4-4A8B-A8EA-2EE9F78BC36F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A68B3793-2FEB-48F8-B881-B79D956FD284}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A6A76C31-EE22-4A23-9A55-6118E1051740}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A6B6AB98-7CA7-4E65-B79F-860EE2B20CE5}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A6BDFA46-443A-414B-9BD5-8D550F31C476}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A6DC312F-69C8-4F22-A945-2C0C7F9EF0FA}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A6DCD07B-EE77-4DF0-9F5B-1161F9A8454B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A6E37848-5F17-4C07-9839-105883EA6674}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A6E7C101-F6A6-4181-B0B4-48235DCD1E63}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A7634883-66F1-4571-9ACE-CF3D806998D4}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A79583D4-7FB4-4789-8BC2-AFC6EC19B946}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A7998230-2FCE-49AD-8CE7-7C0311EDBC40}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A7AD7CAB-7E0C-4A93-810C-A6455D04C40B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A7DF72A8-D868-4568-AA77-199A0DBEE86C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A7FF4632-3D66-4EA6-BAEC-100877BEF96E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A81BB674-33DC-4FA2-9D03-3C4562A844F2}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A83BBD78-3D64-4D55-AA99-175A58249648}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A882AF31-DCBA-49D0-88F7-7BA74CA08DC5}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A88FD5E6-F87C-4514-B866-AB5571FAD5C5}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A8B13C91-4F09-4A81-864C-B32D41456649}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A8C2BB13-4AFB-4C4A-9BF8-132BCBF57061}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A8C2FAC9-6CCF-495C-AB38-FCA597068211}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A8CA66F3-65AE-4799-A3B8-6D2D58D6BE62}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A8F28CBC-59F6-4079-9008-298435F36D0F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A8F5BDC9-C6CB-4CFE-AB01-8B98571BCD85}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A906E6FF-8EF0-478A-829C-986FFE3A7792}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A90DC27F-EF09-44ED-A3A3-5713670F6AA5}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A9215D92-3589-482D-908E-CD2CE13AFED5}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A964CAF5-B475-47AD-AC57-58A8E5C54851}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A9BAF686-5D3C-4316-9773-208ABD4E51F8}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A9BFD2EE-42F7-4A15-B221-A8C0959BB0CF}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A9CC2ACC-B0CF-482F-A711-813D43B31942}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{A9F7CEAD-1F57-4A8D-92C1-7F02B18F0E19}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AA106F88-DA36-4B57-9533-21435C993D1C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AA3F84C8-FF6E-4A97-B5AB-F0D83CBA4696}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AA520445-EC66-4E72-B4BA-C66253509753}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AA6144AF-7E2D-4863-813D-D9357428F8CC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AA9A5488-5BC7-48ED-AF52-0AC97EC4EE8B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AABC7109-9D24-41DE-9CA5-FA32F70ACE54}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AABD6D1E-EDAC-47C8-864A-8CDE564EF715}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AACDD0B2-31A6-4567-8EB3-DC01A35867B9}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AAD82743-AAFA-47CC-A910-3D945C583D4C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AADF3BFD-B5A7-4E15-941A-5AFD8ACCFBC8}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AAEB8785-CFE7-4365-B166-B98134B8D323}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AB00B400-276F-4058-A4DB-AA78F3665E10}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AB2D4F17-2164-4001-86F1-268BDA97354F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AB3DA6D1-4336-4323-A1D5-872C7B4D2404}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AB4CE939-FD58-476B-87C8-F9626DFF893D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AB8BC9FE-677F-447F-8AE4-CFC9C621F484}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{ABFBA2C9-5713-4840-AA91-F94F4F39215E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AC145C2A-7DAB-4E23-8ADC-FACCEB68C94E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AC311659-E227-4D6F-A7B0-1B83DFE5A79C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AC345A2A-B2BC-4B2F-B88A-40BEBFAAFF05}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AC54407F-B5D0-47E3-8908-75A6EFE6EE01}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AC5EA2F7-EA0C-4E43-984A-27F4D8E0B348}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{ACA11095-78F1-4611-B7AA-5AE0602F9C24}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{ACA6B2E9-716F-4475-AF45-6C5A03A61DDD}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{ACCC19FE-1925-4754-8881-0947A046456F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{ACD21612-B0D3-4D9C-B34E-8AA8734CB1F2}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{ACF52A75-41BA-4C07-8119-3AF73884716C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{ACFB721F-70B9-4728-8161-2FCB20B14C41}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AD025714-2F27-40F8-A60F-3202F3C78BDC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AD16CE10-8C64-432D-A3FC-D8538CD95AA6}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AD21C512-D770-4F3C-A5B6-485087BE30FE}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AD4E575D-05DB-492A-86FE-72C0EE352741}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AD6A4D92-ECE3-4B55-BABC-91691B85203C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AD6CA793-5885-4564-BEAC-E2C274E98B33}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AD74C832-D1AA-4B18-B249-C74BB2D6CEC0}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AE2DE26C-6A23-412C-9C9A-0362C1BB3257}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AE2F80CA-1F54-4E9D-9CB2-9516FA579988}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AE4238BA-9725-47A4-8954-C561C6F58D6C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AE530ED8-1077-4DB9-9091-987B50C5D319}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AE72C26C-2D15-42CC-9983-4DCF0ED8EE0D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AE830192-F82F-49B0-82DF-50541E781EE9}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AEB20CC0-22D9-4E36-B60B-443A99A7BA33}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AED82135-0AD7-4E00-A8E5-9A1CC30BF6CD}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AEDAFF50-283C-4A2E-948F-73DC7A0F95DF}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AF5CA0D5-A36B-4B72-A4FF-DC3E93F6CFEE}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AF75C181-6734-4736-88B7-6B2B8F92BAFC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AF9E3C84-7B63-4506-827B-4B30F29AAE05}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AFBB79A0-7B53-4179-9AAA-70AF204A2E73}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AFD901AE-10DB-49B6-8050-75FD4C8C16F2}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AFE9E561-5FDF-4E05-B2CF-D890E9B9412C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{AFFAE434-76F1-49D7-ACD3-69C8C5956101}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B03885E2-BC8C-4D66-945F-AF372123A1FE}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B03A7D27-544E-47D1-BE6D-CC6D7A37EB02}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B04B4289-C014-4031-9C61-4D6525403767}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B05938D3-894E-472E-B443-8268DB152995}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B06B309D-D07B-432D-A31F-4DACB4EB8671}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B0743887-123D-42C5-8AD0-6229E8F5FA45}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B0750B1C-1013-4F70-8A03-ADD39A51B892}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B0762C8B-D4D2-4C49-A89E-F7793511EE4F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B0A49EDA-EC73-42DA-A086-6DBA8DB839BA}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B0AA85FF-6FF2-4B57-82E8-AB28792CE0E6}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B0CD0E1C-6DD5-4A11-9B5E-A289AE401402}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B0F712A6-FC5E-4D5C-A6F4-4EF7DABB4B5A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B0F99D92-1917-423F-BA47-791D30E6C17F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B0FBA610-A15E-459C-9DB3-195D8E246B0E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B1025652-65C6-4D51-984A-F596FDB8C81C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B14E297C-EBB3-4215-B3C0-506BFFE72961}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B171BABA-9E56-4CF5-832C-753B421B62D3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B1A491BB-10EE-4CF3-88BB-495EF234B33F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B1AC4DAB-3E10-4F4F-863F-89F2B127407F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B1D12F7B-8D3D-484F-A407-80C5DFE37910}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B208668B-4ADD-41CB-A43F-6A05B492C039}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B211F75A-17C3-4B90-8A98-6C30A98F4B3B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B2299FFF-9386-46FC-9A3C-F2DEE9F57310}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B25ED49B-EA73-4193-83A6-D229DB99265F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B267E077-2287-453F-8515-B9B6E69CAA03}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B27BC077-FD30-40C6-AEAA-255E029BD818}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B2970920-97D5-4779-B814-F90487109A1A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B29DD5F9-A29D-4324-91BE-E62F5EDBA862}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B2A572AC-0659-47D0-B09A-E013989103A8}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B2B6D3F1-2C82-4E86-97BC-8CBCBA6E7F7B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B2B919F0-8187-4AB9-8687-8BE6D2CE92D6}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B2BE254E-7CBB-44D6-90F1-6AA56455689E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B2BF7235-4C2B-41F2-A6B0-EBDBA8D42744}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B30B50F6-CD79-457B-86D3-6E0E96A0C936}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B3392CB5-7934-40B3-80E8-8A36CEF97373}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B340D0E6-70E1-426B-B040-B3F4DEE68FED}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B35E35E1-61CB-4D1F-B907-CD46F337665F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B37915B3-8165-4BA9-B4E9-05C30FEBF8AB}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B38E377F-8EE6-4DEC-820D-B2720C6EB198}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B3CCDB24-E579-4687-8600-4C7F01FB32F7}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B4143C07-094D-48F3-872F-4881CCA02C96}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B44B6D87-255A-4989-80A1-4D465EA60191}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B464EA22-B788-4AFC-A356-1425B2DB660B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B474BAC6-DEF6-428A-8D5B-4F14DBCEB1EA}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B4B7636A-C8BF-427B-87CC-D5B362928A88}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B4D2EE4E-FB2A-41C5-A3CE-D3A8FE44623A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B51EFEA9-B3CB-4535-8933-EABBBF372A92}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B52C079F-9EF8-42D3-ADA1-D3C5121E1754}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B53C7215-B34B-4047-8B6A-7137D0916C0D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B5545DE5-1D3E-4891-BC9C-722F76ACC3AC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B580E49A-4C1F-4EEF-96D9-65936C7ADB34}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B5904E88-54D9-4BB7-81E9-BE1F54838F47}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B5AFA612-61C1-4A24-8EFE-8348E2C6795C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B5B4CC79-FB6F-4000-A1CA-99DB9CF87535}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B5B8EF1B-394F-4DA5-9EC3-FD76E6769E57}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B5DAA988-F630-42FE-BA2C-66FD84AB753F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B5F1A4AD-92A5-48EE-822D-2103B8BE7B47}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B5F7E9B3-30E4-4429-93EB-D17E462B08EA}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B60A7FC4-7FFF-4F59-A721-93D11754B8AB}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B6218C9F-F70F-4A44-8150-4AD4EBD896D3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B62880AD-7B01-4561-94BF-27A7F2E21ABB}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B667001B-6CA7-4B03-BAE7-4613B36A2743}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B684F19C-D480-424C-AD7B-F7D03985B4E3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B68684F9-CF26-4601-ABC3-D3DCF407BF6D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B6A84B2D-B127-49EF-A170-7BCA2BD7886F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B6AA0F94-3A9C-4394-A263-13ABD7CEA8CA}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B6B0460E-0F35-42D0-9015-DB45496D3530}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B6C5C352-3A15-4EAD-BF72-DB760D40EE16}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B6D34CF9-ACD0-4AF2-9CE6-743ABB04647E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B6EADC46-6593-4851-BA3B-5E029764513F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B72C0318-90DF-40A4-B93D-FB31B827DB06}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B72C458E-3903-4D95-BE13-82664CBB48E1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B731A84E-CEA1-4BAF-B1E4-EF4B287676C3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B7703F3C-4EFB-4658-A6C8-DE816F3D82EE}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B7807961-5C1F-4578-9EDD-0EEF3F51A621}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B7953980-4758-4994-BE7F-7336A87BCCC1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B7B32240-2AD1-49A5-BC06-7BD9809FBEA5}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B7B699D4-C853-4CBB-955C-0F234638BB05}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B7EA8203-CBE6-42BC-9E56-902AE9280746}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B7F9971D-6DFE-4034-B8BB-76EDCCAA87B3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B800F6D8-80C5-4C1D-B45D-30160FEB5F44}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B82EF483-2E7B-4DF9-A0AB-2856BD98F6C8}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B86C1364-117F-4B1D-B05F-0EBF09EAAF77}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B86D4314-09C9-4FF5-9389-E024410000FC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B891D133-45A9-4601-AA25-E6F19316D611}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B89486CA-21C7-48B4-A669-7BEB71E86C66}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B8975F24-7CCD-44BA-9047-83DD937106EF}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B8A38A6B-ED2E-4F06-A994-2C83A60916DE}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B8A5B87B-60E7-48BD-81EE-5CD0BCC37A0A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B8BEB50D-0B96-4161-9C50-B23A11AAB498}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B8D87977-6C85-48ED-8838-62BB1318D882}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B8EB90C2-820B-4584-8284-053D7E8CB896}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B9001748-AA5D-4B94-9979-E3D03A044EAE}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B9058389-6FCC-4A7E-8EC8-08E779AE7DC3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B94B55D9-5C54-44A7-AF4C-3FEC5CDC8B9B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B94D8B45-8FF5-4F0B-950C-EDB7AB010A3C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B96A1D4F-7FA6-4C37-8852-CC18545618B4}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B995BF82-CA06-4024-BC37-1EBAF5D8607A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B9A39921-F007-450B-825B-3761496410CF}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B9B62AF9-9584-415C-A8B0-8F33A77C9CA7}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{B9D4FDE0-DAEB-4A8C-A405-E227D415AF4F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BA170731-7409-4B12-AEC5-AA41F93977E1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BA49D247-44DA-49E2-9B89-47B45CCFA807}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BA62AB96-C965-45ED-8A24-B23125C332BB}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BA68163A-FF28-4F8B-B8E8-C68FEC894F7F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BA79F711-B593-47A4-AE2B-D2B90FEDEB31}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BA8FEDE3-1BF2-4BB9-8E6C-3A1FD2D3E1B3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BA9CD5B9-794F-46C3-86EF-C534EF689DC3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BAA131C0-DD6A-40DD-88AF-ECE65BACCA05}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BAAC0D66-540E-4E94-9182-B4C4A6996046}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BAD9DAD1-6269-49AF-9111-BD0B99F546C2}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BB0AE6A8-F5E0-41A2-B573-6AF61B8B5878}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BB24E554-9584-4838-A1C5-49A63B933E83}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BB5554BD-F6B6-4A83-9623-AED64BD45775}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BB7E1140-38A6-4BFB-B98F-FA22A24DC128}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BB7F4065-C941-4CD3-8D3A-1ACAC61C76F6}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BB82AA6B-26AA-430A-8C1C-C9188BF0B435}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BBC2B224-532B-40AF-8809-D3144AF59CF0}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BBCF729E-ADEA-48B7-9460-71F8A0911789}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BC1DC901-90FA-4DA4-9D30-BC1F33C7A317}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BC25C4D9-879F-49A1-875A-4AC16C64496B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BC737EE0-ED06-4A59-8BA3-342CCC8FB44C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BC9D5624-47D5-4DD8-99E3-D40CE8F234E5}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BCABF7F8-153B-41A0-9FA1-7DF32D13325A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BCAD672B-304A-46D5-A771-87AE1567FC93}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BCCF35EC-0AED-42BD-9F0E-4CB390F65511}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BCF93A35-41DD-45D6-9CC1-2DC5FBA64708}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BD14DA48-6F2C-4B99-A2C6-4D9DF66590F5}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BD17475D-38D0-41F4-8C5E-FA8108C19CE4}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BD2550F2-1CD0-46D4-A513-13A81CFD552B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BD274B70-DE05-432D-AF09-375578443DB6}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BDC5ABAF-63FB-4D39-B02E-ADA535B5AE95}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BE19855C-FB4A-47F4-9F11-062621B9FF9C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BE453D07-CD49-46B7-8A33-1DF1D0E52D4D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BE5C50AC-E665-4938-A992-E41995A1C79A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BE677C4A-6D89-498C-B843-2E341089E450}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BE921FBF-D6E7-403D-9D47-B728F54DABE6}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BEA32FC9-B12E-4692-883A-1993CCC53EB3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BEC54FEB-91D2-4EC3-B2E3-84DB315793A1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BEE5750F-D2D6-4BE0-9772-5EAF717DC1D4}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BEEAD6E4-E258-4E15-A3D1-C01B9A64D458}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BEF134BD-5D44-460D-817F-ABD5B477EA97}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BF49B3D9-767E-4D30-91D3-6DD1C5275963}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BF5865AE-D939-4044-A4EE-3A51EB6A8341}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BF6C18AF-4801-4182-9287-F345ABD69251}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{BFC112A9-6559-4E9E-AB03-41565D94FC31}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C02B1742-13FC-4911-91D8-C3E74A376944}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C04B0310-82D6-457A-AFA6-AB094CBAA4F6}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C04F37CF-A0B1-42C2-9027-70F35DD4A1EA}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C04FD10B-66D0-4DDB-BD19-BD89B4381929}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C08F9927-649B-4A04-BD4F-C36BECCE5707}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C0D84DA0-1290-4AB0-B7AE-2361AAADB522}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C0ED2733-2D43-4AAC-9D2D-E37614F928ED}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C13E8D33-EF1B-4A43-ABC8-3B4C0BA6F2AA}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C163DADE-B463-489C-B0EB-E57A4C38939A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C1692ACF-C366-47A4-872B-0379D0A54161}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C16C805D-D3E1-4D74-80D0-83A15DD23751}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C1AB088C-2D69-4165-8218-118093A47175}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C1BCBFEA-14E0-4254-953E-8B6B9CA78B87}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C1D93E06-5FF1-4EF9-A3F6-51FB7C9BE9F3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C1FE932F-B6B9-41EF-B000-9F7E36D63F75}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C2230158-42A6-4F4B-9C8A-10FEB8F6B02F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C229A5E9-4913-420D-A459-FBF624BF72AD}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C2A0A62F-FF66-41A3-94FD-2CEF9F8EF9DB}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C2AD630C-8F55-4C6F-8748-37F4EF829BB2}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C305587E-0BF1-412C-854F-1502D51EF31D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C30CDA7C-70DA-41C3-9015-DDD3440F988A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C3A91720-655A-47A8-A7F4-3E3201219B3E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C3D41BDD-2B48-4581-9532-519332014DBB}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C3E7E198-44AA-4095-B2BC-D89D9F6E80CE}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C3F13392-98F8-49A9-9073-65C6323C9E25}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C3F6C1E7-5F97-4FFD-8915-CCCDB7C9FC0C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C4310550-FB39-42EC-89CB-3A0D31ED4E84}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C437723B-5984-4283-9C06-8A656DED5783}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C455F6F1-8912-4207-AE72-97E459471F37}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C46706B2-F30C-4EE1-9229-9053A51D8214}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C4774F5A-5ED3-4177-978B-D8C40C7405A3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C48F498E-9111-4931-A6E4-2E97EDD34B01}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C4CA94CC-9C57-48BC-B7CC-C12562524C0B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C4CFB5FD-B52C-482A-9692-C1DD2EC9D581}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C4F1DA49-D0BE-4A49-9150-F70FC3609636}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C5084D00-E7E9-4D8A-AB78-94875362680E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C510DB82-E525-4A8B-9318-634952AF6A30}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C5267E77-7F81-4839-80BE-E1230A0CFB27}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C5336D34-B92B-4FEC-A46B-C88AE57FAF10}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C5716453-1A5E-40DE-8026-FD5981A7A957}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C58EF1CE-28AA-4C04-BB96-F4EA529950CA}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C5C9A2A4-AA84-4D3F-A3B6-484CD470DDC0}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C61052A4-6B7C-432F-863D-E0579202C46B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C6161E11-B97D-49DC-A537-55F4FCCCA217}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C62A3DD8-BF04-49DF-A88E-417C5FB560E6}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C63242E8-1823-4B5C-BBDE-EE19C7A80DDD}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C6BC8EEE-2E6E-4BE8-85C8-9A64E0AF45EF}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C6D46BB0-E852-4C34-8FC4-0B6515B85F35}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C6DB86C2-B947-4CA5-A479-CAB8E88F59FA}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C6EA58B6-B4C3-4E30-B0AC-E1A3A809C333}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C6FE8A06-9249-417C-BE0B-2CFBB17F9F99}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C74C5FD7-647C-42FD-93B0-18411840F0E9}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C7510CEA-524B-4804-B5FE-C5C7A169913B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C758CF1E-BE98-4A5E-883A-1A5DD27B123B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C77037EF-419D-4B27-9EDD-3633BF862148}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C7961F0D-8599-4F39-877C-EDA0FA92418E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C7A575CE-F5A2-41E0-A6B8-12C3DDDD044A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C7D881CE-9489-4543-8BAD-529FC464D6FB}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C7FC2E88-11D5-4AB8-8FFB-E52733F4C037}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C80191A9-31B3-4FA3-A1E4-A6CCF606867E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C80D8DD8-B9D0-4796-8FCC-924D4EB9B623}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C8255550-E2EA-4E2A-8DC2-E5797911D48B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C825D88C-0777-43FE-9AF1-7B2962420002}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C847A278-EA9A-4537-A19D-6CB9DDF6F24C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C84AF6A8-D820-4F35-B727-ED28E3354FC0}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C86C03CF-CE7E-437F-9017-1C5EFE91AEBD}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C88248F2-E975-40A8-BCA5-508B3AE977D7}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C8B55119-D5EE-405C-9883-C4A81B7A7E6B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C8D17D68-F497-4A63-9A99-54FB916DB79F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C8EF19EB-736D-42D5-96C7-C2FCA6B86D99}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C91DB20D-D5B9-4150-AADD-ED19B977C3E2}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C93F47DB-674A-4993-BE0C-97621FAFAA0F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C9604DBC-5486-490F-A358-59795E939B44}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C96AB608-4B34-4341-9240-F2B15A6C09E4}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C97CD141-8011-4B98-B782-5D15C9E8BF9D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C9D8CCCC-4736-4848-BEBB-F4732F064563}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{C9FAFE57-1DDF-404A-8762-14144DD1135E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CA120A6B-6A80-4792-B946-4D8F2E450751}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CA269BB3-D14B-4571-9979-CC96BCD1005F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CA29DA7E-985C-4B74-92DE-CBE3F2591B40}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CA70C9AE-6680-4BFF-893F-11D48032ACDA}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CA7D3AB3-D7B7-4BB5-90A6-383A7555C7F2}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CAA2CB2A-3C3D-41D3-9CA8-B6DA02B7AA69}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CAF7C1E7-011C-406A-B360-D09069DDF298}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CB1494D3-A838-44B6-BFED-64DACADFC9BA}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CB472EFE-F496-4807-8091-38AD3A1A98C2}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CB661036-A437-4070-849A-34F08C1B5A74}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CB7DED41-FC55-41B7-8FDC-5F0A32F8083B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CBA1ED59-EBA4-4489-9C57-6141D3C3165D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CBA6B5C6-CB9E-4DEC-B60A-DE3E7D852557}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CBB06031-C6FD-4C69-ADF0-D8FF0DF0F97F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CBFEB15E-C714-4033-8844-97B6187FD676}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CC03919B-DC56-40BB-9D32-C2F8107CEE02}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CC0851A2-5D39-4093-8637-E4C3A571C3FB}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CC17F4FD-843E-452F-9373-2AF8F31476AE}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CC35DCA5-AFB2-4D55-86B8-FE11E0483865}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CC48B4BB-E357-414B-B9AC-E93BA92EF770}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CC4B3FC2-2CB9-477C-9796-D576A29B648D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CCE77B32-0CF4-4669-9227-DB92CA7AA0C4}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CD1B2446-A534-47C5-9C47-9248ABFCDCE1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CD83D570-2A4F-4E0C-BC68-7652B1B56BCE}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CD84F82F-65BB-415B-9992-A7437ED08952}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CD8D5A45-E85D-4D98-BD91-63AD1161C75D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CD8F71A4-5083-488C-9CD2-8B29D7450971}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CD9152D1-7997-48E4-8631-A7F494570B8A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CD9FC963-4573-47E6-905E-49EA5CDF82E4}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CDA77AFF-6BCB-4A2E-BECF-73B11AFD27ED}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CDB525D7-9E59-4A46-9026-F202C89F765B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CDC12DD6-1964-47A0-87BC-2BF579B02EBC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CDF0D3D3-7C8B-4055-AA6F-477AEF25E668}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CE22900F-2A34-47D4-B8A0-DDC87EC0F416}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CE3C577D-1B3C-458D-99F4-1DA5EF39AD1D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CE4FCF89-BD4A-45CF-AC88-29AE145524BC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CE566FEB-F3AA-493E-A8DC-8517F86757EF}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CE58AD97-372B-48E4-BBC2-F5B044E7C279}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CE769B9F-7107-48F9-AF55-8627ADD4BDAB}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CE96719A-9707-4FEE-AB1F-E0CAB7019CE5}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CEC50493-4A99-497C-966D-796B9FA86992}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CEC69916-8FE2-40AE-945C-AAC908EF9436}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CEDB0B92-DC5F-4F4D-B9AE-13610C3B7750}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CEF32A35-FA94-4142-B007-D9B73AF45B31}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CEF75FD7-E1DE-4F1E-8AB2-8784BCC6A5E0}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CF5A5C5F-FCFC-4D47-BC7C-B5B2E638B91B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CF6FA2C9-40D1-4C76-BD2F-8BF2A85C3B2D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CF85EF62-8734-4B62-8B3E-620D07FBE47F}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CFA1057C-AD0F-4301-BF19-473E51E5C370}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CFB9BCEA-0CBC-4898-AC01-3E49700046D1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CFDF6C8B-C67E-4753-9E33-7D41EF8CA2D1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{CFE2115C-400C-43DD-BDB6-C8D8745BADC3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D00A6814-C204-4291-A4A7-A64E9C79B0DC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D01E690C-9522-42C0-A53D-5BC8C3D2D1C9}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D021E146-3522-49FB-9763-D0DEB77EFFB4}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D0414C5A-3FAA-403E-AB46-76E29F35444B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D09B1D2C-F186-4586-B85D-216C00950682}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D0A73A61-5678-4BE7-8D31-66274AF58C54}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D1010C3D-9798-42D4-BC1A-C8E6F9AF151D}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D10D3769-E029-4016-9547-CC37A200BBEA}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D111C5E5-CC9E-4D9B-A29D-F5716F13CE30}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D1145409-2396-4FE0-80B3-2B076F260438}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D11627AD-0D14-4374-A3CA-C4F719465ABB}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D1167CE6-D69E-4D6E-9249-BC41151D2531}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D11F1906-58A8-4073-86E1-96A9B07078F0}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D153DB68-EE80-43AD-8D9D-F58444A97FF2}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D15A7467-ACEE-4EA2-A0C1-7D6D1DCBC1CC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D15F4540-9172-4FDC-900A-BD4322947493}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D164C26A-2B4C-42DF-B5F3-C9A63DF70D03}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D181542A-D6A8-432E-97C1-A7A61F887FF1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D187B6A1-730D-4DEB-8150-242CD2245033}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D1A84535-3CED-4ACF-8A3C-805A022313E3}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D1D45253-9CA6-449A-88B7-02D70EAFD35E}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D1F8A664-61A3-4BB9-9C96-B255437B5566}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D2118F5A-8357-409B-A36D-CF78B217A8A6}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D2127B67-33B0-46F4-BB9E-87098DB18C6A}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D227D4C5-6FE0-49A5-9450-B365BDD68628}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D240D1ED-41C2-46EA-BB4E-355F5B295722}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D2495E48-BB8D-4F8F-8DA8-45C6DE796FA2}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D25D734F-F0F9-4F29-9CA4-547853F9CF68}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D27CBB4C-3A2F-4DAA-985A-683D7D174FB8}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D27D12F9-BE4A-445A-8FED-65FC93CC4E6C}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D27DF61C-2034-4113-AFB4-EE6E15BA5422}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D2A05BDB-0396-44AA-A37D-B4DB0D726365}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D2AFA5C9-CEDC-492A-AD16-10E860FB26F4}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D31EA005-B087-40FC-B48B-61D821ACC58B}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D34A26A9-1569-433C-8741-B8EBD9FD5FB9}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D369C803-7271-4B0C-BCC8-BA3B697232EE}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D3A0DD4C-8E78-4A33-A4A6-7171D4EAA899}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D3DC506C-26FD-4347-9BCD-517F5DB276BF}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D3EDB1C1-C55C-4E2A-88CA-BF2F70F5A8BC}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D3F12740-CD54-436F-A887-83B52BA9A649}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D409F9A6-586F-4009-B72B-7F432389E3D1}
Successfully deleted: [Empty Folder] C:\Users\GrahamO\appdata\local\{D43164D2-2CEC-4E67-BEC0-86053639A898}
~~~~~~~~~~~~~

gco1133 · July 7, 2013

gco1133 · July 7, 2013

# AdwCleaner v2.304 - Logfile created 07/07/2013 at 11:40:28
# Updated 03/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : GrahamO - GRAHAMO-TOSH
# Boot Mode : Normal
# Running from : C:\Users\GrahamO\Desktop\AdwCleaner.exe
# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\Public\Desktop\iLivid.lnk
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files\Web Assistant
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Users\GrahamO\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\GrahamO\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\GrahamO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\GrahamO\AppData\Local\PackageAware
Folder Deleted : C:\Users\GrahamO\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\GrahamO\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\GrahamO\AppData\Roaming\Mozilla\Firefox\Profiles\y804vfuy.default\SweetPacksToolbarData
Folder Deleted : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Swag_Bucks
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\GameTreatWidget.GameTreatWidget
Key Deleted : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{103DFC4E-147A-5606-9B4E-1C216DF227A1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{85675E8E-5807-456E-8005-29ECDFB5AA98}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\Software\Swag_Bucks
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{85675E8E-5807-456E-8005-29ECDFB5AA98}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C295CD14-077B-40C9-BF4F-6C6E482FB693}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0E5F446-71A2-4F5F-8926-455DB230007F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96E2E493-C484-43E3-9B95-D62EE7D40D3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Swag_Bucks Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\SOFTWARE\Web Assistant
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-GB)

File : C:\Users\GrahamO\AppData\Roaming\Mozilla\Firefox\Profiles\y804vfuy.default\prefs.js

Deleted : user_pref("CT3289847.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Deleted : user_pref("CT3289847.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3289847.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3289847.embeddedsData", "[{\"appId\":\"130068661007799818\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3289847.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3289847.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");

Deleted : user_pref("CT3289847.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.mozilla.org%[...]
Deleted : user_pref("CT3289847.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT3289847.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3289847.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3289847.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3289847.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT3289847_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("extensions.enabledAddons", "plugin%40yontoo.com:1.20.02,%7BEEE6C361-6118-11DC-9C72-001320[...]
www.|apps.)?facebook\\.com.*");
www.|apps.)?facebook\\.com.*");
Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

-\\ Google Chrome v27.0.1453.116

*************************

AdwCleaner[s1].txt - [370 octets] - [07/07/2013 11:40:03]
AdwCleaner[s2].txt - [28373 octets] - [07/07/2013 11:40:28]

########## EOF - C:\AdwCleaner[s2].txt - [28434 octets] ##########

gco1133 · July 7, 2013

Operating memory probably a variant of Win32/Ramnit.L virus

AdvancedSetup · July 8, 2013

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.

If any infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

Once the tool has completed scanning make sure to re-enable your other security applications.

gco1133 · July 8, 2013

09:21:56.0085 3784 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19

09:21:56.0615 3784 ============================================================

09:21:56.0615 3784 Current date / time: 2013/07/08 09:21:56.0615

09:21:56.0615 3784 SystemInfo:

09:21:56.0615 3784

09:21:56.0615 3784 OS Version: 6.1.7601 ServicePack: 1.0

09:21:56.0615 3784 Product type: Workstation

09:21:56.0615 3784 ComputerName: GRAHAMO-TOSH

09:21:56.0615 3784 UserName: GrahamO

09:21:56.0615 3784 Windows directory: C:\Windows

09:21:56.0615 3784 System windows directory: C:\Windows

09:21:56.0615 3784 Running under WOW64

09:21:56.0615 3784 Processor architecture: Intel x64

09:21:56.0615 3784 Number of processors: 2

09:21:56.0615 3784 Page size: 0x1000

09:21:56.0615 3784 Boot type: Normal boot

09:21:56.0615 3784 ============================================================

09:21:56.0615 3784 BG loaded

09:21:57.0255 3784 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

09:21:57.0271 3784 ============================================================

09:21:57.0271 3784 \Device\Harddisk0\DR0:

09:21:57.0271 3784 MBR partitions:

09:21:57.0271 3784 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x1D14D000

09:21:57.0271 3784 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D215800, BlocksNum 0x1D170030

09:21:57.0271 3784 ============================================================

09:21:57.0333 3784 C: <-> \Device\Harddisk0\DR0\Partition1

09:21:57.0489 3784 D: <-> \Device\Harddisk0\DR0\Partition2

09:21:57.0489 3784 ============================================================

09:21:57.0489 3784 Initialize success

09:21:57.0489 3784 ============================================================

09:22:52.0969 4636 ============================================================

09:22:52.0969 4636 Scan started

09:22:52.0969 4636 Mode: Manual; SigCheck; TDLFS;

09:22:52.0969 4636 ============================================================

09:22:55.0570 4636 ================ Scan system memory ========================

09:22:55.0570 4636 System memory - ok

09:22:55.0571 4636 ================ Scan services =============================

09:22:55.0859 4636 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

09:22:56.0009 4636 1394ohci - ok

09:22:56.0113 4636 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

09:22:56.0143 4636 ACPI - ok

09:22:56.0215 4636 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

09:22:56.0322 4636 AcpiPmi - ok

09:22:56.0654 4636 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

09:22:56.0678 4636 AdobeARMservice - ok

09:22:56.0999 4636 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

09:22:57.0022 4636 AdobeFlashPlayerUpdateSvc - ok

09:22:57.0173 4636 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

09:22:57.0209 4636 adp94xx - ok

09:22:57.0273 4636 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

09:22:57.0292 4636 adpahci - ok

09:22:57.0386 4636 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

09:22:57.0413 4636 adpu320 - ok

09:22:57.0472 4636 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

09:22:57.0982 4636 AeLookupSvc - ok

09:22:58.0102 4636 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

09:22:58.0247 4636 AFD - ok

09:22:58.0299 4636 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

09:22:58.0322 4636 agp440 - ok

09:22:58.0467 4636 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

09:22:58.0489 4636 aliide - ok

09:22:58.0578 4636 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

09:22:58.0600 4636 amdide - ok

09:22:58.0695 4636 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

09:22:58.0828 4636 AmdK8 - ok

09:22:58.0892 4636 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

09:22:58.0969 4636 AmdPPM - ok

09:22:59.0059 4636 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

09:22:59.0082 4636 amdsata - ok

09:22:59.0126 4636 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

09:22:59.0161 4636 amdsbs - ok

09:22:59.0259 4636 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

09:22:59.0281 4636 amdxata - ok

09:22:59.0369 4636 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

09:23:00.0312 4636 AppID - ok

09:23:00.0343 4636 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

09:23:00.0445 4636 AppIDSvc - ok

09:23:00.0567 4636 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll

09:23:00.0734 4636 Appinfo - ok

09:23:00.0850 4636 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

09:23:00.0874 4636 arc - ok

09:23:00.0899 4636 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

09:23:00.0913 4636 arcsas - ok

09:23:00.0974 4636 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

09:23:01.0135 4636 AsyncMac - ok

09:23:01.0210 4636 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

09:23:01.0232 4636 atapi - ok

09:23:01.0426 4636 [ D6CAD7E5B05055BB8226BDCB1644DA27 ] athr C:\Windows\system32\DRIVERS\athrx.sys

09:23:01.0518 4636 athr - ok

09:23:01.0616 4636 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

09:23:01.0706 4636 AudioEndpointBuilder - ok

09:23:01.0816 4636 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

09:23:01.0866 4636 AudioSrv - ok

09:23:02.0622 4636 [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

09:23:02.0702 4636 AVGIDSAgent - ok

09:23:02.0789 4636 [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys

09:23:02.0818 4636 AVGIDSDriver - ok

09:23:02.0921 4636 [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys

09:23:02.0941 4636 AVGIDSHA - ok

09:23:03.0024 4636 [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys

09:23:03.0047 4636 Avgldx64 - ok

09:23:03.0233 4636 [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys

09:23:03.0272 4636 Avgloga - ok

09:23:03.0335 4636 [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys

09:23:03.0375 4636 Avgmfx64 - ok

09:23:03.0486 4636 [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys

09:23:03.0506 4636 Avgrkx64 - ok

09:23:03.0599 4636 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys

09:23:03.0622 4636 Avgtdia - ok

09:23:03.0772 4636 [ 34E9A86B0EF71BA72B58D72215EBFABC ] avgtp C:\Windows\system32\drivers\avgtpx64.sys

09:23:03.0792 4636 avgtp - ok

09:23:03.0891 4636 [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

09:23:03.0914 4636 avgwd - ok

09:23:04.0021 4636 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

09:23:04.0086 4636 AxInstSV - ok

09:23:04.0178 4636 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

09:23:04.0223 4636 b06bdrv - ok

09:23:04.0283 4636 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

09:23:04.0373 4636 b57nd60a - ok

09:23:04.0432 4636 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

09:23:04.0480 4636 BDESVC - ok

09:23:04.0521 4636 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

09:23:04.0642 4636 Beep - ok

09:23:04.0778 4636 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

09:23:04.0847 4636 BFE - ok

09:23:04.0914 4636 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

09:23:05.0020 4636 BITS - ok

09:23:05.0073 4636 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

09:23:05.0115 4636 blbdrive - ok

09:23:05.0210 4636 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

09:23:05.0285 4636 bowser - ok

09:23:05.0384 4636 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

09:23:05.0480 4636 BrFiltLo - ok

09:23:05.0504 4636 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

09:23:05.0522 4636 BrFiltUp - ok

09:23:05.0627 4636 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

09:23:05.0685 4636 BridgeMP - ok

09:23:05.0749 4636 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

09:23:05.0796 4636 Browser - ok

09:23:05.0882 4636 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

09:23:06.0155 4636 Brserid - ok

09:23:06.0181 4636 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

09:23:06.0223 4636 BrSerWdm - ok

09:23:06.0269 4636 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

09:23:06.0363 4636 BrUsbMdm - ok

09:23:06.0400 4636 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

09:23:06.0448 4636 BrUsbSer - ok

09:23:06.0509 4636 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

09:23:06.0566 4636 BTHMODEM - ok

09:23:06.0660 4636 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

09:23:06.0737 4636 bthserv - ok

09:23:07.0035 4636 catchme - ok

09:23:07.0112 4636 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

09:23:07.0221 4636 cdfs - ok

09:23:07.0310 4636 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

09:23:07.0344 4636 cdrom - ok

09:23:07.0409 4636 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

09:23:07.0500 4636 CertPropSvc - ok

09:23:07.0805 4636 [ 41E7C4FA6491747402CFCA77CC1C7AAB ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

09:23:07.0863 4636 cfWiMAXService - ok

09:23:07.0950 4636 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

09:23:08.0052 4636 circlass - ok

09:23:08.0465 4636 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

09:23:08.0498 4636 CLFS - ok

09:23:08.0673 4636 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:23:08.0692 4636 clr_optimization_v2.0.50727_32 - ok

09:23:08.0939 4636 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

09:23:09.0184 4636 clr_optimization_v2.0.50727_64 - ok

09:23:09.0354 4636 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

09:23:09.0498 4636 clr_optimization_v4.0.30319_32 - ok

09:23:09.0708 4636 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

09:23:09.0748 4636 clr_optimization_v4.0.30319_64 - ok

09:23:09.0828 4636 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

09:23:09.0884 4636 CmBatt - ok

09:23:09.0948 4636 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

09:23:09.0971 4636 cmdide - ok

09:23:10.0099 4636 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

09:23:10.0135 4636 CNG - ok

09:23:10.0295 4636 [ 1F925AA990A6A446E8BA926B2D0A5201 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys

09:23:10.0344 4636 CnxtHdAudService - ok

09:23:10.0423 4636 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

09:23:10.0461 4636 Compbatt - ok

09:23:10.0506 4636 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

09:23:10.0541 4636 CompositeBus - ok

09:23:10.0558 4636 COMSysApp - ok

09:23:10.0676 4636 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

09:23:10.0693 4636 ConfigFree Service - ok

09:23:10.0738 4636 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

09:23:10.0761 4636 crcdisk - ok

09:23:10.0841 4636 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll

09:23:10.0931 4636 CryptSvc - ok

09:23:11.0192 4636 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

09:23:11.0234 4636 cvhsvc - ok

09:23:11.0404 4636 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

09:23:11.0499 4636 DcomLaunch - ok

09:23:11.0574 4636 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

09:23:11.0654 4636 defragsvc - ok

09:23:11.0730 4636 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

09:23:11.0783 4636 DfsC - ok

09:23:11.0891 4636 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

09:23:11.0954 4636 Dhcp - ok

09:23:11.0988 4636 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

09:23:12.0082 4636 discache - ok

09:23:12.0168 4636 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

09:23:12.0192 4636 Disk - ok

09:23:12.0309 4636 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

09:23:12.0371 4636 Dnscache - ok

09:23:12.0444 4636 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

09:23:12.0501 4636 dot3svc - ok

09:23:12.0616 4636 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

09:23:12.0770 4636 DPS - ok

09:23:12.0920 4636 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

09:23:13.0070 4636 drmkaud - ok

09:23:13.0268 4636 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

09:23:13.0310 4636 DXGKrnl - ok

09:23:13.0378 4636 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

09:23:13.0484 4636 EapHost - ok

09:23:13.0835 4636 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

09:23:13.0986 4636 ebdrv - ok

09:23:14.0037 4636 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

09:23:14.0085 4636 EFS - ok

09:23:14.0214 4636 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

09:23:14.0318 4636 ehRecvr - ok

09:23:14.0370 4636 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

09:23:14.0535 4636 ehSched - ok

09:23:14.0658 4636 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

09:23:14.0689 4636 elxstor - ok

09:23:14.0758 4636 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

09:23:14.0839 4636 ErrDev - ok

09:23:14.0912 4636 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

09:23:15.0012 4636 EventSystem - ok

09:23:15.0074 4636 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

09:23:15.0129 4636 exfat - ok

09:23:15.0170 4636 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

09:23:15.0238 4636 fastfat - ok

09:23:15.0361 4636 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

09:23:15.0436 4636 Fax - ok

09:23:15.0537 4636 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

09:23:15.0615 4636 fdc - ok

09:23:15.0664 4636 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

09:23:15.0798 4636 fdPHost - ok

09:23:15.0864 4636 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

09:23:15.0957 4636 FDResPub - ok

09:23:15.0993 4636 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

09:23:16.0006 4636 FileInfo - ok

09:23:16.0033 4636 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

09:23:16.0104 4636 Filetrace - ok

09:23:16.0179 4636 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

09:23:16.0204 4636 flpydisk - ok

09:23:16.0256 4636 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

09:23:16.0287 4636 FltMgr - ok

09:23:16.0533 4636 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll

09:23:16.0575 4636 FontCache - ok

09:23:16.0648 4636 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:23:16.0659 4636 FontCache3.0.0.0 - ok

09:23:16.0764 4636 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

09:23:16.0786 4636 FsDepends - ok

09:23:16.0831 4636 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

09:23:16.0849 4636 Fs_Rec - ok

09:23:16.0893 4636 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

09:23:16.0918 4636 fvevol - ok

09:23:16.0974 4636 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys

09:23:17.0010 4636 FwLnk - ok

09:23:17.0068 4636 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

09:23:17.0094 4636 gagp30kx - ok

09:23:17.0289 4636 [ 1A0B9D84BEB3306F728BC3009D432F5C ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe

09:23:17.0354 4636 GameConsoleService - ok

09:23:17.0462 4636 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

09:23:17.0535 4636 gpsvc - ok

09:23:17.0663 4636 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

09:23:17.0682 4636 gupdate - ok

09:23:17.0747 4636 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

09:23:17.0765 4636 gupdatem - ok

09:23:17.0853 4636 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

09:23:17.0870 4636 gusvc - ok

09:23:17.0953 4636 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

09:23:17.0989 4636 hcw85cir - ok

09:23:18.0057 4636 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

09:23:18.0084 4636 HdAudAddService - ok

09:23:18.0197 4636 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

09:23:18.0273 4636 HDAudBus - ok

09:23:18.0315 4636 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

09:23:18.0374 4636 HidBatt - ok

09:23:18.0427 4636 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

09:23:18.0511 4636 HidBth - ok

09:23:18.0555 4636 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

09:23:18.0607 4636 HidIr - ok

09:23:18.0678 4636 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

09:23:18.0748 4636 hidserv - ok

09:23:18.0826 4636 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys

09:23:18.0849 4636 HidUsb - ok

09:23:18.0921 4636 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

09:23:19.0010 4636 hkmsvc - ok

09:23:19.0079 4636 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

09:23:19.0116 4636 HomeGroupListener - ok

09:23:19.0188 4636 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

09:23:19.0231 4636 HomeGroupProvider - ok

09:23:19.0343 4636 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

09:23:19.0365 4636 HpSAMD - ok

09:23:19.0441 4636 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

09:23:19.0524 4636 HTTP - ok

09:23:19.0581 4636 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

09:23:19.0602 4636 hwpolicy - ok

09:23:19.0664 4636 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

09:23:19.0688 4636 i8042prt - ok

09:23:19.0834 4636 [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

09:23:19.0861 4636 iaStor - ok

09:23:19.0984 4636 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

09:23:20.0018 4636 iaStorV - ok

09:23:20.0108 4636 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

09:23:20.0146 4636 idsvc - ok

09:23:20.0976 4636 [ 898AB5BFED7040D7AB07AF01885EB944 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

09:23:21.0156 4636 igfx - ok

09:23:21.0234 4636 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

09:23:21.0255 4636 iirsp - ok

09:23:21.0408 4636 [ CE1EE31FFF730CA975A5535D8A71AF61 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

09:23:21.0426 4636 IJPLMSVC - ok

09:23:21.0576 4636 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

09:23:21.0659 4636 IKEEXT - ok

09:23:21.0751 4636 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

09:23:21.0792 4636 intelide - ok

09:23:21.0923 4636 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

09:23:22.0002 4636 intelppm - ok

09:23:22.0052 4636 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

09:23:22.0108 4636 IPBusEnum - ok

09:23:22.0169 4636 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:23:22.0231 4636 IpFilterDriver - ok

09:23:22.0318 4636 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

09:23:22.0377 4636 iphlpsvc - ok

09:23:22.0415 4636 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

09:23:22.0459 4636 IPMIDRV - ok

09:23:22.0512 4636 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

09:23:22.0568 4636 IPNAT - ok

09:23:22.0595 4636 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

09:23:22.0670 4636 IRENUM - ok

09:23:22.0724 4636 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

09:23:22.0745 4636 isapnp - ok

09:23:22.0788 4636 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

09:23:22.0805 4636 iScsiPrt - ok

09:23:22.0859 4636 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

09:23:22.0879 4636 kbdclass - ok

09:23:22.0901 4636 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

09:23:22.0942 4636 kbdhid - ok

09:23:22.0970 4636 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

09:23:22.0984 4636 KeyIso - ok

09:23:23.0025 4636 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

09:23:23.0050 4636 KSecDD - ok

09:23:23.0067 4636 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

09:23:23.0082 4636 KSecPkg - ok

09:23:23.0110 4636 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

09:23:23.0159 4636 ksthunk - ok

09:23:23.0205 4636 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

09:23:23.0272 4636 KtmRm - ok

09:23:23.0321 4636 [ 48686C29856F46443952A831424F8D6F ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys

09:23:23.0331 4636 L1C - ok

09:23:23.0393 4636 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

09:23:23.0472 4636 LanmanServer - ok

09:23:23.0520 4636 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

09:23:23.0582 4636 LanmanWorkstation - ok

09:23:23.0626 4636 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

09:23:23.0696 4636 lltdio - ok

09:23:23.0737 4636 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

09:23:23.0790 4636 lltdsvc - ok

09:23:23.0809 4636 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

09:23:23.0845 4636 lmhosts - ok

09:23:23.0885 4636 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

09:23:23.0899 4636 LSI_FC - ok

09:23:23.0916 4636 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

09:23:23.0930 4636 LSI_SAS - ok

09:23:23.0940 4636 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

09:23:23.0962 4636 LSI_SAS2 - ok

09:23:23.0994 4636 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

09:23:24.0008 4636 LSI_SCSI - ok

09:23:24.0046 4636 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

09:23:24.0094 4636 luafv - ok

09:23:24.0145 4636 [ 31C6AFFFAD7C733A65F888929548BC22 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys

09:23:24.0157 4636 mbamchameleon - ok

09:23:24.0204 4636 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

09:23:24.0247 4636 Mcx2Svc - ok

09:23:24.0272 4636 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

09:23:24.0285 4636 megasas - ok

09:23:24.0322 4636 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

09:23:24.0339 4636 MegaSR - ok

09:23:24.0388 4636 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

09:23:24.0450 4636 MMCSS - ok

09:23:24.0465 4636 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

09:23:24.0512 4636 Modem - ok

09:23:24.0544 4636 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

09:23:24.0581 4636 monitor - ok

09:23:24.0634 4636 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys

09:23:24.0647 4636 mouclass - ok

09:23:24.0685 4636 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

09:23:24.0724 4636 mouhid - ok

09:23:24.0779 4636 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

09:23:24.0803 4636 mountmgr - ok

09:23:24.0888 4636 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

09:23:24.0911 4636 MozillaMaintenance - ok

09:23:24.0951 4636 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

09:23:24.0966 4636 mpio - ok

09:23:25.0013 4636 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

09:23:25.0065 4636 mpsdrv - ok

09:23:25.0154 4636 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

09:23:25.0222 4636 MpsSvc - ok

09:23:25.0256 4636 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

09:23:25.0304 4636 MRxDAV - ok

09:23:25.0343 4636 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

09:23:25.0396 4636 mrxsmb - ok

09:23:25.0432 4636 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:23:25.0459 4636 mrxsmb10 - ok

09:23:25.0515 4636 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:23:25.0539 4636 mrxsmb20 - ok

09:23:25.0572 4636 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

09:23:25.0585 4636 msahci - ok

09:23:25.0616 4636 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

09:23:25.0630 4636 msdsm - ok

09:23:25.0652 4636 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

09:23:25.0685 4636 MSDTC - ok

09:23:25.0731 4636 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

09:23:25.0766 4636 Msfs - ok

09:23:25.0812 4636 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

09:23:25.0859 4636 mshidkmdf - ok

09:23:25.0914 4636 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

09:23:25.0936 4636 msisadrv - ok

09:23:25.0975 4636 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

09:23:26.0038 4636 MSiSCSI - ok

09:23:26.0046 4636 msiserver - ok

09:23:26.0088 4636 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

09:23:26.0137 4636 MSKSSRV - ok

09:23:26.0170 4636 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

09:23:26.0222 4636 MSPCLOCK - ok

09:23:26.0238 4636 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

09:23:26.0286 4636 MSPQM - ok

09:23:26.0331 4636 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

09:23:26.0354 4636 MsRPC - ok

09:23:26.0396 4636 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

09:23:26.0409 4636 mssmbios - ok

09:23:26.0453 4636 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

09:23:26.0539 4636 MSTEE - ok

09:23:26.0556 4636 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

09:23:26.0573 4636 MTConfig - ok

09:23:26.0610 4636 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

09:23:26.0622 4636 Mup - ok

09:23:26.0662 4636 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

09:23:26.0776 4636 napagent - ok

09:23:26.0840 4636 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

09:23:26.0962 4636 NativeWifiP - ok

09:23:27.0046 4636 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

09:23:27.0082 4636 NDIS - ok

09:23:27.0139 4636 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

09:23:27.0196 4636 NdisCap - ok

09:23:27.0231 4636 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

09:23:27.0276 4636 NdisTapi - ok

09:23:27.0334 4636 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

09:23:27.0404 4636 Ndisuio - ok

09:23:27.0472 4636 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

09:23:27.0534 4636 NdisWan - ok

09:23:27.0583 4636 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

09:23:27.0640 4636 NDProxy - ok

09:23:27.0752 4636 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

09:23:27.0829 4636 Nero BackItUp Scheduler 4.0 - ok

09:23:27.0876 4636 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

09:23:27.0947 4636 NetBIOS - ok

09:23:28.0013 4636 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

09:23:28.0067 4636 NetBT - ok

09:23:28.0271 4636 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

09:23:28.0295 4636 Netlogon - ok

09:23:28.0343 4636 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

09:23:28.0414 4636 Netman - ok

09:23:28.0462 4636 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

09:23:28.0520 4636 netprofm - ok

09:23:28.0554 4636 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

09:23:28.0566 4636 NetTcpPortSharing - ok

09:23:28.0621 4636 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

09:23:28.0669 4636 nfrd960 - ok

09:23:28.0716 4636 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

09:23:28.0752 4636 NlaSvc - ok

09:23:28.0789 4636 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

09:23:28.0828 4636 Npfs - ok

09:23:28.0874 4636 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

09:23:28.0933 4636 nsi - ok

09:23:28.0957 4636 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

09:23:29.0012 4636 nsiproxy - ok

09:23:29.0112 4636 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

09:23:29.0163 4636 Ntfs - ok

09:23:29.0198 4636 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

09:23:29.0268 4636 Null - ok

09:23:29.0331 4636 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

09:23:29.0346 4636 nvraid - ok

09:23:29.0371 4636 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

09:23:29.0387 4636 nvstor - ok

09:23:29.0457 4636 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

09:23:29.0473 4636 nv_agp - ok

09:23:29.0552 4636 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

09:23:29.0578 4636 ohci1394 - ok

09:23:29.0664 4636 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:23:29.0684 4636 ose - ok

09:23:30.0078 4636 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

09:23:30.0257 4636 osppsvc - ok

09:23:30.0317 4636 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

09:23:30.0357 4636 p2pimsvc - ok

09:23:30.0430 4636 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

09:23:30.0461 4636 p2psvc - ok

09:23:30.0502 4636 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

09:23:30.0516 4636 Parport - ok

gco1133 · July 8, 2013

09:23:30.0559 4636 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

09:23:30.0582 4636 partmgr - ok

09:23:30.0610 4636 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

09:23:30.0644 4636 PcaSvc - ok

09:23:30.0680 4636 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

09:23:30.0695 4636 pci - ok

09:23:30.0707 4636 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

09:23:30.0719 4636 pciide - ok

09:23:30.0776 4636 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

09:23:30.0805 4636 pcmcia - ok

09:23:30.0822 4636 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

09:23:30.0836 4636 pcw - ok

09:23:30.0887 4636 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

09:23:30.0951 4636 PEAUTH - ok

09:23:31.0025 4636 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

09:23:31.0059 4636 PerfHost - ok

09:23:31.0119 4636 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys

09:23:31.0129 4636 PGEffect - ok

09:23:31.0246 4636 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

09:23:31.0318 4636 pla - ok

09:23:31.0386 4636 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

09:23:31.0436 4636 PlugPlay - ok

09:23:31.0469 4636 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

09:23:31.0483 4636 PNRPAutoReg - ok

09:23:31.0516 4636 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

09:23:31.0534 4636 PNRPsvc - ok

09:23:31.0622 4636 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

09:23:31.0679 4636 PolicyAgent - ok

09:23:31.0725 4636 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

09:23:31.0782 4636 Power - ok

09:23:31.0800 4636 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

09:23:31.0852 4636 PptpMiniport - ok

09:23:31.0890 4636 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

09:23:31.0926 4636 Processor - ok

09:23:31.0972 4636 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

09:23:32.0008 4636 ProfSvc - ok

09:23:32.0038 4636 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

09:23:32.0051 4636 ProtectedStorage - ok

09:23:32.0119 4636 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

09:23:32.0163 4636 Psched - ok

09:23:32.0248 4636 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

09:23:32.0299 4636 ql2300 - ok

09:23:32.0344 4636 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

09:23:32.0360 4636 ql40xx - ok

09:23:32.0390 4636 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

09:23:32.0430 4636 QWAVE - ok

09:23:32.0462 4636 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

09:23:32.0498 4636 QWAVEdrv - ok

09:23:32.0521 4636 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

09:23:32.0573 4636 RasAcd - ok

09:23:32.0614 4636 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

09:23:32.0650 4636 RasAgileVpn - ok

09:23:32.0684 4636 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

09:23:32.0761 4636 RasAuto - ok

09:23:32.0811 4636 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

09:23:32.0876 4636 Rasl2tp - ok

09:23:32.0928 4636 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

09:23:33.0022 4636 RasMan - ok

09:23:33.0060 4636 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

09:23:33.0120 4636 RasPppoe - ok

09:23:33.0145 4636 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

09:23:33.0204 4636 RasSstp - ok

09:23:33.0247 4636 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

09:23:33.0304 4636 rdbss - ok

09:23:33.0374 4636 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

09:23:33.0422 4636 rdpbus - ok

09:23:33.0439 4636 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

09:23:33.0493 4636 RDPCDD - ok

09:23:33.0550 4636 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

09:23:33.0613 4636 RDPENCDD - ok

09:23:33.0642 4636 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

09:23:33.0680 4636 RDPREFMP - ok

09:23:33.0739 4636 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

09:23:33.0769 4636 RDPWD - ok

09:23:33.0855 4636 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

09:23:33.0874 4636 rdyboost - ok

09:23:33.0912 4636 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

09:23:33.0971 4636 RemoteAccess - ok

09:23:34.0010 4636 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

09:23:34.0073 4636 RemoteRegistry - ok

09:23:34.0088 4636 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

09:23:34.0147 4636 RpcEptMapper - ok

09:23:34.0178 4636 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

09:23:34.0289 4636 RpcLocator - ok

09:23:34.0427 4636 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

09:23:34.0474 4636 RpcSs - ok

09:23:34.0530 4636 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

09:23:34.0622 4636 rspndr - ok

09:23:34.0718 4636 [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys

09:23:34.0744 4636 RSUSBSTOR - ok

09:23:34.0783 4636 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

09:23:34.0807 4636 SamSs - ok

09:23:34.0850 4636 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

09:23:34.0864 4636 sbp2port - ok

09:23:35.0047 4636 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

09:23:35.0094 4636 SBSDWSCService - ok

09:23:35.0129 4636 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

09:23:35.0183 4636 SCardSvr - ok

09:23:35.0252 4636 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

09:23:35.0345 4636 scfilter - ok

09:23:35.0427 4636 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

09:23:35.0508 4636 Schedule - ok

09:23:35.0589 4636 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

09:23:35.0634 4636 SCPolicySvc - ok

09:23:35.0705 4636 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

09:23:35.0742 4636 SDRSVC - ok

09:23:35.0918 4636 [ 4A5809A1D796E2675AC0332BF7B0CB11 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

09:23:35.0938 4636 SeaPort - ok

09:23:35.0988 4636 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

09:23:36.0036 4636 secdrv - ok

09:23:36.0087 4636 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

09:23:36.0167 4636 seclogon - ok

09:23:36.0211 4636 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

09:23:36.0268 4636 SENS - ok

09:23:36.0322 4636 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

09:23:36.0369 4636 SensrSvc - ok

09:23:36.0418 4636 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

09:23:36.0457 4636 Serenum - ok

09:23:36.0488 4636 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

09:23:36.0515 4636 Serial - ok

09:23:36.0544 4636 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

09:23:36.0576 4636 sermouse - ok

09:23:36.0632 4636 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

09:23:36.0704 4636 SessionEnv - ok

09:23:36.0776 4636 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

09:23:36.0810 4636 sffdisk - ok

09:23:36.0832 4636 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

09:23:36.0884 4636 sffp_mmc - ok

09:23:36.0911 4636 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

09:23:36.0951 4636 sffp_sd - ok

09:23:36.0998 4636 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

09:23:37.0031 4636 sfloppy - ok

09:23:37.0107 4636 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

09:23:37.0128 4636 Sftfs - ok

09:23:37.0214 4636 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

09:23:37.0231 4636 sftlist - ok

09:23:37.0258 4636 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

09:23:37.0271 4636 Sftplay - ok

09:23:37.0292 4636 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

09:23:37.0303 4636 Sftredir - ok

09:23:37.0329 4636 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

09:23:37.0339 4636 Sftvol - ok

09:23:37.0362 4636 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

09:23:37.0375 4636 sftvsa - ok

09:23:37.0496 4636 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

09:23:37.0565 4636 SharedAccess - ok

09:23:37.0669 4636 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

09:23:37.0741 4636 ShellHWDetection - ok

09:23:37.0798 4636 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

09:23:37.0811 4636 SiSRaid2 - ok

09:23:37.0830 4636 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

09:23:37.0844 4636 SiSRaid4 - ok

09:23:37.0933 4636 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

09:23:37.0953 4636 SkypeUpdate - ok

09:23:38.0001 4636 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

09:23:38.0050 4636 Smb - ok

09:23:38.0094 4636 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

09:23:38.0126 4636 SNMPTRAP - ok

09:23:38.0151 4636 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

09:23:38.0163 4636 spldr - ok

09:23:38.0255 4636 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

09:23:38.0284 4636 Spooler - ok

09:23:38.0531 4636 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

09:23:38.0629 4636 sppsvc - ok

09:23:38.0665 4636 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

09:23:38.0723 4636 sppuinotify - ok

09:23:38.0792 4636 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

09:23:38.0854 4636 srv - ok

09:23:38.0878 4636 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

09:23:38.0939 4636 srv2 - ok

09:23:38.0997 4636 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

09:23:39.0047 4636 srvnet - ok

09:23:39.0084 4636 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

09:23:39.0144 4636 SSDPSRV - ok

09:23:39.0182 4636 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

09:23:39.0219 4636 SstpSvc - ok

09:23:39.0266 4636 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

09:23:39.0279 4636 stexstor - ok

09:23:39.0345 4636 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

09:23:39.0390 4636 stisvc - ok

09:23:39.0420 4636 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

09:23:39.0433 4636 swenum - ok

09:23:39.0492 4636 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

09:23:39.0570 4636 swprv - ok

09:23:39.0626 4636 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

09:23:39.0640 4636 SynTP - ok

09:23:39.0733 4636 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

09:23:39.0795 4636 SysMain - ok

09:23:39.0834 4636 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

09:23:39.0854 4636 TabletInputService - ok

09:23:39.0872 4636 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

09:23:39.0923 4636 TapiSrv - ok

09:23:39.0951 4636 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

09:23:39.0987 4636 TBS - ok

09:23:40.0203 4636 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys

09:23:40.0288 4636 Tcpip - ok

09:23:40.0396 4636 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

09:23:40.0445 4636 TCPIP6 - ok

09:23:40.0591 4636 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

09:23:40.0634 4636 tcpipreg - ok

09:23:40.0696 4636 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys

09:23:40.0713 4636 tdcmdpst - ok

09:23:40.0744 4636 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

09:23:40.0785 4636 TDPIPE - ok

09:23:40.0840 4636 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

09:23:40.0853 4636 TDTCP - ok

09:23:40.0894 4636 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

09:23:40.0929 4636 tdx - ok

09:23:41.0018 4636 [ 1B43FDBFE5A98F6B3D90595C6B2E5277 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe

09:23:41.0037 4636 TemproMonitoringService - ok

09:23:41.0083 4636 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

09:23:41.0096 4636 TermDD - ok

09:23:41.0550 4636 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

09:23:41.0624 4636 TermService - ok

09:23:41.0669 4636 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

09:23:41.0701 4636 Themes - ok

09:23:41.0734 4636 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

09:23:41.0770 4636 THREADORDER - ok

09:23:41.0855 4636 [ 28644B0523D64EFF2FC7312A2EE74B0A ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

09:23:41.0865 4636 TMachInfo - ok

09:23:41.0911 4636 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe

09:23:41.0923 4636 TODDSrv - ok

09:23:41.0993 4636 [ 98C864481D62F86EC8AF65BE3419A95B ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

09:23:42.0009 4636 TosCoSrv - ok

09:23:42.0046 4636 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

09:23:42.0058 4636 TOSHIBA HDD SSD Alert Service - ok

09:23:42.0092 4636 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

09:23:42.0146 4636 TrkWks - ok

09:23:42.0217 4636 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

09:23:42.0278 4636 TrustedInstaller - ok

09:23:42.0326 4636 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

09:23:42.0376 4636 tssecsrv - ok

09:23:42.0430 4636 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

09:23:42.0444 4636 TsUsbFlt - ok

09:23:42.0476 4636 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

09:23:42.0534 4636 tunnel - ok

09:23:42.0580 4636 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS

09:23:42.0590 4636 TVALZ - ok

09:23:42.0623 4636 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

09:23:42.0640 4636 uagp35 - ok

09:23:42.0679 4636 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

09:23:42.0738 4636 udfs - ok

09:23:42.0775 4636 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

09:23:42.0794 4636 UI0Detect - ok

09:23:42.0846 4636 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

09:23:42.0861 4636 uliagpkx - ok

09:23:42.0903 4636 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

09:23:42.0931 4636 umbus - ok

09:23:42.0964 4636 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

09:23:42.0993 4636 UmPass - ok

09:23:43.0037 4636 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

09:23:43.0093 4636 upnphost - ok

09:23:43.0125 4636 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

09:23:43.0155 4636 usbccgp - ok

09:23:43.0217 4636 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

09:23:43.0236 4636 usbcir - ok

09:23:43.0252 4636 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

09:23:43.0283 4636 usbehci - ok

09:23:43.0320 4636 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

09:23:43.0357 4636 usbhub - ok

09:23:43.0375 4636 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

09:23:43.0417 4636 usbohci - ok

09:23:43.0468 4636 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

09:23:43.0505 4636 usbprint - ok

09:23:43.0545 4636 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

09:23:43.0577 4636 usbscan - ok

09:23:43.0603 4636 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS

09:23:43.0635 4636 USBSTOR - ok

09:23:43.0667 4636 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

09:23:43.0697 4636 usbuhci - ok

09:23:43.0759 4636 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

09:23:43.0778 4636 usbvideo - ok

09:23:43.0802 4636 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

09:23:43.0856 4636 UxSms - ok

09:23:43.0883 4636 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

09:23:43.0898 4636 VaultSvc - ok

09:23:43.0945 4636 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

09:23:43.0958 4636 vdrvroot - ok

09:23:44.0018 4636 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

09:23:44.0084 4636 vds - ok

09:23:44.0124 4636 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

09:23:44.0144 4636 vga - ok

09:23:44.0162 4636 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

09:23:44.0219 4636 VgaSave - ok

09:23:44.0264 4636 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

09:23:44.0283 4636 vhdmp - ok

09:23:44.0320 4636 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

09:23:44.0333 4636 viaide - ok

09:23:44.0405 4636 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

09:23:44.0421 4636 volmgr - ok

09:23:44.0468 4636 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

09:23:44.0485 4636 volmgrx - ok

09:23:44.0534 4636 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

09:23:44.0553 4636 volsnap - ok

09:23:44.0590 4636 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

09:23:44.0609 4636 vsmraid - ok

09:23:44.0684 4636 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

09:23:44.0755 4636 VSS - ok

09:23:44.0880 4636 [ 254E8F9BA44E9F55416B0E51DBFF3C5F ] vToolbarUpdater15.3.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe

09:23:44.0915 4636 vToolbarUpdater15.3.0 - ok

09:23:44.0936 4636 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

09:23:44.0971 4636 vwifibus - ok

09:23:45.0019 4636 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

09:23:45.0042 4636 vwififlt - ok

09:23:45.0091 4636 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

09:23:45.0154 4636 W32Time - ok

09:23:45.0178 4636 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

09:23:45.0209 4636 WacomPen - ok

09:23:45.0265 4636 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

09:23:45.0320 4636 WANARP - ok

09:23:45.0328 4636 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

09:23:45.0365 4636 Wanarpv6 - ok

09:23:45.0462 4636 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

09:23:45.0498 4636 WatAdminSvc - ok

09:23:45.0560 4636 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

09:23:45.0615 4636 wbengine - ok

09:23:45.0654 4636 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

09:23:45.0675 4636 WbioSrvc - ok

09:23:45.0725 4636 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

09:23:45.0764 4636 wcncsvc - ok

09:23:45.0790 4636 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

09:23:45.0806 4636 WcsPlugInService - ok

09:23:45.0829 4636 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

09:23:45.0844 4636 Wd - ok

09:23:45.0904 4636 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

09:23:45.0930 4636 Wdf01000 - ok

09:23:45.0961 4636 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

09:23:45.0998 4636 WdiServiceHost - ok

09:23:46.0003 4636 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

09:23:46.0024 4636 WdiSystemHost - ok

09:23:46.0063 4636 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

09:23:46.0113 4636 WebClient - ok

09:23:46.0155 4636 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

09:23:46.0212 4636 Wecsvc - ok

09:23:46.0232 4636 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

09:23:46.0289 4636 wercplsupport - ok

09:23:46.0333 4636 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

09:23:46.0397 4636 WerSvc - ok

09:23:46.0431 4636 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

09:23:46.0467 4636 WfpLwf - ok

09:23:46.0481 4636 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

09:23:46.0496 4636 WIMMount - ok

09:23:46.0538 4636 WinDefend - ok

09:23:46.0547 4636 WinHttpAutoProxySvc - ok

09:23:46.0604 4636 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

09:23:46.0659 4636 Winmgmt - ok

09:23:46.0734 4636 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

09:23:46.0810 4636 WinRM - ok

09:23:46.0879 4636 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

09:23:46.0896 4636 WinUsb - ok

09:23:46.0945 4636 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

09:23:46.0986 4636 Wlansvc - ok

09:23:47.0055 4636 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

09:23:47.0075 4636 wlcrasvc - ok

09:23:47.0204 4636 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

09:23:47.0253 4636 wlidsvc - ok

09:23:47.0296 4636 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

09:23:47.0327 4636 WmiAcpi - ok

09:23:47.0378 4636 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

09:23:47.0406 4636 wmiApSrv - ok

09:23:47.0437 4636 WMPNetworkSvc - ok

09:23:47.0478 4636 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

09:23:47.0493 4636 WPCSvc - ok

09:23:47.0534 4636 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

09:23:47.0551 4636 WPDBusEnum - ok

09:23:47.0583 4636 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

09:23:47.0633 4636 ws2ifsl - ok

09:23:47.0702 4636 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

09:23:47.0740 4636 wscsvc - ok

09:23:47.0745 4636 WSearch - ok

09:23:47.0838 4636 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

09:23:47.0892 4636 wuauserv - ok

09:23:47.0931 4636 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

09:23:47.0961 4636 WudfPf - ok

09:23:47.0988 4636 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

09:23:48.0006 4636 WUDFRd - ok

09:23:48.0041 4636 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

09:23:48.0071 4636 wudfsvc - ok

09:23:48.0109 4636 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll

09:23:48.0138 4636 WwanSvc - ok

09:23:48.0159 4636 X5XSEx_Pr143 - ok

09:23:48.0203 4636 ================ Scan global ===============================

09:23:48.0224 4636 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

09:23:48.0270 4636 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

09:23:48.0278 4636 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

09:23:48.0305 4636 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

09:23:48.0332 4636 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

09:23:48.0336 4636 [Global] - ok

09:23:48.0336 4636 ================ Scan MBR ==================================

09:23:48.0350 4636 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

09:23:49.0353 4636 \Device\Harddisk0\DR0 - ok

09:23:49.0354 4636 ================ Scan VBR ==================================

09:23:49.0389 4636 [ 1CCBA497D310731D431BE2E126242AB5 ] \Device\Harddisk0\DR0\Partition1

09:23:49.0391 4636 \Device\Harddisk0\DR0\Partition1 - ok

09:23:49.0419 4636 [ 6FACE4D14A80D236D86E801611542487 ] \Device\Harddisk0\DR0\Partition2

09:23:49.0420 4636 \Device\Harddisk0\DR0\Partition2 - ok

09:23:49.0420 4636 ================ Scan active images ========================

09:23:49.0425 4636 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys

09:23:49.0425 4636 C:\Windows\System32\drivers\crashdmp.sys - ok

09:23:49.0432 4636 [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] C:\Windows\System32\drivers\iaStor.sys

09:23:49.0432 4636 C:\Windows\System32\drivers\iaStor.sys - ok

09:23:49.0439 4636 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys

09:23:49.0439 4636 C:\Windows\System32\drivers\dumpfve.sys - ok

09:23:49.0448 4636 [ 34E9A86B0EF71BA72B58D72215EBFABC ] C:\Windows\System32\drivers\avgtpx64.sys

09:23:49.0448 4636 C:\Windows\System32\drivers\avgtpx64.sys - ok

09:23:49.0455 4636 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys

09:23:49.0455 4636 C:\Windows\System32\drivers\beep.sys - ok

09:23:49.0464 4636 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys

09:23:49.0464 4636 C:\Windows\System32\drivers\cdrom.sys - ok

09:23:49.0471 4636 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys

09:23:49.0471 4636 C:\Windows\System32\drivers\null.sys - ok

09:23:49.0479 4636 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys

09:23:49.0479 4636 C:\Windows\System32\drivers\RDPCDD.sys - ok

09:23:49.0486 4636 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys

09:23:49.0486 4636 C:\Windows\System32\drivers\RDPENCDD.sys - ok

09:23:49.0495 4636 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys

09:23:49.0495 4636 C:\Windows\System32\drivers\RDPREFMP.sys - ok

09:23:49.0502 4636 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys

09:23:49.0502 4636 C:\Windows\System32\drivers\vga.sys - ok

09:23:49.0510 4636 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys

09:23:49.0510 4636 C:\Windows\System32\drivers\videoprt.sys - ok

09:23:49.0518 4636 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys

09:23:49.0518 4636 C:\Windows\System32\drivers\watchdog.sys - ok

09:23:49.0526 4636 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys

09:23:49.0526 4636 C:\Windows\System32\drivers\msfs.sys - ok

09:23:49.0533 4636 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys

09:23:49.0533 4636 C:\Windows\System32\drivers\npfs.sys - ok

09:23:49.0544 4636 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys

09:23:49.0544 4636 C:\Windows\System32\drivers\tdi.sys - ok

09:23:49.0551 4636 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys

09:23:49.0551 4636 C:\Windows\System32\drivers\tdx.sys - ok

09:23:49.0560 4636 [ 69BD90E337625F96C718CACE7A9C9E29 ] C:\Windows\System32\drivers\avgtdia.sys

09:23:49.0560 4636 C:\Windows\System32\drivers\avgtdia.sys - ok

09:23:49.0568 4636 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys

09:23:49.0568 4636 C:\Windows\System32\drivers\netbt.sys - ok

09:23:49.0575 4636 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys

09:23:49.0575 4636 C:\Windows\System32\drivers\afd.sys - ok

09:23:49.0583 4636 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys

09:23:49.0583 4636 C:\Windows\System32\drivers\pacer.sys - ok

09:23:49.0590 4636 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys

09:23:49.0590 4636 C:\Windows\System32\drivers\wfplwf.sys - ok

09:23:49.0596 4636 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys

09:23:49.0596 4636 C:\Windows\System32\drivers\ws2ifsl.sys - ok

09:23:49.0603 4636 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys

09:23:49.0603 4636 C:\Windows\System32\drivers\netbios.sys - ok

09:23:49.0612 4636 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys

09:23:49.0612 4636 C:\Windows\System32\drivers\vwififlt.sys - ok

09:23:49.0619 4636 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys

09:23:49.0619 4636 C:\Windows\System32\drivers\wanarp.sys - ok

09:23:49.0628 4636 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys

09:23:49.0628 4636 C:\Windows\System32\drivers\termdd.sys - ok

09:23:49.0635 4636 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys

09:23:49.0635 4636 C:\Windows\System32\drivers\mssmbios.sys - ok

09:23:49.0642 4636 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys

09:23:49.0642 4636 C:\Windows\System32\drivers\nsiproxy.sys - ok

09:23:49.0650 4636 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys

09:23:49.0650 4636 C:\Windows\System32\drivers\rdbss.sys - ok

09:23:49.0658 4636 [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] C:\Windows\System32\drivers\avgldx64.sys

09:23:49.0658 4636 C:\Windows\System32\drivers\avgldx64.sys - ok

09:23:49.0667 4636 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys

09:23:49.0668 4636 C:\Windows\System32\drivers\blbdrive.sys - ok

09:23:49.0675 4636 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys

09:23:49.0675 4636 C:\Windows\System32\drivers\dfsc.sys - ok

09:23:49.0684 4636 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys

09:23:49.0684 4636 C:\Windows\System32\drivers\discache.sys - ok

09:23:49.0691 4636 [ 139BD30C32BEE830D0CF39C5324D79DE ] C:\Windows\System32\drivers\avgidsdrivera.sys

09:23:49.0691 4636 C:\Windows\System32\drivers\avgidsdrivera.sys - ok

09:23:49.0700 4636 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys

09:23:49.0700 4636 C:\Windows\System32\drivers\tunnel.sys - ok

09:23:49.0707 4636 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] C:\Windows\System32\drivers\FwLnk.sys

09:23:49.0707 4636 C:\Windows\System32\drivers\FwLnk.sys - ok

09:23:49.0716 4636 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys

09:23:49.0716 4636 C:\Windows\System32\drivers\CmBatt.sys - ok

09:23:49.0723 4636 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys

09:23:49.0723 4636 C:\Windows\System32\drivers\intelppm.sys - ok

09:23:49.0731 4636 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll

09:23:49.0731 4636 C:\Windows\System32\ntdll.dll - ok

09:23:49.0738 4636 [ F0371DE302FFFF8F086661611BE60848 ] C:\Windows\System32\smss.exe

09:23:49.0738 4636 C:\Windows\System32\smss.exe - ok

09:23:49.0746 4636 [ 898AB5BFED7040D7AB07AF01885EB944 ] C:\Windows\System32\drivers\igdkmd64.sys

09:23:49.0746 4636 C:\Windows\System32\drivers\igdkmd64.sys - ok

09:23:49.0753 4636 [ AF2E16242AA723F68F461B6EAE2EAD3D ] C:\Windows\System32\drivers\dxgkrnl.sys

09:23:49.0754 4636 C:\Windows\System32\drivers\dxgkrnl.sys - ok

09:23:49.0762 4636 [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys

09:23:49.0762 4636 C:\Windows\System32\drivers\dxgmms1.sys - ok

09:23:49.0770 4636 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys

09:23:49.0770 4636 C:\Windows\System32\drivers\usbport.sys - ok

09:23:49.0780 4636 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys

09:23:49.0780 4636 C:\Windows\System32\drivers\usbuhci.sys - ok

09:23:49.0787 4636 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys

09:23:49.0787 4636 C:\Windows\System32\drivers\usbehci.sys - ok

09:23:49.0796 4636 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys

09:23:49.0796 4636 C:\Windows\System32\drivers\hdaudbus.sys - ok

09:23:49.0803 4636 [ 48686C29856F46443952A831424F8D6F ] C:\Windows\System32\drivers\L1C62x64.sys

09:23:49.0803 4636 C:\Windows\System32\drivers\L1C62x64.sys - ok

09:23:49.0810 4636 [ D6CAD7E5B05055BB8226BDCB1644DA27 ] C:\Windows\System32\drivers\athrx.sys

09:23:49.0810 4636 C:\Windows\System32\drivers\athrx.sys - ok

gco1133 · July 8, 2013

09:23:49.0819 4636 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys

09:23:49.0819 4636 C:\Windows\System32\drivers\i8042prt.sys - ok

09:23:49.0825 4636 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys

09:23:49.0826 4636 C:\Windows\System32\drivers\vwifibus.sys - ok

09:23:49.0838 4636 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys

09:23:49.0838 4636 C:\Windows\System32\drivers\kbdclass.sys - ok

09:23:49.0846 4636 [ 470C47DABA9CA3966F0AB3F835D7D135 ] C:\Windows\System32\drivers\SynTP.sys

09:23:49.0846 4636 C:\Windows\System32\drivers\SynTP.sys - ok

09:23:49.0851 4636 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys

09:23:49.0851 4636 C:\Windows\System32\drivers\usbd.sys - ok

09:23:49.0858 4636 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys

09:23:49.0858 4636 C:\Windows\System32\drivers\mouclass.sys - ok

09:23:49.0866 4636 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys

09:23:49.0866 4636 C:\Windows\System32\drivers\CompositeBus.sys - ok

09:23:49.0873 4636 [ FD542B661BD22FA69CA789AD0AC58C29 ] C:\Windows\System32\drivers\tdcmdpst.sys

09:23:49.0873 4636 C:\Windows\System32\drivers\tdcmdpst.sys - ok

09:23:49.0882 4636 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys

09:23:49.0882 4636 C:\Windows\System32\drivers\agilevpn.sys - ok

09:23:49.0889 4636 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys

09:23:49.0889 4636 C:\Windows\System32\drivers\ndistapi.sys - ok

09:23:49.0899 4636 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys

09:23:49.0899 4636 C:\Windows\System32\drivers\rasl2tp.sys - ok

09:23:49.0906 4636 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys

09:23:49.0906 4636 C:\Windows\System32\drivers\ndiswan.sys - ok

09:23:49.0917 4636 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys

09:23:49.0917 4636 C:\Windows\System32\drivers\raspppoe.sys - ok

09:23:49.0924 4636 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys

09:23:49.0924 4636 C:\Windows\System32\drivers\raspptp.sys - ok

09:23:49.0932 4636 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys

09:23:49.0932 4636 C:\Windows\System32\drivers\ks.sys - ok

09:23:49.0939 4636 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys

09:23:49.0940 4636 C:\Windows\System32\drivers\rassstp.sys - ok

09:23:49.0948 4636 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys

09:23:49.0948 4636 C:\Windows\System32\drivers\swenum.sys - ok

09:23:49.0955 4636 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys

09:23:49.0955 4636 C:\Windows\System32\drivers\umbus.sys - ok

09:23:49.0962 4636 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys

09:23:49.0962 4636 C:\Windows\System32\drivers\usbhub.sys - ok

09:23:49.0971 4636 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys

09:23:49.0971 4636 C:\Windows\System32\drivers\ndproxy.sys - ok

09:23:49.0978 4636 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys

09:23:49.0978 4636 C:\Windows\System32\drivers\drmk.sys - ok

09:23:49.0987 4636 [ 1F925AA990A6A446E8BA926B2D0A5201 ] C:\Windows\System32\drivers\CHDRT64.sys

09:23:49.0987 4636 C:\Windows\System32\drivers\CHDRT64.sys - ok

09:23:49.0994 4636 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys

09:23:49.0994 4636 C:\Windows\System32\drivers\portcls.sys - ok

09:23:50.0004 4636 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys

09:23:50.0004 4636 C:\Windows\System32\drivers\ksthunk.sys - ok

09:23:50.0011 4636 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe

09:23:50.0011 4636 C:\Windows\System32\autochk.exe - ok

09:23:50.0020 4636 [ 2BFD300BE9C24D167092DF0B34C3EE88 ] C:\PROGRA~2\AVG\AVG2013\avgrsa.exe

09:23:50.0020 4636 C:\PROGRA~2\AVG\AVG2013\avgrsa.exe - ok

09:23:50.0027 4636 [ B988968C8E5A6832CDDF05A74601CF7C ] C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll

09:23:50.0027 4636 C:\Program Files (x86)\AVG\AVG2013\avgntopenssla.dll - ok

09:23:50.0036 4636 [ 3D084E8CE612C0CD86CDE2A34B65178A ] C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll

09:23:50.0036 4636 C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll - ok

09:23:50.0043 4636 [ 323336FB1DA273A0715844BC695951A0 ] C:\Program Files (x86)\AVG\AVG2013\avgloga.dll

09:23:50.0043 4636 C:\Program Files (x86)\AVG\AVG2013\avgloga.dll - ok

09:23:50.0052 4636 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys

09:23:50.0052 4636 C:\Windows\System32\drivers\usbccgp.sys - ok

09:23:50.0059 4636 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys

09:23:50.0059 4636 C:\Windows\System32\drivers\usbvideo.sys - ok

09:23:50.0067 4636 [ 663962900E7FEA522126BA287715BB4A ] C:\Windows\System32\drivers\PGEffect.sys

09:23:50.0067 4636 C:\Windows\System32\drivers\PGEffect.sys - ok

09:23:50.0074 4636 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] C:\Windows\System32\drivers\usbscan.sys

09:23:50.0074 4636 C:\Windows\System32\drivers\usbscan.sys - ok

09:23:50.0083 4636 [ 73188F58FB384E75C4063D29413CEE3D ] C:\Windows\System32\drivers\usbprint.sys

09:23:50.0083 4636 C:\Windows\System32\drivers\usbprint.sys - ok

09:23:50.0090 4636 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys

09:23:50.0090 4636 C:\Windows\System32\drivers\hidclass.sys - ok

09:23:50.0097 4636 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys

09:23:50.0097 4636 C:\Windows\System32\drivers\hidparse.sys - ok

09:23:50.0103 4636 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys

09:23:50.0103 4636 C:\Windows\System32\drivers\hidusb.sys - ok

09:23:50.0110 4636 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys

09:23:50.0110 4636 C:\Windows\System32\drivers\mouhid.sys - ok

09:23:50.0119 4636 [ 10BC927A9035AA6B244706D9C1641F16 ] C:\PROGRA~2\AVG\AVG2013\avgchjwa.dll

09:23:50.0119 4636 C:\PROGRA~2\AVG\AVG2013\avgchjwa.dll - ok

09:23:50.0126 4636 [ 55DED6BDA026AEBEAB1FDA6E32D9F5B5 ] C:\PROGRA~2\AVG\AVG2013\avgclita.dll

09:23:50.0126 4636 C:\PROGRA~2\AVG\AVG2013\avgclita.dll - ok

09:23:50.0137 4636 [ 4B969AA85CDE4FB9FBCA5F99A66C507B ] C:\PROGRA~2\AVG\AVG2013\avgcclia.dll

09:23:50.0137 4636 C:\PROGRA~2\AVG\AVG2013\avgcclia.dll - ok

09:23:50.0144 4636 [ 2B6E0DA1EC603AD25325BA8AFBA30114 ] C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe

09:23:50.0144 4636 C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe - ok

09:23:50.0153 4636 [ 7D0A2502B733C848BC6B8E5D0054AD22 ] C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll

09:23:50.0153 4636 C:\Program Files (x86)\AVG\AVG2013\avgcorea.dll - ok

09:23:50.0160 4636 [ 766E937C55AF6580ACF7CDBB25096FED ] C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll

09:23:50.0160 4636 C:\Program Files (x86)\AVG\AVG2013\avgcerta.dll - ok

09:23:50.0168 4636 [ 84A4EE57462C8483AAE3F1DF2D82F4ED ] C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll

09:23:50.0168 4636 C:\Program Files (x86)\AVG\AVG2013\avgchcla.dll - ok

09:23:50.0175 4636 [ 94F3CB15584B015CD8FDB3FDBAD8DC98 ] C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll

09:23:50.0176 4636 C:\Program Files (x86)\AVG\AVG2013\avgcomma.dll - ok

09:23:50.0184 4636 [ 9A94644E2A9890FC9A7EE961057FFBA1 ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll

09:23:50.0184 4636 C:\Program Files (x86)\AVG\AVG2013\avgntsqlitea.dll - ok

09:23:50.0191 4636 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll

09:23:50.0191 4636 C:\Windows\System32\shlwapi.dll - ok

09:23:50.0198 4636 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll

09:23:50.0198 4636 C:\Windows\System32\msvcrt.dll - ok

09:23:50.0207 4636 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll

09:23:50.0207 4636 C:\Windows\System32\msctf.dll - ok

09:23:50.0214 4636 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll

09:23:50.0214 4636 C:\Windows\System32\rpcrt4.dll - ok

09:23:50.0222 4636 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll

09:23:50.0222 4636 C:\Windows\System32\difxapi.dll - ok

09:23:50.0229 4636 [ 1BDF694C5BA91A1576DA907DA3077EF8 ] C:\Windows\System32\iertutil.dll

09:23:50.0229 4636 C:\Windows\System32\iertutil.dll - ok

09:23:50.0238 4636 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll

09:23:50.0238 4636 C:\Windows\System32\nsi.dll - ok

09:23:50.0245 4636 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll

09:23:50.0245 4636 C:\Windows\System32\sechost.dll - ok

09:23:50.0254 4636 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll

09:23:50.0254 4636 C:\Windows\System32\setupapi.dll - ok

09:23:50.0262 4636 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll

09:23:50.0262 4636 C:\Windows\System32\psapi.dll - ok

09:23:50.0271 4636 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll

09:23:50.0271 4636 C:\Windows\System32\clbcatq.dll - ok

09:23:50.0278 4636 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll

09:23:50.0278 4636 C:\Windows\System32\comdlg32.dll - ok

09:23:50.0287 4636 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll

09:23:50.0287 4636 C:\Windows\System32\normaliz.dll - ok

09:23:50.0294 4636 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll

09:23:50.0294 4636 C:\Windows\System32\ole32.dll - ok

09:23:50.0302 4636 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll

09:23:50.0302 4636 C:\Windows\System32\user32.dll - ok

09:23:50.0309 4636 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll

09:23:50.0309 4636 C:\Windows\System32\ws2_32.dll - ok

09:23:50.0316 4636 [ 12716D987D475B051F35895659159705 ] C:\Windows\System32\wininet.dll

09:23:50.0316 4636 C:\Windows\System32\wininet.dll - ok

09:23:50.0325 4636 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll

09:23:50.0325 4636 C:\Windows\System32\oleaut32.dll - ok

09:23:50.0332 4636 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll

09:23:50.0332 4636 C:\Windows\System32\Wldap32.dll - ok

09:23:50.0340 4636 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll

09:23:50.0340 4636 C:\Windows\System32\gdi32.dll - ok

09:23:50.0347 4636 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll

09:23:50.0347 4636 C:\Windows\System32\imm32.dll - ok

09:23:50.0353 4636 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll

09:23:50.0353 4636 C:\Windows\System32\lpk.dll - ok

09:23:50.0360 4636 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll

09:23:50.0360 4636 C:\Windows\System32\advapi32.dll - ok

09:23:50.0369 4636 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll

09:23:50.0369 4636 C:\Windows\System32\imagehlp.dll - ok

09:23:50.0376 4636 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll

09:23:50.0376 4636 C:\Windows\System32\usp10.dll - ok

09:23:50.0383 4636 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll

09:23:50.0405 4636 C:\Windows\System32\kernel32.dll - ok

09:23:50.0409 4636 [ 1BFC94665BCA35F9001ADC7BFB167C63 ] C:\Windows\System32\shell32.dll

09:23:50.0409 4636 C:\Windows\System32\shell32.dll - ok

09:23:50.0416 4636 [ C9152A497D0CA33CE9D729F1179DDB01 ] C:\Windows\System32\urlmon.dll

09:23:50.0416 4636 C:\Windows\System32\urlmon.dll - ok

09:23:50.0425 4636 [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

09:23:50.0425 4636 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok

09:23:50.0432 4636 [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

09:23:50.0432 4636 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok

09:23:50.0441 4636 [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

09:23:50.0441 4636 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok

09:23:50.0448 4636 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll

09:23:50.0448 4636 C:\Windows\System32\cfgmgr32.dll - ok

09:23:50.0456 4636 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll

09:23:50.0456 4636 C:\Windows\System32\devobj.dll - ok

09:23:50.0463 4636 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll

09:23:50.0463 4636 C:\Windows\System32\wintrust.dll - ok

09:23:50.0473 4636 [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

09:23:50.0474 4636 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok

09:23:50.0481 4636 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll

09:23:50.0481 4636 C:\Windows\System32\comctl32.dll - ok

09:23:50.0490 4636 [ A96D5ECA5742603E0E345C4F6B801F5E ] C:\Windows\System32\crypt32.dll

09:23:50.0490 4636 C:\Windows\System32\crypt32.dll - ok

09:23:50.0497 4636 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll

09:23:50.0497 4636 C:\Windows\System32\KernelBase.dll - ok

09:23:50.0506 4636 [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

09:23:50.0506 4636 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok

09:23:50.0513 4636 [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

09:23:50.0513 4636 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok

09:23:50.0522 4636 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll

09:23:50.0522 4636 C:\Windows\System32\msasn1.dll - ok

09:23:50.0529 4636 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll

09:23:50.0529 4636 C:\Windows\SysWOW64\normaliz.dll - ok

09:23:50.0536 4636 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys

09:23:50.0536 4636 C:\Windows\System32\drivers\dxapi.sys - ok

09:23:50.0544 4636 [ A11523523B31086DD760C0189C763359 ] C:\Windows\System32\win32k.sys

09:23:50.0544 4636 C:\Windows\System32\win32k.sys - ok

09:23:50.0551 4636 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll

09:23:50.0551 4636 C:\Windows\System32\basesrv.dll - ok

09:23:50.0560 4636 [ CEC1EDF4022DC4DCA40384DCEC672B0E ] C:\Windows\System32\csrsrv.dll

09:23:50.0560 4636 C:\Windows\System32\csrsrv.dll - ok

09:23:50.0567 4636 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe

09:23:50.0567 4636 C:\Windows\System32\csrss.exe - ok

09:23:50.0576 4636 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll

09:23:50.0576 4636 C:\Windows\System32\winsrv.dll - ok

09:23:50.0583 4636 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys

09:23:50.0583 4636 C:\Windows\System32\drivers\monitor.sys - ok

09:23:50.0591 4636 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll

09:23:50.0592 4636 C:\Windows\System32\tsddd.dll - ok

09:23:50.0598 4636 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll

09:23:50.0598 4636 C:\Windows\System32\sxssrv.dll - ok

09:23:50.0603 4636 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe

09:23:50.0603 4636 C:\Windows\System32\wininit.exe - ok

09:23:50.0613 4636 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll

09:23:50.0613 4636 C:\Windows\System32\profapi.dll - ok

09:23:50.0620 4636 [ 1A83FACA2135AF076E8EA73A30B3B26C ] C:\Windows\System32\KBDUK.DLL

09:23:50.0620 4636 C:\Windows\System32\KBDUK.DLL - ok

09:23:50.0629 4636 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll

09:23:50.0629 4636 C:\Windows\System32\RpcRtRemote.dll - ok

09:23:50.0636 4636 [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll

09:23:50.0636 4636 C:\Windows\System32\cdd.dll - ok

09:23:50.0645 4636 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll

09:23:50.0645 4636 C:\Windows\System32\sxs.dll - ok

09:23:50.0652 4636 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll

09:23:50.0652 4636 C:\Windows\System32\WlS0WndH.dll - ok

09:23:50.0660 4636 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll

09:23:50.0660 4636 C:\Windows\System32\cryptbase.dll - ok

09:23:50.0667 4636 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll

09:23:50.0667 4636 C:\Windows\System32\apphelp.dll - ok

09:23:50.0676 4636 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe

09:23:50.0676 4636 C:\Windows\System32\lsass.exe - ok

09:23:50.0683 4636 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll

09:23:50.0683 4636 C:\Windows\System32\lsasrv.dll - ok

09:23:50.0691 4636 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll

09:23:50.0691 4636 C:\Windows\System32\samsrv.dll - ok

09:23:50.0698 4636 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll

09:23:50.0698 4636 C:\Windows\System32\sspicli.dll - ok

09:23:50.0707 4636 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll

09:23:50.0707 4636 C:\Windows\System32\sspisrv.dll - ok

09:23:50.0714 4636 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll

09:23:50.0714 4636 C:\Windows\System32\cryptdll.dll - ok

09:23:50.0724 4636 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll

09:23:50.0724 4636 C:\Windows\System32\wevtapi.dll - ok

09:23:50.0731 4636 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll

09:23:50.0731 4636 C:\Windows\System32\authz.dll - ok

09:23:50.0738 4636 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll

09:23:50.0738 4636 C:\Windows\System32\bcrypt.dll - ok

09:23:50.0747 4636 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll

09:23:50.0747 4636 C:\Windows\System32\cngaudit.dll - ok

09:23:50.0754 4636 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll

09:23:50.0754 4636 C:\Windows\System32\ncrypt.dll - ok

09:23:50.0762 4636 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe

09:23:50.0762 4636 C:\Windows\System32\services.exe - ok

09:23:50.0769 4636 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll

09:23:50.0770 4636 C:\Windows\System32\scesrv.dll - ok

09:23:50.0778 4636 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll

09:23:50.0778 4636 C:\Windows\System32\scext.dll - ok

09:23:50.0785 4636 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll

09:23:50.0785 4636 C:\Windows\System32\secur32.dll - ok

09:23:50.0794 4636 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll

09:23:50.0794 4636 C:\Windows\System32\srvcli.dll - ok

09:23:50.0800 4636 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe

09:23:50.0801 4636 C:\Windows\System32\lsm.exe - ok

09:23:50.0809 4636 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll

09:23:50.0809 4636 C:\Windows\System32\msprivs.dll - ok

09:23:50.0816 4636 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll

09:23:50.0816 4636 C:\Windows\System32\sysntfy.dll - ok

09:23:50.0825 4636 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll

09:23:50.0825 4636 C:\Windows\System32\wmsgapi.dll - ok

09:23:50.0834 4636 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll

09:23:50.0834 4636 C:\Windows\System32\cryptsp.dll - ok

09:23:50.0843 4636 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll

09:23:50.0844 4636 C:\Windows\System32\kerberos.dll - ok

09:23:50.0851 4636 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll

09:23:50.0851 4636 C:\Windows\System32\negoexts.dll - ok

09:23:50.0855 4636 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll

09:23:50.0855 4636 C:\Windows\System32\netjoin.dll - ok

09:23:50.0864 4636 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll

09:23:50.0864 4636 C:\Windows\System32\dnsapi.dll - ok

09:23:50.0871 4636 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll

09:23:50.0871 4636 C:\Windows\System32\logoncli.dll - ok

09:23:50.0879 4636 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll

09:23:50.0879 4636 C:\Windows\System32\msv1_0.dll - ok

09:23:50.0886 4636 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll

09:23:50.0886 4636 C:\Windows\System32\mswsock.dll - ok

09:23:50.0895 4636 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll

09:23:50.0895 4636 C:\Windows\System32\netlogon.dll - ok

09:23:50.0901 4636 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll

09:23:50.0902 4636 C:\Windows\System32\wship6.dll - ok

09:23:50.0910 4636 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll

09:23:50.0910 4636 C:\Windows\System32\rsaenh.dll - ok

09:23:50.0917 4636 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll

09:23:50.0917 4636 C:\Windows\System32\schannel.dll - ok

09:23:50.0924 4636 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll

09:23:50.0924 4636 C:\Windows\System32\wdigest.dll - ok

09:23:50.0932 4636 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll

09:23:50.0932 4636 C:\Windows\System32\pku2u.dll - ok

09:23:50.0939 4636 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll

09:23:50.0939 4636 C:\Windows\System32\TSpkg.dll - ok

09:23:50.0948 4636 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL

09:23:50.0948 4636 C:\Windows\System32\LIVESSP.DLL - ok

09:23:50.0955 4636 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll

09:23:50.0955 4636 C:\Windows\System32\bcryptprimitives.dll - ok

09:23:50.0966 4636 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll

09:23:50.0966 4636 C:\Windows\System32\credssp.dll - ok

09:23:50.0972 4636 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll

09:23:50.0973 4636 C:\Windows\System32\efslsaext.dll - ok

09:23:50.0982 4636 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll

09:23:50.0982 4636 C:\Windows\System32\ubpm.dll - ok

09:23:50.0989 4636 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll

09:23:50.0989 4636 C:\Windows\System32\winsta.dll - ok

09:23:50.0997 4636 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll

09:23:50.0997 4636 C:\Windows\System32\scecli.dll - ok

09:23:51.0004 4636 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll

09:23:51.0004 4636 C:\Windows\System32\SPInf.dll - ok

09:23:51.0013 4636 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe

09:23:51.0013 4636 C:\Windows\System32\svchost.exe - ok

09:23:51.0020 4636 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll

09:23:51.0020 4636 C:\Windows\System32\umpnpmgr.dll - ok

09:23:51.0028 4636 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll

09:23:51.0028 4636 C:\Windows\System32\devrtl.dll - ok

09:23:51.0035 4636 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll

09:23:51.0035 4636 C:\Windows\System32\gpapi.dll - ok

09:23:51.0044 4636 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll

09:23:51.0044 4636 C:\Windows\System32\userenv.dll - ok

09:23:51.0051 4636 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll

09:23:51.0051 4636 C:\Windows\System32\pcwum.dll - ok

09:23:51.0057 4636 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll

09:23:51.0057 4636 C:\Windows\System32\umpo.dll - ok

09:23:51.0068 4636 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll

09:23:51.0068 4636 C:\Windows\System32\powrprof.dll - ok

09:23:51.0075 4636 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys

09:23:51.0075 4636 C:\Windows\System32\drivers\luafv.sys - ok

09:23:51.0084 4636 [ 8F571F016FA1976F445147E9E6C8AE9B ] C:\Windows\System32\drivers\Sftvollh.sys

09:23:51.0084 4636 C:\Windows\System32\drivers\Sftvollh.sys - ok

09:23:51.0091 4636 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys

09:23:51.0091 4636 C:\Windows\System32\drivers\WUDFPf.sys - ok

09:23:51.0100 4636 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll

09:23:51.0100 4636 C:\Windows\System32\rpcss.dll - ok

09:23:51.0104 4636 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll

09:23:51.0104 4636 C:\Windows\System32\RpcEpMap.dll - ok

09:23:51.0112 4636 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll

09:23:51.0112 4636 C:\Windows\System32\wshqos.dll - ok

09:23:51.0120 4636 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL

09:23:51.0120 4636 C:\Windows\System32\WSHTCPIP.DLL - ok

09:23:51.0128 4636 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe

09:23:51.0128 4636 C:\Windows\System32\winlogon.exe - ok

09:23:51.0135 4636 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll

09:23:51.0135 4636 C:\Windows\System32\FirewallAPI.dll - ok

09:23:51.0142 4636 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll

09:23:51.0142 4636 C:\Windows\System32\version.dll - ok

09:23:51.0151 4636 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll

09:23:51.0151 4636 C:\Windows\System32\wevtsvc.dll - ok

09:23:51.0158 4636 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll

09:23:51.0158 4636 C:\Windows\System32\audiosrv.dll - ok

09:23:51.0166 4636 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll

09:23:51.0166 4636 C:\Windows\System32\MMDevAPI.dll - ok

09:23:51.0173 4636 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll

09:23:51.0173 4636 C:\Windows\System32\propsys.dll - ok

09:23:51.0182 4636 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll

09:23:51.0182 4636 C:\Windows\System32\adtschema.dll - ok

09:23:51.0190 4636 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll

09:23:51.0190 4636 C:\Windows\System32\avrt.dll - ok

09:23:51.0200 4636 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll

09:23:51.0200 4636 C:\Windows\System32\netprofm.dll - ok

09:23:51.0207 4636 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe

09:23:51.0207 4636 C:\Windows\System32\LogonUI.exe - ok

09:23:51.0215 4636 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll

09:23:51.0215 4636 C:\Windows\System32\wlansvc.dll - ok

09:23:51.0222 4636 [ 3EF480BFED1B5947A32585E30A58D4ED ] C:\Windows\System32\authui.dll

09:23:51.0222 4636 C:\Windows\System32\authui.dll - ok

09:23:51.0230 4636 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll

09:23:51.0230 4636 C:\Windows\System32\cryptui.dll - ok

09:23:51.0238 4636 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll

09:23:51.0238 4636 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok

09:23:51.0247 4636 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll

09:23:51.0247 4636 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok

09:23:51.0254 4636 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys

09:23:51.0254 4636 C:\Windows\System32\drivers\fltMgr.sys - ok

09:23:51.0261 4636 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll

09:23:51.0261 4636 C:\Windows\System32\samlib.dll - ok

09:23:51.0270 4636 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll

09:23:51.0270 4636 C:\Windows\System32\shacct.dll - ok

09:23:51.0277 4636 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll

09:23:51.0277 4636 C:\Windows\System32\FntCache.dll - ok

09:23:51.0286 4636 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL

09:23:51.0286 4636 C:\Windows\System32\PSHED.DLL - ok

09:23:51.0293 4636 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll

09:23:51.0293 4636 C:\Windows\System32\uxtheme.dll - ok

09:23:51.0301 4636 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll

09:23:51.0301 4636 C:\Windows\System32\dui70.dll - ok

09:23:51.0308 4636 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll

09:23:51.0308 4636 C:\Windows\System32\mmcss.dll - ok

09:23:51.0317 4636 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll

09:23:51.0317 4636 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok

09:23:51.0324 4636 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll

09:23:51.0324 4636 C:\Windows\System32\duser.dll - ok

09:23:51.0332 4636 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll

09:23:51.0332 4636 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok

09:23:51.0339 4636 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll

09:23:51.0339 4636 C:\Windows\System32\SndVolSSO.dll - ok

09:23:51.0348 4636 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll

09:23:51.0348 4636 C:\Windows\System32\dwmapi.dll - ok

09:23:51.0356 4636 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll

09:23:51.0356 4636 C:\Windows\System32\hid.dll - ok

09:23:51.0366 4636 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll

09:23:51.0366 4636 C:\Windows\System32\xmllite.dll - ok

09:23:51.0374 4636 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe

09:23:51.0374 4636 C:\Windows\System32\audiodg.exe - ok

09:23:51.0382 4636 [ 3D7BB6DD7A87B3E36E44CA94444247A8 ] C:\Windows\System32\WindowsCodecs.dll

09:23:51.0382 4636 C:\Windows\System32\WindowsCodecs.dll - ok

09:23:51.0391 4636 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll

09:23:51.0391 4636 C:\Windows\System32\ntmarta.dll - ok

09:23:51.0398 4636 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll

09:23:51.0398 4636 C:\Windows\System32\gpsvc.dll - ok

09:23:51.0404 4636 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv

09:23:51.0404 4636 C:\Windows\System32\wdmaud.drv - ok

09:23:51.0411 4636 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll

09:23:51.0411 4636 C:\Windows\System32\winbrand.dll - ok

09:23:51.0418 4636 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll

09:23:51.0418 4636 C:\Windows\System32\winmm.dll - ok

09:23:51.0424 4636 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll

09:23:51.0424 4636 C:\Windows\System32\ksuser.dll - ok

09:23:51.0432 4636 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll

09:23:51.0432 4636 C:\Windows\System32\SmartcardCredentialProvider.dll - ok

09:23:51.0437 4636 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll

09:23:51.0438 4636 C:\Windows\System32\VaultCredProvider.dll - ok

09:23:51.0444 4636 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll

09:23:51.0444 4636 C:\Windows\System32\wtsapi32.dll - ok

09:23:51.0450 4636 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll

09:23:51.0451 4636 C:\Windows\System32\BioCredProv.dll - ok

09:23:51.0457 4636 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll

09:23:51.0457 4636 C:\Windows\System32\nlaapi.dll - ok

09:23:51.0463 4636 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll

09:23:51.0463 4636 C:\Windows\System32\winbio.dll - ok

09:23:51.0470 4636 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll

09:23:51.0470 4636 C:\Windows\System32\credui.dll - ok

09:23:51.0476 4636 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll

09:23:51.0476 4636 C:\Windows\System32\netapi32.dll - ok

09:23:51.0484 4636 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll

09:23:51.0484 4636 C:\Windows\System32\netutils.dll - ok

09:23:51.0489 4636 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll

09:23:51.0489 4636 C:\Windows\System32\samcli.dll - ok

09:23:51.0496 4636 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll

09:23:51.0496 4636 C:\Windows\System32\vaultcli.dll - ok

09:23:51.0502 4636 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll

09:23:51.0502 4636 C:\Windows\System32\wkscli.dll - ok

09:23:51.0509 4636 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll

09:23:51.0509 4636 C:\Windows\System32\profsvc.dll - ok

09:23:51.0516 4636 [ A5FE3B758D54C108664B1BBFA07833A3 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll

09:23:51.0516 4636 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll - ok

09:23:51.0522 4636 [ 84D6ECEAEA78C64EF280F62CBA9BCA09 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll

09:23:51.0522 4636 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll - ok

09:23:51.0528 4636 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll

09:23:51.0528 4636 C:\Windows\System32\atl.dll - ok

09:23:51.0535 4636 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll

09:23:51.0535 4636 C:\Windows\System32\themeservice.dll - ok

09:23:51.0542 4636 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll

09:23:51.0542 4636 C:\Windows\System32\dsrole.dll - ok

09:23:51.0548 4636 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll

09:23:51.0548 4636 C:\Windows\System32\es.dll - ok

09:23:51.0555 4636 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll

09:23:51.0555 4636 C:\Windows\System32\slc.dll - ok

09:23:51.0562 4636 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll

09:23:51.0562 4636 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok

09:23:51.0569 4636 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll

09:23:51.0569 4636 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok

09:23:51.0576 4636 [ 2A9238A326763122424E07EF320D5D3A ] C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll

09:23:51.0576 4636 C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll - ok

09:23:51.0582 4636 [ 9AE75388EE2C110216B8319584E8AC34 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll

09:23:51.0582 4636 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll - ok

09:23:51.0589 4636 [ 91175B7E997CFAC64F271A15B4217BC7 ] C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll

09:23:51.0589 4636 C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll - ok

09:23:51.0595 4636 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll

09:23:51.0595 4636 C:\Windows\System32\Sens.dll - ok

09:23:51.0604 4636 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll

09:23:51.0604 4636 C:\Windows\System32\comres.dll - ok

09:23:51.0608 4636 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll

09:23:51.0608 4636 C:\Windows\System32\uxsms.dll - ok

09:23:51.0612 4636 [ C79EBD253B2E6D32F63FAEF314371443 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll

09:23:51.0612 4636 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll - ok

09:23:51.0619 4636 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll

09:23:51.0619 4636 C:\Windows\System32\WUDFPlatform.dll - ok

09:23:51.0626 4636 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll

09:23:51.0626 4636 C:\Windows\System32\WUDFSvc.dll - ok

09:23:51.0632 4636 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll

09:23:51.0632 4636 C:\Windows\System32\AudioSes.dll - ok

09:23:51.0639 4636 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll

09:23:51.0639 4636 C:\Windows\System32\certCredProvider.dll - ok

09:23:51.0645 4636 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL

09:23:51.0646 4636 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok

09:23:51.0653 4636 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys

09:23:51.0653 4636 C:\Windows\System32\drivers\lltdio.sys - ok

09:23:51.0659 4636 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys

09:23:51.0659 4636 C:\Windows\System32\drivers\nwifi.sys - ok

09:23:51.0666 4636 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys

09:23:51.0666 4636 C:\Windows\System32\drivers\ndisuio.sys - ok

09:23:51.0672 4636 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys

09:23:51.0672 4636 C:\Windows\System32\drivers\rspndr.sys - ok

09:23:51.0679 4636 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll

09:23:51.0679 4636 C:\Windows\System32\rasapi32.dll - ok

09:23:51.0688 4636 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll

09:23:51.0688 4636 C:\Windows\System32\rasman.dll - ok

09:23:51.0692 4636 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll

09:23:51.0692 4636 C:\Windows\System32\rasplap.dll - ok

09:23:51.0698 4636 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll

09:23:51.0698 4636 C:\Windows\System32\rtutils.dll - ok

09:23:51.0705 4636 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll

09:23:51.0705 4636 C:\Windows\System32\UXInit.dll - ok

09:23:51.0711 4636 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL

09:23:51.0711 4636 C:\Windows\System32\IPHLPAPI.DLL - ok

09:23:51.0718 4636 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll

09:23:51.0718 4636 C:\Windows\System32\lmhsvc.dll - ok

09:23:51.0722 4636 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv

09:23:51.0722 4636 C:\Windows\System32\msacm32.drv - ok

09:23:51.0728 4636 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll

09:23:51.0728 4636 C:\Windows\System32\midimap.dll - ok

09:23:51.0735 4636 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll

09:23:51.0735 4636 C:\Windows\System32\msacm32.dll - ok

09:23:51.0742 4636 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll

09:23:51.0742 4636 C:\Windows\System32\nrpsrv.dll - ok

09:23:51.0748 4636 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll

09:23:51.0748 4636 C:\Windows\System32\nsisvc.dll - ok

09:23:51.0755 4636 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll

09:23:51.0755 4636 C:\Windows\System32\winnsi.dll - ok

09:23:51.0761 4636 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll

09:23:51.0761 4636 C:\Windows\System32\dhcpcore.dll - ok

09:23:51.0769 4636 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll

09:23:51.0769 4636 C:\Windows\System32\keyiso.dll - ok

09:23:51.0774 4636 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll

09:23:51.0774 4636 C:\Windows\System32\dhcpcore6.dll - ok

09:23:51.0786 4636 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll

09:23:51.0786 4636 C:\Windows\System32\AudioEng.dll - ok

09:23:51.0790 4636 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll

09:23:51.0790 4636 C:\Windows\System32\AUDIOKSE.dll - ok

09:23:51.0796 4636 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll

09:23:51.0796 4636 C:\Windows\System32\dnsrslvr.dll - ok

09:23:51.0803 4636 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll

09:23:51.0803 4636 C:\Windows\System32\eapsvc.dll - ok

09:23:51.0809 4636 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll

09:23:51.0809 4636 C:\Windows\System32\eapphost.dll - ok

09:23:51.0815 4636 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL

09:23:51.0815 4636 C:\Windows\System32\FWPUCLNT.DLL - ok

09:23:51.0822 4636 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll

09:23:51.0822 4636 C:\Windows\System32\dnsext.dll - ok

09:23:51.0828 4636 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll

09:23:51.0828 4636 C:\Windows\System32\dhcpcsvc.dll - ok

09:23:51.0834 4636 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll

09:23:51.0834 4636 C:\Windows\System32\umb.dll - ok

09:23:51.0841 4636 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll

09:23:51.0841 4636 C:\Windows\System32\dhcpcsvc6.dll - ok

09:23:51.0847 4636 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll

09:23:51.0847 4636 C:\Windows\System32\eappprxy.dll - ok

09:23:51.0854 4636 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll

09:23:51.0854 4636 C:\Windows\System32\onex.dll - ok

09:23:51.0862 4636 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll

09:23:51.0862 4636 C:\Windows\System32\wlanmsm.dll - ok

09:23:51.0865 4636 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll

09:23:51.0866 4636 C:\Windows\System32\wlansec.dll - ok

09:23:51.0872 4636 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll

09:23:51.0872 4636 C:\Windows\System32\eappcfg.dll - ok

09:23:51.0879 4636 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll

09:23:51.0879 4636 C:\Windows\System32\l2gpstore.dll - ok

09:23:51.0885 4636 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll

09:23:51.0885 4636 C:\Windows\System32\wlgpclnt.dll - ok

09:23:51.0892 4636 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll

09:23:51.0892 4636 C:\Windows\System32\WinSCard.dll - ok

09:23:51.0898 4636 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll

09:23:51.0898 4636 C:\Windows\System32\wlanutil.dll - ok

09:23:51.0905 4636 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll

09:23:51.0905 4636 C:\Windows\System32\imageres.dll - ok

09:23:51.0912 4636 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll

09:23:51.0912 4636 C:\Windows\System32\msxml6.dll - ok

09:23:51.0918 4636 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll

09:23:51.0918 4636 C:\Windows\System32\shsvcs.dll - ok

09:23:51.0925 4636 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll

09:23:51.0925 4636 C:\Windows\System32\schedsvc.dll - ok

09:23:51.0931 4636 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll

09:23:51.0931 4636 C:\Windows\System32\ktmw32.dll - ok

09:23:51.0938 4636 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll

09:23:51.0938 4636 C:\Windows\System32\fveapi.dll - ok

09:23:51.0944 4636 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll

09:23:51.0944 4636 C:\Windows\System32\tbs.dll - ok

09:23:51.0950 4636 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll

09:23:51.0950 4636 C:\Windows\System32\fvecerts.dll - ok

09:23:51.0957 4636 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll

09:23:51.0957 4636 C:\Windows\System32\taskcomp.dll - ok

09:23:51.0963 4636 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll

09:23:51.0963 4636 C:\Windows\System32\wiarpc.dll - ok

09:23:51.0969 4636 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys

09:23:51.0970 4636 C:\Windows\System32\drivers\http.sys - ok

09:23:51.0976 4636 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe

09:23:51.0976 4636 C:\Windows\System32\spoolsv.exe - ok

09:23:51.0983 4636 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys

09:23:51.0983 4636 C:\Windows\System32\drivers\srvnet.sys - ok

09:23:51.0990 4636 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL

09:23:51.0990 4636 C:\Windows\System32\BFE.DLL - ok

09:23:51.0996 4636 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys

09:23:51.0996 4636 C:\Windows\System32\drivers\bowser.sys - ok

09:23:52.0002 4636 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys

09:23:52.0002 4636 C:\Windows\System32\drivers\mrxsmb.sys - ok

09:23:52.0009 4636 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys

09:23:52.0009 4636 C:\Windows\System32\drivers\mrxsmb10.sys - ok

09:23:52.0015 4636 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys

09:23:52.0016 4636 C:\Windows\System32\drivers\mrxsmb20.sys - ok

09:23:52.0022 4636 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys

09:23:52.0022 4636 C:\Windows\System32\drivers\srv2.sys - ok

09:23:52.0029 4636 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys

09:23:52.0029 4636 C:\Windows\System32\drivers\srv.sys - ok

09:23:52.0035 4636 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll

09:23:52.0035 4636 C:\Windows\System32\wkssvc.dll - ok

09:23:52.0042 4636 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll

09:23:52.0042 4636 C:\Windows\System32\browser.dll - ok

09:23:52.0048 4636 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll

09:23:52.0048 4636 C:\Windows\System32\srvsvc.dll - ok

09:23:52.0054 4636 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll

09:23:52.0054 4636 C:\Windows\System32\clusapi.dll - ok

09:23:52.0061 4636 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll

09:23:52.0061 4636 C:\Windows\System32\netmsg.dll - ok

09:23:52.0067 4636 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll

09:23:52.0067 4636 C:\Windows\System32\resutils.dll - ok

09:23:52.0074 4636 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll

09:23:52.0074 4636 C:\Windows\System32\sscore.dll - ok

09:23:52.0080 4636 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll

09:23:52.0080 4636 C:\Windows\System32\netcfgx.dll - ok

09:23:52.0086 4636 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv

09:23:52.0087 4636 C:\Windows\System32\winspool.drv - ok

09:23:52.0094 4636 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

09:23:52.0094 4636 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok

09:23:52.0101 4636 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll

09:23:52.0101 4636 C:\Windows\System32\rasadhlp.dll - ok

09:23:52.0107 4636 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll

09:23:52.0107 4636 C:\Windows\System32\localspl.dll - ok

09:23:52.0114 4636 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll

09:23:52.0114 4636 C:\Windows\System32\spoolss.dll - ok

09:23:52.0118 4636 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll

09:23:52.0118 4636 C:\Windows\System32\PrintIsolationProxy.dll - ok

09:23:52.0125 4636 [ 93B9E4D0B7BD601372C5B50FE0381533 ] C:\Windows\System32\CNMLMAR.DLL

09:23:52.0125 4636 C:\Windows\System32\CNMLMAR.DLL - ok

09:23:52.0131 4636 [ FEA3C4BA2C108106EFDE6D4BD55D05C3 ] C:\Windows\System32\CNMN6PPM.DLL

09:23:52.0131 4636 C:\Windows\System32\CNMN6PPM.DLL - ok

09:23:52.0137 4636 [ F7DF86CD53472868631F3EF1CC231CA2 ] C:\Windows\System32\EKIJ5000MON.dll

09:23:52.0137 4636 C:\Windows\System32\EKIJ5000MON.dll - ok

09:23:52.0144 4636 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll

09:23:52.0144 4636 C:\Windows\System32\FXSMON.dll - ok

09:23:52.0150 4636 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll

09:23:52.0150 4636 C:\Windows\System32\snmpapi.dll - ok

09:23:52.0157 4636 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll

09:23:52.0157 4636 C:\Windows\System32\tcpmon.dll - ok

09:23:52.0163 4636 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll

09:23:52.0163 4636 C:\Windows\System32\usbmon.dll - ok

09:23:52.0169 4636 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll

09:23:52.0169 4636 C:\Windows\System32\wsnmp32.dll - ok

09:23:52.0176 4636 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll

09:23:52.0176 4636 C:\Windows\System32\webservices.dll - ok

09:23:52.0183 4636 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll

09:23:52.0183 4636 C:\Windows\System32\WSDApi.dll - ok

09:23:52.0191 4636 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll

09:23:52.0191 4636 C:\Windows\System32\WSDMon.dll - ok

09:23:52.0195 4636 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll

09:23:52.0195 4636 C:\Windows\System32\fdProxy.dll - ok

09:23:52.0202 4636 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll

09:23:52.0202 4636 C:\Windows\System32\fundisc.dll - ok

09:23:52.0209 4636 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll

09:23:52.0209 4636 C:\Windows\System32\fdPnp.dll - ok

09:23:52.0215 4636 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll

09:23:52.0215 4636 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok

09:23:52.0221 4636 [ 474E7750C4ACDC5CBEDF9923A56E977B ] C:\Windows\System32\spool\prtprocs\x64\CNMPDAR.DLL

09:23:52.0221 4636 C:\Windows\System32\spool\prtprocs\x64\CNMPDAR.DLL - ok

09:23:52.0228 4636 [ B53FD8C8292427AF5E9286B8FF54147D ] C:\Windows\System32\spool\prtprocs\x64\EKIJ5000PPR.dll

09:23:52.0228 4636 C:\Windows\System32\spool\prtprocs\x64\EKIJ5000PPR.dll - ok

09:23:52.0235 4636 [ 67CF11E00D026A5C0C88EA5F84D501E5 ] C:\Windows\System32\win32spl.dll

09:23:52.0235 4636 C:\Windows\System32\win32spl.dll - ok

09:23:52.0241 4636 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll

09:23:52.0242 4636 C:\Windows\System32\inetpp.dll - ok

09:23:52.0248 4636 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll

09:23:52.0248 4636 C:\Windows\System32\cscapi.dll - ok

09:23:52.0254 4636 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe

09:23:52.0254 4636 C:\Windows\System32\dllhost.exe - ok

09:23:52.0261 4636 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll

09:23:52.0261 4636 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok

09:23:52.0267 4636 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll

09:23:52.0268 4636 C:\Windows\System32\IDStore.dll - ok

09:23:52.0274 4636 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe

09:23:52.0274 4636 C:\Windows\System32\taskhost.exe - ok

09:23:52.0281 4636 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll

09:23:52.0281 4636 C:\Windows\System32\mpr.dll - ok

09:23:52.0287 4636 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe

09:23:52.0287 4636 C:\Windows\System32\taskeng.exe - ok

09:23:52.0295 4636 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll

09:23:52.0295 4636 C:\Windows\System32\PlaySndSrv.dll - ok

09:23:52.0301 4636 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe

09:23:52.0301 4636 C:\Windows\System32\userinit.exe - ok

09:23:52.0307 4636 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe

09:23:52.0307 4636 C:\Windows\System32\dwm.exe - ok

09:23:52.0314 4636 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll

09:23:52.0314 4636 C:\Windows\System32\dwmredir.dll - ok

09:23:52.0320 4636 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll

09:23:52.0320 4636 C:\Windows\System32\MsCtfMonitor.dll - ok

09:23:52.0327 4636 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll

09:23:52.0327 4636 C:\Windows\System32\msutb.dll - ok

09:23:52.0333 4636 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll

09:23:52.0334 4636 C:\Windows\System32\HotStartUserAgent.dll - ok

09:23:52.0340 4636 [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll

09:23:52.0340 4636 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok

09:23:52.0347 4636 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll

09:23:52.0347 4636 C:\Windows\System32\dwmcore.dll - ok

09:23:52.0353 4636 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll

09:23:52.0353 4636 C:\Windows\System32\esent.dll - ok

09:23:52.0360 4636 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll

09:23:52.0360 4636 C:\Windows\System32\TSChannel.dll - ok

09:23:52.0364 4636 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll

09:23:52.0364 4636 C:\Windows\System32\d3d10_1.dll - ok

09:23:52.0371 4636 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll

09:23:52.0371 4636 C:\Windows\System32\d3d10_1core.dll - ok

09:23:52.0378 4636 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll

09:23:52.0378 4636 C:\Windows\System32\dxgi.dll - ok

09:23:52.0384 4636 [ 4C92EB7535CAA1681A77D928FBF9771F ] C:\Windows\System32\d3d11.dll

09:23:52.0384 4636 C:\Windows\System32\d3d11.dll - ok

09:23:52.0390 4636 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe

09:23:52.0390 4636 C:\Windows\explorer.exe - ok

09:23:52.0397 4636 [ F7F1AD9C175F1376A2D794ED3B0C453C ] C:\Windows\System32\igd10umd64.dll

09:23:52.0397 4636 C:\Windows\System32\igd10umd64.dll - ok

09:23:52.0403 4636 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll

09:23:52.0403 4636 C:\Windows\System32\ExplorerFrame.dll - ok

09:23:52.0410 4636 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll

09:23:52.0410 4636 C:\Windows\System32\EhStorShell.dll - ok

09:23:52.0416 4636 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll

09:23:52.0416 4636 C:\Windows\System32\ntshrui.dll - ok

09:23:52.0422 4636 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll

09:23:52.0423 4636 C:\Windows\System32\uDWM.dll - ok

09:23:52.0429 4636 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll

09:23:52.0429 4636 C:\Windows\System32\IconCodecService.dll - ok

09:23:52.0436 4636 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe

09:23:52.0436 4636 C:\Windows\System32\runonce.exe - ok

09:23:52.0444 4636 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll

09:23:52.0444 4636 C:\Windows\SysWOW64\ntdll.dll - ok

09:23:52.0448 4636 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe

09:23:52.0448 4636 C:\Windows\SysWOW64\runonce.exe - ok

09:23:52.0455 4636 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll

09:23:52.0455 4636 C:\Windows\System32\wow64.dll - ok

09:23:52.0461 4636 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll

09:23:52.0462 4636 C:\Windows\System32\wow64cpu.dll - ok

09:23:52.0468 4636 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll

09:23:52.0468 4636 C:\Windows\System32\wow64win.dll - ok

09:23:52.0474 4636 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll

09:23:52.0474 4636 C:\Windows\SysWOW64\kernel32.dll - ok

09:23:52.0481 4636 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll

09:23:52.0481 4636 C:\Windows\SysWOW64\KernelBase.dll - ok

09:23:52.0488 4636 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll

09:23:52.0488 4636 C:\Windows\SysWOW64\advapi32.dll - ok

09:23:52.0495 4636 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll

09:23:52.0495 4636 C:\Windows\SysWOW64\cryptbase.dll - ok

09:23:52.0501 4636 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll

09:23:52.0501 4636 C:\Windows\SysWOW64\gdi32.dll - ok

09:23:52.0508 4636 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll

09:23:52.0508 4636 C:\Windows\SysWOW64\msvcrt.dll - ok

09:23:52.0514 4636 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll

09:23:52.0514 4636 C:\Windows\SysWOW64\rpcrt4.dll - ok

09:23:52.0521 4636 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll

09:23:52.0521 4636 C:\Windows\SysWOW64\sechost.dll - ok

09:23:52.0528 4636 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll

09:23:52.0528 4636 C:\Windows\SysWOW64\sspicli.dll - ok

09:23:52.0534 4636 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll

09:23:52.0534 4636 C:\Windows\SysWOW64\user32.dll - ok

09:23:52.0540 4636 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll

09:23:52.0540 4636 C:\Windows\SysWOW64\lpk.dll - ok

09:23:52.0546 4636 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll

09:23:52.0547 4636 C:\Windows\SysWOW64\ole32.dll - ok

09:23:52.0553 4636 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll

09:23:52.0553 4636 C:\Windows\SysWOW64\shlwapi.dll - ok

09:23:52.0559 4636 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll

09:23:52.0559 4636 C:\Windows\SysWOW64\usp10.dll - ok

09:23:52.0566 4636 [ 565D78187494FB5F08B5A52DEB2AEA7A ] C:\Windows\SysWOW64\shell32.dll

09:23:52.0566 4636 C:\Windows\SysWOW64\shell32.dll - ok

09:23:52.0573 4636 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

09:23:52.0573 4636 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok

09:23:52.0580 4636 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

09:23:52.0580 4636 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok

09:23:52.0586 4636 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

09:23:52.0587 4636 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok

09:23:52.0593 4636 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll

09:23:52.0593 4636 C:\Windows\SysWOW64\imm32.dll - ok

09:23:52.0599 4636 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll

09:23:52.0599 4636 C:\Windows\SysWOW64\msctf.dll - ok

09:23:52.0606 4636 [ 92245C959E5BC378809D2CC5E9F6E9C7 ] C:\Windows\SysWOW64\crypt32.dll

09:23:52.0606 4636 C:\Windows\SysWOW64\crypt32.dll - ok

09:23:52.0612 4636 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll

09:23:52.0612 4636 C:\Windows\SysWOW64\msasn1.dll - ok

09:23:52.0616 4636 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll

09:23:52.0616 4636 C:\Windows\SysWOW64\oleaut32.dll - ok

09:23:52.0622 4636 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll

09:23:52.0623 4636 C:\Windows\SysWOW64\wintrust.dll - ok

09:23:52.0629 4636 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll

09:23:52.0630 4636 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok

09:23:52.0636 4636 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll

09:23:52.0636 4636 C:\Windows\SysWOW64\uxtheme.dll - ok

09:23:52.0642 4636 [ 50185186719134FA8F307D269106A51C ] C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

09:23:52.0643 4636 C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe - ok

09:23:52.0649 4636 [ AE4D9DC676A2517DEE3E51978BCFE47C ] C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll

09:23:52.0649 4636 C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll - ok

09:23:52.0656 4636 [ C6B6CD85841FC4958DDAD76B270D05BF ] C:\Program Files (x86)\Google\Update\1.3.21.149\goopdate.dll

09:23:52.0656 4636 C:\Program Files (x86)\Google\Update\1.3.21.149\goopdate.dll - ok

09:23:52.0663 4636 [ 3B3D5E94A5F24417BE2C179DDD883702 ] C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll

09:23:52.0663 4636 C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll - ok

09:23:52.0670 4636 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll

09:23:52.0670 4636 C:\Windows\SysWOW64\cfgmgr32.dll - ok

09:23:52.0677 4636 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll

09:23:52.0677 4636 C:\Windows\SysWOW64\msvcp100.dll - ok

09:23:52.0684 4636 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll

09:23:52.0684 4636 C:\Windows\SysWOW64\msvcr100.dll - ok

09:23:52.0690 4636 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll

09:23:52.0690 4636 C:\Windows\SysWOW64\setupapi.dll - ok

09:23:52.0697 4636 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll

09:23:52.0697 4636 C:\Windows\SysWOW64\clbcatq.dll - ok

09:23:52.0703 4636 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll

09:23:52.0703 4636 C:\Windows\SysWOW64\devobj.dll - ok

09:23:52.0709 4636 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll

09:23:52.0709 4636 C:\Windows\SysWOW64\propsys.dll - ok

09:23:52.0716 4636 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll

09:23:52.0716 4636 C:\Windows\SysWOW64\ntmarta.dll - ok

09:23:52.0722 4636 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll

09:23:52.0722 4636 C:\Windows\SysWOW64\Wldap32.dll - ok

gco1133 · July 8, 2013

09:23:52.0729 4636 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll

09:23:52.0729 4636 C:\Windows\SysWOW64\profapi.dll - ok

09:23:52.0736 4636 [ B3DC4D1658093C1E486CA9F22180BECF ] C:\Windows\SysWOW64\urlmon.dll

09:23:52.0736 4636 C:\Windows\SysWOW64\urlmon.dll - ok

09:23:52.0742 4636 [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

09:23:52.0742 4636 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok

09:23:52.0751 4636 [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

09:23:52.0751 4636 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok

09:23:52.0756 4636 [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

09:23:52.0756 4636 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok

09:23:52.0763 4636 [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

09:23:52.0763 4636 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok

09:23:52.0769 4636 [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

09:23:52.0770 4636 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok

09:23:52.0776 4636 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

09:23:52.0776 4636 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok

09:23:52.0784 4636 [ F383B1AD5D7FDC1ACB0D900B50572F8D ] C:\Windows\SysWOW64\iertutil.dll

09:23:52.0784 4636 C:\Windows\SysWOW64\iertutil.dll - ok

09:23:52.0790 4636 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll

09:23:52.0790 4636 C:\Windows\SysWOW64\version.dll - ok

09:23:52.0797 4636 [ 2473CA6595A2659D7039A4A89FECA269 ] C:\Windows\SysWOW64\wininet.dll

09:23:52.0797 4636 C:\Windows\SysWOW64\wininet.dll - ok

09:23:52.0803 4636 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL

09:23:52.0803 4636 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok

09:23:52.0809 4636 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll

09:23:52.0810 4636 C:\Windows\SysWOW64\nsi.dll - ok

09:23:52.0818 4636 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll

09:23:52.0818 4636 C:\Windows\SysWOW64\psapi.dll - ok

09:23:52.0823 4636 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll

09:23:52.0823 4636 C:\Windows\SysWOW64\winnsi.dll - ok

09:23:52.0829 4636 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll

09:23:52.0829 4636 C:\Windows\SysWOW64\ws2_32.dll - ok

09:23:52.0836 4636 [ 5BDB1E096DEA119A4D205ACB6E958175 ] C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll

09:23:52.0836 4636 C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll - ok

09:23:52.0842 4636 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll

09:23:52.0842 4636 C:\Windows\SysWOW64\netapi32.dll - ok

09:23:52.0850 4636 [ 21139ED432EFB4A8CDF715862DBDF9E0 ] C:\Program Files (x86)\AVG\AVG2013\avglogx.dll

09:23:52.0850 4636 C:\Program Files (x86)\AVG\AVG2013\avglogx.dll - ok

09:23:52.0855 4636 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll

09:23:52.0855 4636 C:\Windows\SysWOW64\netutils.dll - ok

09:23:52.0862 4636 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll

09:23:52.0862 4636 C:\Windows\SysWOW64\srvcli.dll - ok

09:23:52.0868 4636 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll

09:23:52.0868 4636 C:\Windows\SysWOW64\imagehlp.dll - ok

09:23:52.0872 4636 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll

09:23:52.0872 4636 C:\Windows\SysWOW64\wkscli.dll - ok

09:23:52.0878 4636 [ 3A0977CB68AF13E2579E47EB8984056B ] C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

09:23:52.0879 4636 C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe - ok

09:23:52.0885 4636 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll

09:23:52.0885 4636 C:\Windows\SysWOW64\msi.dll - ok

09:23:52.0891 4636 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll

09:23:52.0891 4636 C:\Windows\SysWOW64\cscapi.dll - ok

09:23:52.0898 4636 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll

09:23:52.0898 4636 C:\Windows\SysWOW64\dbghelp.dll - ok

09:23:52.0905 4636 [ 09C87F376507122A5FE1CBE06E015512 ] C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe

09:23:52.0905 4636 C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe - ok

09:23:52.0911 4636 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll

09:23:52.0911 4636 C:\Windows\SysWOW64\apphelp.dll - ok

09:23:52.0918 4636 [ CA35155F6B4C4DB2513AAAA868BAFF47 ] C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler64.exe

09:23:52.0918 4636 C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler64.exe - ok

09:23:52.0925 4636 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll

09:23:52.0925 4636 C:\Windows\SysWOW64\mstask.dll - ok

09:23:52.0933 4636 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll

09:23:52.0933 4636 C:\Windows\SysWOW64\userenv.dll - ok

09:23:52.0938 4636 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll

09:23:52.0938 4636 C:\Windows\System32\dbghelp.dll - ok

09:23:52.0944 4636 [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

09:23:52.0944 4636 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok

09:23:52.0951 4636 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll

09:23:52.0951 4636 C:\Windows\SysWOW64\secur32.dll - ok

09:23:52.0958 4636 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe

09:23:52.0958 4636 C:\Windows\SysWOW64\cmd.exe - ok

09:23:52.0964 4636 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe

09:23:52.0964 4636 C:\Windows\System32\conhost.exe - ok

09:23:52.0969 4636 [ 40E12972BB73C2927E19553E30EAEE3C ] C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll

09:23:52.0969 4636 C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll - ok

09:23:52.0975 4636 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll

09:23:52.0975 4636 C:\Windows\SysWOW64\winbrand.dll - ok

09:23:52.0984 4636 [ 71EA9078F6E1246B0BBD746C2999723F ] C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll

09:23:52.0984 4636 C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll - ok

09:23:52.0988 4636 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] C:\Windows\System32\cryptsvc.dll

09:23:52.0989 4636 C:\Windows\System32\cryptsvc.dll - ok

09:23:52.0995 4636 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll

09:23:52.0995 4636 C:\Windows\System32\dps.dll - ok

09:23:53.0002 4636 [ CE1EE31FFF730CA975A5535D8A71AF61 ] C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe

09:23:53.0002 4636 C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe - ok

09:23:53.0008 4636 [ 2C4C22EA1735F21F355EB1A39832F7DF ] C:\Windows\System32\cryptnet.dll

09:23:53.0008 4636 C:\Windows\System32\cryptnet.dll - ok

09:23:53.0014 4636 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll

09:23:53.0014 4636 C:\Windows\System32\taskschd.dll - ok

09:23:53.0021 4636 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv

09:23:53.0021 4636 C:\Windows\SysWOW64\winspool.drv - ok

09:23:53.0028 4636 [ 7D2633295EB6FF2B938185874884059D ] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

09:23:53.0028 4636 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe - ok

09:23:53.0035 4636 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL

09:23:53.0035 4636 C:\Windows\System32\IKEEXT.DLL - ok

09:23:53.0041 4636 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll

09:23:53.0041 4636 C:\Windows\System32\vssapi.dll - ok

09:23:53.0047 4636 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll

09:23:53.0047 4636 C:\Windows\System32\vsstrace.dll - ok

09:23:53.0054 4636 [ FCA0837B2739C044EEC00AF0DDD73FFC ] C:\Windows\SysWOW64\ieframe.dll

09:23:53.0054 4636 C:\Windows\SysWOW64\ieframe.dll - ok

09:23:53.0060 4636 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll

09:23:53.0060 4636 C:\Windows\SysWOW64\winmm.dll - ok

09:23:53.0068 4636 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll

09:23:53.0068 4636 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok

09:23:53.0074 4636 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

09:23:53.0074 4636 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok

09:23:53.0081 4636 [ 813331FDB5375C4AC9A1DB2BC64AE6EE ] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NB.dll

09:23:53.0081 4636 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NB.dll - ok

09:23:53.0088 4636 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll

09:23:53.0088 4636 C:\Windows\SysWOW64\Faultrep.dll - ok

09:23:53.0094 4636 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll

09:23:53.0094 4636 C:\Windows\SysWOW64\webio.dll - ok

09:23:53.0100 4636 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll

09:23:53.0101 4636 C:\Windows\SysWOW64\winhttp.dll - ok

09:23:53.0107 4636 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll

09:23:53.0107 4636 C:\Windows\System32\vpnikeapi.dll - ok

09:23:53.0114 4636 [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

09:23:53.0114 4636 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok

09:23:53.0121 4636 [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

09:23:53.0121 4636 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok

09:23:53.0125 4636 [ 1F05F5A16881CD928C82D53CEFCF4477 ] C:\Windows\SysWOW64\shdocvw.dll

09:23:53.0125 4636 C:\Windows\SysWOW64\shdocvw.dll - ok

09:23:53.0131 4636 [ 414F57444511B818DB23FA5CF89F3205 ] C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll

09:23:53.0131 4636 C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll - ok

09:23:53.0138 4636 [ D97B5EAE263304486002000F90FA3EA0 ] C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll

09:23:53.0138 4636 C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll - ok

09:23:53.0144 4636 [ 1FF6400CE6C54790B17E20C0B456799F ] C:\Program Files (x86)\AVG\AVG2013\avgwd.dll

09:23:53.0145 4636 C:\Program Files (x86)\AVG\AVG2013\avgwd.dll - ok

09:23:53.0151 4636 [ 813101AE7E85BC1EF2E014DCCF588984 ] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\LBFC.dll

09:23:53.0151 4636 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\LBFC.dll - ok

09:23:53.0158 4636 [ E365153089457720A70B19811D1F3B19 ] C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll

09:23:53.0159 4636 C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll - ok

09:23:53.0165 4636 [ 2E967B05E5D1EF57632819BDC54F19B1 ] C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll

09:23:53.0165 4636 C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll - ok

09:23:53.0172 4636 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll

09:23:53.0172 4636 C:\Windows\System32\netman.dll - ok

09:23:53.0178 4636 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll

09:23:53.0178 4636 C:\Windows\System32\nlasvc.dll - ok

09:23:53.0185 4636 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys

09:23:53.0185 4636 C:\Windows\System32\drivers\PEAuth.sys - ok

09:23:53.0191 4636 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll

09:23:53.0192 4636 C:\Windows\SysWOW64\sfc.dll - ok

09:23:53.0198 4636 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll

09:23:53.0198 4636 C:\Windows\System32\ncsi.dll - ok

09:23:53.0204 4636 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll

09:23:53.0204 4636 C:\Windows\System32\aepic.dll - ok

09:23:53.0211 4636 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll

09:23:53.0211 4636 C:\Windows\System32\pcasvc.dll - ok

09:23:53.0217 4636 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll

09:23:53.0217 4636 C:\Windows\System32\winhttp.dll - ok

09:23:53.0224 4636 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll

09:23:53.0224 4636 C:\Windows\System32\sfc.dll - ok

09:23:53.0230 4636 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll

09:23:53.0230 4636 C:\Windows\System32\sfc_os.dll - ok

09:23:53.0236 4636 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll

09:23:53.0236 4636 C:\Windows\System32\webio.dll - ok

09:23:53.0243 4636 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll

09:23:53.0243 4636 C:\Windows\SysWOW64\sfc_os.dll - ok

09:23:53.0249 4636 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll

09:23:53.0249 4636 C:\Windows\SysWOW64\cryptsp.dll - ok

09:23:53.0256 4636 [ 4A5809A1D796E2675AC0332BF7B0CB11 ] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

09:23:53.0256 4636 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe - ok

09:23:53.0262 4636 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL

09:23:53.0263 4636 C:\Windows\System32\IPSECSVC.DLL - ok

09:23:53.0270 4636 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll

09:23:53.0270 4636 C:\Windows\System32\ssdpapi.dll - ok

09:23:53.0276 4636 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll

09:23:53.0276 4636 C:\Windows\SysWOW64\rsaenh.dll - ok

09:23:53.0282 4636 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll

09:23:53.0282 4636 C:\Windows\SysWOW64\RpcRtRemote.dll - ok

09:23:53.0289 4636 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll

09:23:53.0289 4636 C:\Windows\SysWOW64\wsock32.dll - ok

09:23:53.0295 4636 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll

09:23:53.0295 4636 C:\Windows\SysWOW64\SensApi.dll - ok

09:23:53.0301 4636 [ 2EDDAC53FFBB0A440B1AB9A278853295 ] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBBurn.dll

09:23:53.0302 4636 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBBurn.dll - ok

09:23:53.0309 4636 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll

09:23:53.0309 4636 C:\Windows\System32\FwRemoteSvr.dll - ok

09:23:53.0315 4636 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll

09:23:53.0315 4636 C:\Windows\SysWOW64\msxml6.dll - ok

09:23:53.0322 4636 [ C1E64261CE370717259904F5D3FDFC2C ] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NeroAPIGlueLayerUnicode.dll

09:23:53.0322 4636 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NeroAPIGlueLayerUnicode.dll - ok

09:23:53.0328 4636 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys

09:23:53.0328 4636 C:\Windows\System32\drivers\secdrv.sys - ok

09:23:53.0334 4636 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll

09:23:53.0335 4636 C:\Windows\System32\seclogon.dll - ok

09:23:53.0342 4636 [ C6CC9297BD53E5229653303E556AA539 ] C:\Windows\System32\drivers\Sftfslh.sys

09:23:53.0342 4636 C:\Windows\System32\drivers\Sftfslh.sys - ok

09:23:53.0349 4636 [ 80A9ADB30ABDF99A8B5A6C233DB3F1D8 ] C:\Users\GrahamO\AppData\Local\Temp\617A8E5C-6C79-4B05-93F4-697701B57E87.exe

09:23:53.0349 4636 C:\Users\GrahamO\AppData\Local\Temp\617A8E5C-6C79-4B05-93F4-697701B57E87.exe - ok

09:23:53.0357 4636 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll

09:23:53.0357 4636 C:\Windows\SysWOW64\ncrypt.dll - ok

09:23:53.0363 4636 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll

09:23:53.0363 4636 C:\Windows\SysWOW64\bcrypt.dll - ok

09:23:53.0371 4636 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll

09:23:53.0371 4636 C:\Windows\SysWOW64\bcryptprimitives.dll - ok

09:23:53.0376 4636 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll

09:23:53.0377 4636 C:\Windows\System32\aeevts.dll - ok

09:23:53.0383 4636 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll

09:23:53.0383 4636 C:\Windows\SysWOW64\gpapi.dll - ok

09:23:53.0390 4636 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll

09:23:53.0390 4636 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok

09:23:53.0397 4636 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll

09:23:53.0397 4636 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok

09:23:53.0405 4636 [ 8A8B277067C22F4BF6AA9A31692FC4D3 ] C:\Windows\SysWOW64\cryptnet.dll

09:23:53.0405 4636 C:\Windows\SysWOW64\cryptnet.dll - ok

09:23:53.0410 4636 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll

09:23:53.0410 4636 C:\Windows\SysWOW64\dwmapi.dll - ok

09:23:53.0416 4636 [ 5B2E4E90C04FB9AE9F2C5E99FF59B283 ] C:\Windows\SysWOW64\WindowsCodecs.dll

09:23:53.0416 4636 C:\Windows\SysWOW64\WindowsCodecs.dll - ok

09:23:53.0425 4636 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll

09:23:53.0425 4636 C:\Windows\SysWOW64\EhStorShell.dll - ok

09:23:53.0429 4636 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll

09:23:53.0429 4636 C:\Windows\SysWOW64\ntshrui.dll - ok

09:23:53.0435 4636 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll

09:23:53.0435 4636 C:\Windows\SysWOW64\slc.dll - ok

09:23:53.0442 4636 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll

09:23:53.0442 4636 C:\Windows\SysWOW64\imageres.dll - ok

09:23:53.0449 4636 [ 099D9F937F6EE23672391B3A5BD6D7E5 ] C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll

09:23:53.0449 4636 C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll - ok

09:23:53.0456 4636 [ 67DABFB8EB4AFA87C558504D5FCD43C8 ] C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll

09:23:53.0456 4636 C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll - ok

09:23:53.0463 4636 [ C3CDDD18F43D44AB713CF8C4916F7696 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

09:23:53.0463 4636 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok

09:23:53.0470 4636 [ 390AA7BC52CEE43F6790CDEA1E776703 ] C:\Windows\System32\drivers\Sftplaylh.sys

09:23:53.0470 4636 C:\Windows\System32\drivers\Sftplaylh.sys - ok

09:23:53.0477 4636 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll

09:23:53.0477 4636 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok

09:23:53.0484 4636 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll

09:23:53.0484 4636 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok

09:23:53.0492 4636 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe

09:23:53.0492 4636 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok

09:23:53.0497 4636 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll

09:23:53.0497 4636 C:\Windows\SysWOW64\credssp.dll - ok

09:23:53.0503 4636 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll

09:23:53.0503 4636 C:\Windows\SysWOW64\wtsapi32.dll - ok

09:23:53.0510 4636 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll

09:23:53.0510 4636 C:\Windows\System32\httpapi.dll - ok

09:23:53.0517 4636 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll

09:23:53.0517 4636 C:\Windows\System32\sstpsvc.dll - ok

09:23:53.0523 4636 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll

09:23:53.0523 4636 C:\Windows\System32\wiaservc.dll - ok

09:23:53.0530 4636 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll

09:23:53.0530 4636 C:\Windows\System32\sysmain.dll - ok

09:23:53.0536 4636 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll

09:23:53.0536 4636 C:\Windows\System32\tapisrv.dll - ok

09:23:53.0543 4636 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys

09:23:53.0543 4636 C:\Windows\System32\drivers\tcpipreg.sys - ok

09:23:53.0549 4636 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll

09:23:53.0549 4636 C:\Windows\System32\wiatrace.dll - ok

09:23:53.0557 4636 [ ED32035BDFECED1AD66D459FD9CC1140 ] C:\Windows\System32\TODDSrv.exe

09:23:53.0557 4636 C:\Windows\System32\TODDSrv.exe - ok

09:23:53.0563 4636 [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll

09:23:53.0563 4636 C:\Windows\System32\wsdchngr.dll - ok

09:23:53.0569 4636 [ E25B118D6E9E63213A09BC4C5A854CA5 ] C:\Windows\System32\CNC_ARC.dll

09:23:53.0569 4636 C:\Windows\System32\CNC_ARC.dll - ok

09:23:53.0576 4636 [ 2AFD59E7D575DAF78D5507D16304617D ] C:\Windows\System32\CNC_ARL.dll

09:23:53.0576 4636 C:\Windows\System32\CNC_ARL.dll - ok

09:23:53.0582 4636 [ 493574E218AA18161D14EECFD572A0E8 ] C:\Windows\System32\CNHMCA6.dll

09:23:53.0582 4636 C:\Windows\System32\CNHMCA6.dll - ok

09:23:53.0588 4636 [ A644D0B85E6F00A5F1550B18338BF207 ] C:\Windows\twain_32\MG3100 series\SG_ENU.dll

09:23:53.0588 4636 C:\Windows\twain_32\MG3100 series\SG_ENU.dll - ok

09:23:53.0595 4636 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll

09:23:53.0595 4636 C:\Windows\SysWOW64\wevtapi.dll - ok

09:23:53.0602 4636 [ 98C864481D62F86EC8AF65BE3419A95B ] C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

09:23:53.0602 4636 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe - ok

09:23:53.0610 4636 [ F65BEBE969C232F60C7A13B0F00FB52C ] C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll

09:23:53.0610 4636 C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll - ok

09:23:53.0615 4636 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll

09:23:53.0615 4636 C:\Windows\SysWOW64\wscapi.dll - ok

09:23:53.0621 4636 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll

09:23:53.0621 4636 C:\Windows\SysWOW64\wbemcomn.dll - ok

09:23:53.0625 4636 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll

09:23:53.0625 4636 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok

09:23:53.0632 4636 [ 866CC7A87DCFE3E54F23DB15DF16EDF2 ] C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe

09:23:53.0632 4636 C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe - ok

09:23:53.0639 4636 [ 96BE845C8650A2B59B9BC4D798952969 ] C:\Program Files (x86)\AVG\AVG2013\avgemca.exe

09:23:53.0639 4636 C:\Program Files (x86)\AVG\AVG2013\avgemca.exe - ok

09:23:53.0646 4636 [ 6A0A8D20469EFD39A4A3463A88811A57 ] C:\Program Files (x86)\AVG\AVG2013\avgsched.dll

09:23:53.0646 4636 C:\Program Files (x86)\AVG\AVG2013\avgsched.dll - ok

09:23:53.0653 4636 [ A6639BC625634614DC30392BD81C4001 ] C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll

09:23:53.0653 4636 C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll - ok

09:23:53.0659 4636 [ 0F14FD6F1F3AEAA510422E5317D4BF52 ] C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll

09:23:53.0660 4636 C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll - ok

09:23:53.0666 4636 [ 6992B4EE50A831FE4D4EC9970CA3660C ] C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll

09:23:53.0666 4636 C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll - ok

09:23:53.0673 4636 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll

09:23:53.0673 4636 C:\Windows\System32\msvcr100.dll - ok

09:23:53.0680 4636 [ C0148266689B5CE89E524948FD525CDD ] C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll

09:23:53.0680 4636 C:\Program Files (x86)\AVG\AVG2013\avgcfga.dll - ok

09:23:53.0686 4636 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll

09:23:53.0686 4636 C:\Windows\System32\trkwks.dll - ok

09:23:53.0693 4636 [ 254E8F9BA44E9F55416B0E51DBFF3C5F ] C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe

09:23:53.0693 4636 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe - ok

09:23:53.0700 4636 [ B15161C1E0BEBB324CD2D15B5A79ADBD ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapia.dll

09:23:53.0700 4636 C:\Program Files (x86)\AVG\AVG2013\avgkrnlapia.dll - ok

09:23:53.0706 4636 [ 41A4B8BA8F1346F9A502C9BE01F03CF0 ] C:\Program Files (x86)\AVG\AVG2013\avgsecapia.dll

09:23:53.0706 4636 C:\Program Files (x86)\AVG\AVG2013\avgsecapia.dll - ok

09:23:53.0713 4636 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll

09:23:53.0713 4636 C:\Windows\System32\wbemcomn.dll - ok

09:23:53.0720 4636 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll

09:23:53.0720 4636 C:\Windows\System32\wbem\WmiDcPrv.dll - ok

09:23:53.0726 4636 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll

09:23:53.0727 4636 C:\Windows\System32\wbem\WMIsvc.dll - ok

09:23:53.0733 4636 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll

09:23:53.0733 4636 C:\Windows\System32\wbem\fastprox.dll - ok

09:23:53.0739 4636 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll

09:23:53.0739 4636 C:\Windows\System32\wbem\WinMgmtR.dll - ok

09:23:53.0747 4636 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll

09:23:53.0747 4636 C:\Windows\System32\ntdsapi.dll - ok

09:23:53.0753 4636 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll

09:23:53.0753 4636 C:\Windows\System32\wbem\wbemcore.dll - ok

09:23:53.0761 4636 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll

09:23:53.0761 4636 C:\Windows\System32\wbem\wbemprox.dll - ok

09:23:53.0766 4636 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll

09:23:53.0766 4636 C:\Windows\System32\wbem\esscli.dll - ok

09:23:53.0773 4636 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll

09:23:53.0773 4636 C:\Windows\System32\wbem\wbemsvc.dll - ok

09:23:53.0779 4636 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll

09:23:53.0779 4636 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok

09:23:53.0786 4636 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll

09:23:53.0786 4636 C:\Windows\System32\wbem\wmiutils.dll - ok

09:23:53.0793 4636 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll

09:23:53.0793 4636 C:\Windows\SysWOW64\wbem\fastprox.dll - ok

09:23:53.0799 4636 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll

09:23:53.0799 4636 C:\Windows\System32\wbem\repdrvfs.dll - ok

09:23:53.0805 4636 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll

09:23:53.0805 4636 C:\Windows\SysWOW64\ntdsapi.dll - ok

09:23:53.0812 4636 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

09:23:53.0812 4636 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok

09:23:53.0819 4636 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll

09:23:53.0819 4636 C:\Windows\System32\wbem\WmiPrvSD.dll - ok

09:23:53.0825 4636 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll

09:23:53.0825 4636 C:\Windows\System32\ncobjapi.dll - ok

09:23:53.0832 4636 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll

09:23:53.0832 4636 C:\Windows\System32\wbem\wbemess.dll - ok

09:23:53.0839 4636 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL

09:23:53.0840 4636 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok

09:23:53.0846 4636 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll

09:23:53.0846 4636 C:\Windows\System32\SensApi.dll - ok

09:23:53.0852 4636 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll

09:23:53.0852 4636 C:\Windows\System32\wer.dll - ok

09:23:53.0861 4636 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll

09:23:53.0861 4636 C:\Windows\System32\iphlpsvc.dll - ok

09:23:53.0866 4636 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll

09:23:53.0866 4636 C:\Windows\System32\sqmapi.dll - ok

09:23:53.0873 4636 [ 13693B6354DD6E72DC5131DA7D764B90 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

09:23:53.0873 4636 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok

09:23:53.0881 4636 [ DC1BBA01FFB5745B8862931E7DE7304A ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

09:23:53.0881 4636 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok

09:23:53.0887 4636 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll

09:23:53.0887 4636 C:\Windows\System32\msxml3.dll - ok

09:23:53.0893 4636 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll

09:23:53.0893 4636 C:\Windows\System32\wdscore.dll - ok

09:23:53.0900 4636 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll

09:23:53.0900 4636 C:\Windows\System32\rasmans.dll - ok

09:23:53.0906 4636 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll

09:23:53.0906 4636 C:\Windows\System32\rastapi.dll - ok

09:23:53.0913 4636 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll

09:23:53.0913 4636 C:\Windows\System32\tapi32.dll - ok

09:23:53.0920 4636 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll

09:23:53.0920 4636 C:\Windows\System32\dssenh.dll - ok

09:23:53.0926 4636 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

09:23:53.0926 4636 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok

09:23:53.0933 4636 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll

09:23:53.0933 4636 C:\Windows\System32\nci.dll - ok

09:23:53.0940 4636 [ 6177E1A8F215576A56D437B48A00848B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll

09:23:53.0940 4636 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok

09:23:53.0947 4636 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll

09:23:53.0947 4636 C:\Windows\System32\hnetcfg.dll - ok

09:23:53.0953 4636 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp

09:23:53.0953 4636 C:\Windows\System32\unimdm.tsp - ok

09:23:53.0959 4636 [ 295E1F2BC1AFDAFD98FF426BCE524BA9 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll

09:23:53.0959 4636 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok

09:23:53.0966 4636 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll

09:23:53.0966 4636 C:\Windows\System32\uniplat.dll - ok

09:23:53.0973 4636 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp

09:23:53.0973 4636 C:\Windows\System32\kmddsp.tsp - ok

09:23:53.0981 4636 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp

09:23:53.0981 4636 C:\Windows\System32\ndptsp.tsp - ok

09:23:53.0986 4636 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp

09:23:53.0986 4636 C:\Windows\System32\hidphone.tsp - ok

09:23:53.0992 4636 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll

09:23:53.0992 4636 C:\Windows\SysWOW64\mpr.dll - ok

09:23:53.0999 4636 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll

09:23:53.0999 4636 C:\Windows\System32\rasppp.dll - ok

09:23:54.0005 4636 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll

09:23:54.0005 4636 C:\Windows\System32\vpnike.dll - ok

09:23:54.0012 4636 [ A733CC986EB51F8FBF598B981DC19FBA ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll

09:23:54.0012 4636 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok

09:23:54.0018 4636 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll

09:23:54.0018 4636 C:\Windows\System32\raschap.dll - ok

09:23:54.0025 4636 [ 32BFCF1CA719F2A3A31C721BD5F90303 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll

09:23:54.0025 4636 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok

09:23:54.0032 4636 [ C7CFB71A0147F6499316833D18B7F879 ] C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll

09:23:54.0032 4636 C:\Program Files (x86)\AVG\AVG2013\avgxpla.dll - ok

09:23:54.0039 4636 [ 40EE4E67311F4019CCA2120D88C60576 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll

09:23:54.0039 4636 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok

09:23:54.0046 4636 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll

09:23:54.0047 4636 C:\Windows\System32\msvcp100.dll - ok

09:23:54.0053 4636 [ 09AB81CEE443569D9A3CC151DDF70444 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll

09:23:54.0053 4636 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok

09:23:54.0059 4636 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll

09:23:54.0059 4636 C:\Windows\SysWOW64\logoncli.dll - ok

09:23:54.0066 4636 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll

09:23:54.0066 4636 C:\Windows\System32\ipnathlp.dll - ok

09:23:54.0072 4636 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll

09:23:54.0073 4636 C:\Windows\System32\mprapi.dll - ok

09:23:54.0079 4636 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll

09:23:54.0079 4636 C:\Windows\System32\netshell.dll - ok

09:23:54.0086 4636 [ 617E29A0B0A2807466560D4C4E338D3E ] C:\Windows\System32\drivers\Sftredirlh.sys

09:23:54.0086 4636 C:\Windows\System32\drivers\Sftredirlh.sys - ok

09:23:54.0092 4636 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll

09:23:54.0092 4636 C:\Windows\SysWOW64\fltLib.dll - ok

09:23:54.0099 4636 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll

09:23:54.0099 4636 C:\Windows\SysWOW64\devrtl.dll - ok

09:23:54.0105 4636 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll

09:23:54.0105 4636 C:\Windows\SysWOW64\schannel.dll - ok

09:23:54.0113 4636 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll

09:23:54.0113 4636 C:\Windows\System32\WMALFXGFXDSP.dll - ok

09:23:54.0118 4636 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll

09:23:54.0118 4636 C:\Windows\System32\mfplat.dll - ok

09:23:54.0125 4636 [ 72794D112CBAFF3BC0C29BF7350D4741 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

09:23:54.0125 4636 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok

09:23:54.0130 4636 [ C797D1677BA81306AFBB9FA8A9A8F483 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL

09:23:54.0130 4636 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok

09:23:54.0136 4636 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll

09:23:54.0136 4636 C:\Windows\SysWOW64\credui.dll - ok

09:23:54.0142 4636 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll

09:23:54.0142 4636 C:\Windows\SysWOW64\oleacc.dll - ok

09:23:54.0149 4636 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll

09:23:54.0149 4636 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok

09:23:54.0156 4636 [ 565A30B70BE8A9B171839003F2D69683 ] C:\Windows\SysWOW64\hlink.dll

09:23:54.0156 4636 C:\Windows\SysWOW64\hlink.dll - ok

09:23:54.0163 4636 [ 74AF1FFCAFD60DA88A386AE161F56438 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll

09:23:54.0163 4636 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok

09:23:54.0170 4636 [ B08E3476F0874DBAD672D0AC4FB2580B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll

09:23:54.0170 4636 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok

09:23:54.0176 4636 [ 11338E0557B07BC32CDB980B6EDB35AA ] C:\Windows\System32\ci.dll

09:23:54.0176 4636 C:\Windows\System32\ci.dll - ok

09:23:54.0183 4636 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll

09:23:54.0183 4636 C:\Windows\SysWOW64\msv1_0.dll - ok

09:23:54.0189 4636 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll

09:23:54.0189 4636 C:\Windows\SysWOW64\cryptdll.dll - ok

09:23:54.0195 4636 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll

09:23:54.0196 4636 C:\Windows\SysWOW64\msxml3.dll - ok

09:23:54.0202 4636 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll

09:23:54.0202 4636 C:\Windows\System32\wdi.dll - ok

09:23:54.0209 4636 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll

09:23:54.0209 4636 C:\Windows\System32\wpdbusenum.dll - ok

09:23:54.0215 4636 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll

09:23:54.0215 4636 C:\Windows\System32\diagperf.dll - ok

09:23:54.0222 4636 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll

09:23:54.0222 4636 C:\Windows\System32\perftrack.dll - ok

09:23:54.0228 4636 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll

09:23:54.0228 4636 C:\Windows\System32\PortableDeviceApi.dll - ok

09:23:54.0236 4636 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll

09:23:54.0236 4636 C:\Windows\System32\mprmsg.dll - ok

09:23:54.0242 4636 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll

09:23:54.0242 4636 C:\Windows\System32\ndiscapCfg.dll - ok

09:23:54.0248 4636 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll

09:23:54.0248 4636 C:\Windows\System32\rascfg.dll - ok

09:23:54.0255 4636 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll

09:23:54.0255 4636 C:\Windows\System32\tcpipcfg.dll - ok

09:23:54.0261 4636 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll

09:23:54.0261 4636 C:\Windows\System32\npmproxy.dll - ok

09:23:54.0268 4636 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll

09:23:54.0268 4636 C:\Windows\System32\PortableDeviceConnectApi.dll - ok

09:23:54.0275 4636 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll

09:23:54.0275 4636 C:\Windows\System32\Apphlpdm.dll - ok

09:23:54.0281 4636 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll

09:23:54.0281 4636 C:\Windows\System32\pnpts.dll - ok

09:23:54.0288 4636 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll

09:23:54.0288 4636 C:\Windows\System32\radardt.dll - ok

09:23:54.0294 4636 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll

09:23:54.0294 4636 C:\Windows\System32\aelupsvc.dll - ok

09:23:54.0301 4636 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll

09:23:54.0301 4636 C:\Windows\System32\wdiasqmmodule.dll - ok

09:23:54.0307 4636 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll

09:23:54.0307 4636 C:\Windows\System32\wlaninst.dll - ok

09:23:54.0313 4636 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll

09:23:54.0313 4636 C:\Windows\System32\wwaninst.dll - ok

09:23:54.0320 4636 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll

09:23:54.0320 4636 C:\Windows\System32\spfileq.dll - ok

09:23:54.0327 4636 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll

09:23:54.0327 4636 C:\Windows\System32\dimsjob.dll - ok

09:23:54.0333 4636 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll

09:23:54.0333 4636 C:\Windows\System32\pautoenr.dll - ok

09:23:54.0340 4636 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll

09:23:54.0340 4636 C:\Windows\System32\certcli.dll - ok

09:23:54.0346 4636 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll

09:23:54.0346 4636 C:\Windows\System32\CertEnroll.dll - ok

09:23:54.0353 4636 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll

09:23:54.0353 4636 C:\Windows\System32\NapiNSP.dll - ok

09:23:54.0359 4636 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll

09:23:54.0359 4636 C:\Windows\System32\pnrpnsp.dll - ok

09:23:54.0366 4636 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll

09:23:54.0366 4636 C:\Windows\System32\winrnr.dll - ok

09:23:54.0373 4636 [ A7E406711790197712D376B44A9FBB0B ] C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe

09:23:54.0373 4636 C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe - ok

09:23:54.0379 4636 [ CCADB6C52495F036C366AA479392A7D4 ] C:\Program Files (x86)\Toshiba\ConfigFree\NDSParts.dll

09:23:54.0379 4636 C:\Program Files (x86)\Toshiba\ConfigFree\NDSParts.dll - ok

09:23:54.0384 4636 [ 2766769440198C1E63122865850BB631 ] C:\Program Files (x86)\Toshiba\ConfigFree\NDSAPI.dll

09:23:54.0384 4636 C:\Program Files (x86)\Toshiba\ConfigFree\NDSAPI.dll - ok

09:23:54.0390 4636 [ DA4950C4239E0C4FF35895FD7AA46B05 ] C:\Program Files (x86)\Toshiba\ConfigFree\CFWlApi.dll

09:23:54.0390 4636 C:\Program Files (x86)\Toshiba\ConfigFree\CFWlApi.dll - ok

09:23:54.0397 4636 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll

09:23:54.0397 4636 C:\Windows\SysWOW64\wlanapi.dll - ok

09:23:54.0403 4636 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll

09:23:54.0404 4636 C:\Windows\SysWOW64\wlanutil.dll - ok

09:23:54.0410 4636 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll

09:23:54.0410 4636 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok

09:23:54.0417 4636 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll

09:23:54.0417 4636 C:\Windows\SysWOW64\rasapi32.dll - ok

09:23:54.0424 4636 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll

09:23:54.0424 4636 C:\Windows\SysWOW64\rasman.dll - ok

09:23:54.0430 4636 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll

09:23:54.0430 4636 C:\Windows\SysWOW64\rasdlg.dll - ok

09:23:54.0437 4636 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll

09:23:54.0437 4636 C:\Windows\SysWOW64\mprapi.dll - ok

09:23:54.0443 4636 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll

09:23:54.0444 4636 C:\Windows\SysWOW64\rtutils.dll - ok

09:23:54.0450 4636 [ 15936A348676D246A41A4781E6A34692 ] C:\Program Files (x86)\Toshiba\ConfigFree\NDSMUI.dll

09:23:54.0451 4636 C:\Program Files (x86)\Toshiba\ConfigFree\NDSMUI.dll - ok

09:23:54.0457 4636 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll

09:23:54.0457 4636 C:\Windows\SysWOW64\comdlg32.dll - ok

09:23:54.0463 4636 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe

09:23:54.0463 4636 C:\Windows\System32\wbem\WmiPrvSE.exe - ok

09:23:54.0470 4636 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll

09:23:54.0470 4636 C:\Windows\System32\wbem\cimwin32.dll - ok

09:23:54.0476 4636 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll

09:23:54.0477 4636 C:\Windows\System32\framedynos.dll - ok

09:23:54.0484 4636 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll

09:23:54.0484 4636 C:\Windows\System32\wmi.dll - ok

09:23:54.0489 4636 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl

09:23:54.0489 4636 C:\Windows\System32\timedate.cpl - ok

09:23:54.0496 4636 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll

09:23:54.0496 4636 C:\Windows\System32\actxprxy.dll - ok

09:23:54.0502 4636 [ 22A0AE97360C1B146FDD9AA55AC0E989 ] C:\Windows\System32\shdocvw.dll

09:23:54.0503 4636 C:\Windows\System32\shdocvw.dll - ok

09:23:54.0509 4636 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll

09:23:54.0509 4636 C:\Windows\System32\linkinfo.dll - ok

09:23:54.0515 4636 [ E6DD15E668DAF0A02470CF551B0A0105 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll

09:23:54.0515 4636 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok

09:23:54.0522 4636 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll

09:23:54.0522 4636 C:\Windows\System32\msftedit.dll - ok

09:23:54.0528 4636 [ 112183DF91C9BAECB498E4A86ECDE598 ] C:\Windows\System32\msls31.dll

09:23:54.0528 4636 C:\Windows\System32\msls31.dll - ok

09:23:54.0535 4636 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll

09:23:54.0535 4636 C:\Windows\SysWOW64\mswsock.dll - ok

09:23:54.0541 4636 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll

09:23:54.0541 4636 C:\Windows\System32\gameux.dll - ok

09:23:54.0548 4636 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL

09:23:54.0548 4636 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok

09:23:54.0555 4636 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll

09:23:54.0555 4636 C:\Windows\SysWOW64\dnsapi.dll - ok

09:23:54.0561 4636 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll

09:23:54.0561 4636 C:\Windows\SysWOW64\wship6.dll - ok

09:23:54.0568 4636 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL

09:23:54.0569 4636 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok

09:23:54.0574 4636 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll

09:23:54.0574 4636 C:\Windows\SysWOW64\rasadhlp.dll - ok

09:23:54.0581 4636 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll

09:23:54.0581 4636 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok

09:23:54.0587 4636 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll

09:23:54.0587 4636 C:\Windows\System32\DeviceCenter.dll - ok

09:23:54.0594 4636 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL

09:23:54.0594 4636 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok

09:23:54.0600 4636 [ AB2F2F56064E8AA8634C790956860A3D ] C:\Windows\System32\ieframe.dll

09:23:54.0600 4636 C:\Windows\System32\ieframe.dll - ok

09:23:54.0608 4636 [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll

09:23:54.0608 4636 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok

09:23:54.0615 4636 [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

09:23:54.0615 4636 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok

09:23:54.0622 4636 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll

09:23:54.0622 4636 C:\Windows\System32\msiltcfg.dll - ok

09:23:54.0628 4636 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll

09:23:54.0628 4636 C:\Windows\System32\msi.dll - ok

09:23:54.0636 4636 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll

09:23:54.0636 4636 C:\Windows\System32\thumbcache.dll - ok

09:23:54.0642 4636 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll

09:23:54.0642 4636 C:\Windows\System32\networkexplorer.dll - ok

09:23:54.0648 4636 [ 3895C05252E7EC7EE65973775B4548B0 ] C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe

09:23:54.0648 4636 C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe - ok

09:23:54.0655 4636 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll

09:23:54.0655 4636 C:\Windows\SysWOW64\riched20.dll - ok

09:23:54.0662 4636 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

09:23:54.0662 4636 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok

09:23:54.0668 4636 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll

09:23:54.0668 4636 C:\Windows\System32\msimg32.dll - ok

09:23:54.0675 4636 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll

09:23:54.0675 4636 C:\Windows\SysWOW64\ExplorerFrame.dll - ok

09:23:54.0682 4636 [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll

09:23:54.0682 4636 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok

09:23:54.0689 4636 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll

09:23:54.0689 4636 C:\Windows\System32\oledlg.dll - ok

09:23:54.0695 4636 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll

09:23:54.0695 4636 C:\Windows\SysWOW64\duser.dll - ok

09:23:54.0701 4636 [ 46FC03AB68A23DA0C75990DD3413F03C ] C:\Users\GrahamO\AppData\Local\nsycuvkh\vyqofytx.exe

09:23:54.0701 4636 C:\Users\GrahamO\AppData\Local\nsycuvkh\vyqofytx.exe - ok

09:23:54.0708 4636 [ 85D6E8F735865B502D65D1D91A79E3F3 ] C:\Windows\System32\browserchoice.exe

09:23:54.0708 4636 C:\Windows\System32\browserchoice.exe - ok

09:23:54.0714 4636 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll

09:23:54.0715 4636 C:\Windows\SysWOW64\dui70.dll - ok

09:23:54.0721 4636 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll

09:23:54.0721 4636 C:\Windows\System32\UIAnimation.dll - ok

09:23:54.0728 4636 [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

09:23:54.0728 4636 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok

09:23:54.0734 4636 [ 07DFD28E57879554D054464EE4A5662D ] C:\Program Files (x86)\Internet Explorer\iexplore.exe

09:23:54.0735 4636 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok

09:23:54.0741 4636 [ E00DE20F0F6BED5CD2160247DDC9443B ] C:\Program Files (x86)\ERUNT\AUTOBACK.EXE

09:23:54.0742 4636 C:\Program Files (x86)\ERUNT\AUTOBACK.EXE - ok

09:23:54.0748 4636 [ 3D0B9EA79BF1F828324447D84AA9DCE2 ] C:\Windows\hh.exe

09:23:54.0748 4636 C:\Windows\hh.exe - ok

09:23:54.0754 4636 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll

09:23:54.0754 4636 C:\Windows\System32\mlang.dll - ok

09:23:54.0761 4636 [ 3E130FA0D5289C8812021FF57F3851F5 ] C:\Program Files\Internet Explorer\sqmapi.dll

09:23:54.0761 4636 C:\Program Files\Internet Explorer\sqmapi.dll - ok

09:23:54.0767 4636 [ 2E0323A94915FAAB10A25F3BABF82584 ] C:\Program Files (x86)\ERUNT\ERUNT.EXE

09:23:54.0767 4636 C:\Program Files (x86)\ERUNT\ERUNT.EXE - ok

09:23:54.0774 4636 [ 1BC6798160D4FB79B6E96FF4E055252C ] C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe

09:23:54.0774 4636 C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe - ok

09:23:54.0781 4636 [ 46FC03AB68A23DA0C75990DD3413F03C ] C:\Users\GrahamO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vyqofytx.exe

09:23:54.0781 4636 C:\Users\GrahamO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vyqofytx.exe - ok

09:23:54.0788 4636 [ 16EEF12A3C5B1FE2658222A21C967226 ] C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.dll

09:23:54.0788 4636 C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.dll - ok

09:23:54.0794 4636 [ ECC9B782385F30965970ACA1BEA26B27 ] C:\Program Files\CCleaner\CCleaner64.exe

09:23:54.0795 4636 C:\Program Files\CCleaner\CCleaner64.exe - ok

09:23:54.0801 4636 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll

09:23:54.0801 4636 C:\Windows\SysWOW64\oledlg.dll - ok

09:23:54.0809 4636 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe

09:23:54.0809 4636 C:\Windows\SysWOW64\svchost.exe - ok

09:23:54.0815 4636 [ 80A02F5ADDDF2D615B85A4F19424DCBB ] C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe

09:23:54.0815 4636 C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe - ok

09:23:54.0822 4636 [ 541B822882607023E75FFEC0C8F90FAF ] C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe

09:23:54.0822 4636 C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe - ok

09:23:54.0829 4636 [ 9ED4F1D990A3D16112155EA2D50E7975 ] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe

09:23:54.0829 4636 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe - ok

09:23:54.0836 4636 [ 516C67F32A77F3ED296FE7F9AAD2ADAA ] C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\BCGCBPRO100u80.dll

09:23:54.0836 4636 C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\BCGCBPRO100u80.dll - ok

09:23:54.0843 4636 [ F7E0783DA9043BC131BB37C77EDB04DF ] C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe

09:23:54.0843 4636 C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe - ok

09:23:54.0850 4636 [ 76A3A30B58405C2C6D833895253A51A9 ] C:\Program Files (x86)\QuickTime\qttask.exe

09:23:54.0850 4636 C:\Program Files (x86)\QuickTime\qttask.exe - ok

09:23:54.0857 4636 [ 3D24A66867ECE2A70223A83A1B18248D ] C:\Program Files (x86)\AVG\AVG2013\avgui.exe

09:23:54.0857 4636 C:\Program Files (x86)\AVG\AVG2013\avgui.exe - ok

09:23:54.0863 4636 [ 9B591CF99009D5DD52B653637723D1B2 ] C:\Windows\SysWOW64\QuickTime.qts

09:23:54.0863 4636 C:\Windows\SysWOW64\QuickTime.qts - ok

09:23:54.0870 4636 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

09:23:54.0870 4636 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok

09:23:54.0877 4636 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll

09:23:54.0877 4636 C:\Windows\SysWOW64\sxs.dll - ok

09:23:54.0883 4636 [ DE3B0EB30EAC56EAEC35DEDC8CA2C160 ] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\dmres.dll

09:23:54.0883 4636 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\dmres.dll - ok

09:23:54.0889 4636 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll

09:23:54.0889 4636 C:\Windows\System32\mscoree.dll - ok

09:23:54.0894 4636 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll

09:23:54.0894 4636 C:\Windows\SysWOW64\NapiNSP.dll - ok

09:23:54.0900 4636 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll

09:23:54.0900 4636 C:\Windows\SysWOW64\nlaapi.dll - ok

09:23:54.0909 4636 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll

09:23:54.0909 4636 C:\Windows\SysWOW64\pnrpnsp.dll - ok

09:23:54.0913 4636 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll

09:23:54.0914 4636 C:\Windows\System32\stobject.dll - ok

09:23:54.0920 4636 [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\SysWOW64\WMVCORE.DLL

09:23:54.0920 4636 C:\Windows\SysWOW64\WMVCORE.DLL - ok

09:23:54.0927 4636 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll

09:23:54.0927 4636 C:\Windows\System32\batmeter.dll - ok

09:23:54.0933 4636 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll

09:23:54.0933 4636 C:\Windows\SysWOW64\odbc32.dll - ok

09:23:54.0939 4636 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll

09:23:54.0940 4636 C:\Windows\SysWOW64\winrnr.dll - ok

09:23:54.0946 4636 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll

09:23:54.0946 4636 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok

09:23:54.0953 4636 [ 36FDB8C775B1F7D2069B8C8D0CD09084 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

09:23:54.0953 4636 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok

09:23:54.0960 4636 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll

09:23:54.0960 4636 C:\Windows\SysWOW64\odbcint.dll - ok

09:23:54.0966 4636 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll

09:23:54.0966 4636 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok

09:23:54.0973 4636 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll

09:23:54.0973 4636 C:\Windows\SysWOW64\msimg32.dll - ok

09:23:54.0980 4636 [ 1873AB8B491A37BFF577DD7D8E4BA2A6 ] C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NB.dll

09:23:54.0980 4636 C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NB.dll - ok

09:23:54.0986 4636 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll

09:23:54.0986 4636 C:\Windows\System32\prnfldr.dll - ok

09:23:54.0993 4636 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll

09:23:54.0994 4636 C:\Windows\System32\DXP.dll - ok

09:23:55.0000 4636 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll

09:23:55.0000 4636 C:\Windows\System32\AltTab.dll - ok

09:23:55.0006 4636 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll

09:23:55.0006 4636 C:\Windows\System32\pnidui.dll - ok

09:23:55.0013 4636 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\SysWOW64\WMASF.DLL

09:23:55.0013 4636 C:\Windows\SysWOW64\WMASF.DLL - ok

09:23:55.0020 4636 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

09:23:55.0020 4636 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok

09:23:55.0027 4636 [ 73DBAA64D589F3262615550DD6881FEE ] C:\Windows\winsxs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll

09:23:55.0027 4636 C:\Windows\winsxs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll - ok

09:23:55.0034 4636 [ 00AB2B491C7037BB219BEB26FAD34C72 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

09:23:55.0034 4636 C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE - ok

09:23:55.0041 4636 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL

09:23:55.0041 4636 C:\Windows\System32\QUTIL.DLL - ok

09:23:55.0047 4636 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll

09:23:55.0047 4636 C:\Windows\System32\Syncreg.dll - ok

09:23:55.0053 4636 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl

09:23:55.0053 4636 C:\Windows\System32\bthprops.cpl - ok

09:23:55.0060 4636 [ 5F7EE76129F9A591F22F99F95D97AC95 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

09:23:55.0061 4636 C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe - ok

09:23:55.0067 4636 [ 46FC03AB68A23DA0C75990DD3413F03C ] C:\Users\GrahamO\AppData\Local\Temp\neojhxse.exe

09:23:55.0067 4636 C:\Users\GrahamO\AppData\Local\Temp\neojhxse.exe - ok

09:23:55.0074 4636 [ 2C1BB3AD51826AA96C9802CBC123814F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll

09:23:55.0074 4636 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll - ok

09:23:55.0081 4636 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll

09:23:55.0081 4636 C:\Windows\SysWOW64\mfc100u.dll - ok

09:23:55.0087 4636 [ C961DF80273271C2DC4CAEF1E4FFD811 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMLNG.DLL

09:23:55.0087 4636 C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMLNG.DLL - ok

09:23:55.0094 4636 [ 7CB7FF216D25CAE3343174E3B49088FD ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_ENU.dll

09:23:55.0095 4636 C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_ENU.dll - ok

09:23:55.0101 4636 [ 163A95975E1D8819E653AA3E961371CA ] C:\Windows\twain_32.dll

09:23:55.0101 4636 C:\Windows\twain_32.dll - ok

09:23:55.0108 4636 [ B1EA930AE1318F40AE51CDD11023CDBE ] C:\Windows\twain_32\MG3100 series\CISDS.DS

09:23:55.0108 4636 C:\Windows\twain_32\MG3100 series\CISDS.DS - ok

09:23:55.0114 4636 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll

09:23:55.0114 4636 C:\Windows\ehome\ehSSO.dll - ok

09:23:55.0120 4636 [ B1EA930AE1318F40AE51CDD11023CDBE ] C:\Windows\twain_32\MG3100 series\CISDS_Network.DS

09:23:55.0120 4636 C:\Windows\twain_32\MG3100 series\CISDS_Network.DS - ok

09:23:55.0127 4636 [ 4BC526551B07DF63A219B85576568B07 ] C:\Windows\SysWOW64\CNMNPPM.DLL

09:23:55.0127 4636 C:\Windows\SysWOW64\CNMNPPM.DLL - ok

09:23:55.0134 4636 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll

09:23:55.0134 4636 C:\Windows\System32\WPDShServiceObj.dll - ok

09:23:55.0137 4636 [ 1B07CCEB1BCAD0AB14FDB718BE8EE1B3 ] C:\Program Files (x86)\Common Files\Nero\AdvrCntr4\AdvrCntr4.dll

09:23:55.0137 4636 C:\Program Files (x86)\Common Files\Nero\AdvrCntr4\AdvrCntr4.dll - ok

09:23:55.0145 4636 [ 0503D60AFCED7CB601C7CA70C08E8CAC ] C:\Windows\twain_32\wiatwain.ds

09:23:55.0145 4636 C:\Windows\twain_32\wiatwain.ds - ok

09:23:55.0151 4636 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll

09:23:55.0151 4636 C:\Windows\System32\PortableDeviceTypes.dll - ok

09:23:55.0158 4636 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

09:23:55.0158 4636 C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe - ok

09:23:55.0165 4636 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll

09:23:55.0165 4636 C:\Windows\System32\srchadmin.dll - ok

09:23:55.0171 4636 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll

09:23:55.0171 4636 C:\Windows\System32\FXSST.dll - ok

09:23:55.0178 4636 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll

09:23:55.0178 4636 C:\Windows\System32\FXSAPI.dll - ok

09:23:55.0184 4636 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe

09:23:55.0184 4636 C:\Windows\System32\SearchIndexer.exe - ok

09:23:55.0190 4636 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll

09:23:55.0190 4636 C:\Windows\System32\tquery.dll - ok

09:23:55.0197 4636 [ 80279007CAB3549A5999348BD0C23732 ] C:\Windows\SysWOW64\wiadss.dll

09:23:55.0197 4636 C:\Windows\SysWOW64\wiadss.dll - ok

09:23:55.0204 4636 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll

09:23:55.0204 4636 C:\Windows\System32\FXSRESM.dll - ok

09:23:55.0210 4636 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll

09:23:55.0211 4636 C:\Windows\SysWOW64\netprofm.dll - ok

09:23:55.0217 4636 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll

09:23:55.0217 4636 C:\Windows\SysWOW64\dhcpcsvc.dll - ok

09:23:55.0223 4636 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll

09:23:55.0223 4636 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok

09:23:55.0230 4636 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll

09:23:55.0230 4636 C:\Windows\SysWOW64\npmproxy.dll - ok

09:23:55.0236 4636 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll

09:23:55.0236 4636 C:\Windows\SysWOW64\samcli.dll - ok

09:23:55.0244 4636 [ F658427F0CDB3BE043D31A802111B60F ] C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\LBFC.dll

09:23:55.0244 4636 C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\LBFC.dll - ok

09:23:55.0250 4636 [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\Windows\SysWOW64\mfc100enu.dll

09:23:55.0250 4636 C:\Windows\SysWOW64\mfc100enu.dll - ok

09:23:55.0257 4636 [ A33452A42BDF214E7FC40CB470515605 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe

09:23:55.0257 4636 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok

09:23:55.0264 4636 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe

09:23:55.0264 4636 C:\Windows\System32\FXSSVC.exe - ok

09:23:55.0270 4636 [ 8A07221789D46B2EA7DFCA2BC807572A ] C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe

09:23:55.0270 4636 C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe - ok

09:23:55.0277 4636 [ 2E483EC51216B52C711C7EC642798BB7 ] C:\Windows\System32\sti.dll

09:23:55.0277 4636 C:\Windows\System32\sti.dll - ok

09:23:55.0283 4636 [ F01DD7190E67A45BD1D5FA4A12A78AA7 ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll

09:23:55.0283 4636 C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll - ok

09:23:55.0290 4636 [ 85473FACB0E0534CE6F934EF69DB016F ] C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBRes.dll

09:23:55.0290 4636 C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBRes.dll - ok

09:23:55.0297 4636 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll

09:23:55.0297 4636 C:\Windows\System32\mssrch.dll - ok

09:23:55.0304 4636 [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2 ] C:\Windows\SysWOW64\sti.dll

09:23:55.0304 4636 C:\Windows\SysWOW64\sti.dll - ok

09:23:55.0310 4636 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\SysWOW64\wiatrace.dll

09:23:55.0311 4636 C:\Windows\SysWOW64\wiatrace.dll - ok

09:23:55.0317 4636 [ 2D551505065E85DFA8A7BACBE48801AD ] C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\PL2571.dll

09:23:55.0317 4636 C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\PL2571.dll - ok

09:23:55.0323 4636 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll

09:23:55.0324 4636 C:\Windows\System32\msidle.dll - ok

09:23:55.0331 4636 [ 151441E3505C042F1A272B13D110B90D ] C:\Program Files (x86)\Canon\Solution Menu EX\LangInfo\EN\CNSELANG.DLL

09:23:55.0331 4636 C:\Program Files (x86)\Canon\Solution Menu EX\LangInfo\EN\CNSELANG.DLL - ok

09:23:55.0337 4636 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll

09:23:55.0337 4636 C:\Windows\System32\mssprxy.dll - ok

09:23:55.0344 4636 [ 9EED448E2C6306BFD8B2B19063FC21A1 ] C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll

09:23:55.0344 4636 C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll - ok

09:23:55.0350 4636 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui

09:23:55.0350 4636 C:\Windows\System32\en-US\tquery.dll.mui - ok

09:23:55.0357 4636 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll

09:23:55.0357 4636 C:\Windows\System32\rasdlg.dll - ok

09:23:55.0363 4636 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll

09:23:55.0363 4636 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok

09:23:55.0370 4636 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll

09:23:55.0370 4636 C:\Windows\System32\dot3api.dll - ok

09:23:55.0377 4636 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll

09:23:55.0377 4636 C:\Windows\System32\riched20.dll - ok

09:23:55.0383 4636 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll

09:23:55.0383 4636 C:\Windows\System32\wlanhlp.dll - ok

09:23:55.0391 4636 [ 2FEF21EEE9934BB10165AA02E530183C ] C:\Program Files (x86)\AVG\AVG2013\avglngx.dll

09:23:55.0391 4636 C:\Program Files (x86)\AVG\AVG2013\avglngx.dll - ok

09:23:55.0399 4636 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll

09:23:55.0399 4636 C:\Windows\System32\wlanapi.dll - ok

09:23:55.0406 4636 [ B80B70609797F944517186DDAC174A50 ] C:\Program Files (x86)\AVG\AVG2013\avguires.dll

09:23:55.0406 4636 C:\Program Files (x86)\AVG\AVG2013\avguires.dll - ok

09:23:55.0415 4636 [ 15CA07D0AD05DF2D1CFB1204A1166D52 ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZSMEX.DLL

09:23:55.0415 4636 C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZSMEX.DLL - ok

09:23:55.0420 4636 [ 251525F0A8F6157D7DA2E7455E58563C ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZDBAC.DLL

09:23:55.0420 4636 C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZDBAC.DLL - ok

09:23:55.0427 4636 [ 5D18F3897C0FF695E724372B195865F1 ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMME.DLL

09:23:55.0427 4636 C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMME.DLL - ok

09:23:55.0434 4636 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll

09:23:55.0434 4636 C:\Windows\SysWOW64\winsta.dll - ok

09:23:55.0440 4636 [ B9BFE20689398A7618C4AF5137F4068C ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\LEJES.DLL

09:23:55.0440 4636 C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\LEJES.DLL - ok

09:23:55.0447 4636 [ 730E90935150048A4E5F392FCDD49DA3 ] C:\Program Files (x86)\AVG\AVG2013\avgapps.dll

09:23:55.0447 4636 C:\Program Files (x86)\AVG\AVG2013\avgapps.dll - ok

09:23:55.0454 4636 [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll

09:23:55.0454 4636 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok

09:23:55.0462 4636 [ 97548D6969BC66D01B89E1F80B35E83E ] C:\Windows\System32\spool\drivers\x64\3\CNMDRAR.DLL

09:23:55.0462 4636 C:\Windows\System32\spool\drivers\x64\3\CNMDRAR.DLL - ok

09:23:55.0467 4636 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe

09:23:55.0467 4636 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok

09:23:55.0474 4636 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll

09:23:55.0474 4636 C:\Windows\System32\WWanAPI.dll - ok

09:23:55.0480 4636 [ 5746BD7E255DD6A8AFA06F7C42C1BA41 ] C:\Windows\System32\cmd.exe

09:23:55.0481 4636 C:\Windows\System32\cmd.exe - ok

09:23:55.0487 4636 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL

09:23:55.0487 4636 C:\Windows\System32\QAGENT.DLL - ok

09:23:55.0493 4636 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll

09:23:55.0493 4636 C:\Windows\System32\wwapi.dll - ok

09:23:55.0500 4636 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll

09:23:55.0500 4636 C:\Program Files\Windows Media Player\wmpnssci.dll - ok

09:23:55.0506 4636 [ 127AA81343A7C6F665C22CB1293B0A90 ] C:\Windows\splwow64.exe

09:23:55.0507 4636 C:\Windows\splwow64.exe - ok

09:23:55.0514 4636 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe

09:23:55.0514 4636 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok

09:23:55.0520 4636 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll

09:23:55.0520 4636 C:\Windows\System32\mscms.dll - ok

09:23:55.0526 4636 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll

09:23:55.0526 4636 C:\Windows\System32\wsock32.dll - ok

09:23:55.0533 4636 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll

09:23:55.0533 4636 C:\Windows\System32\wmdrmdev.dll - ok

09:23:55.0539 4636 [ 9682D5B9D9309377C1A7E08C3E6B7B3D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll

09:23:55.0540 4636 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll - ok

09:23:55.0546 4636 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll

09:23:55.0546 4636 C:\Windows\System32\drmv2clt.dll - ok

09:23:55.0553 4636 [ DEAB2B98FFC24E784D6B81BFD42130F7 ] C:\Windows\System32\spool\drivers\x64\3\CNMUIAR.DLL

09:23:55.0553 4636 C:\Windows\System32\spool\drivers\x64\3\CNMUIAR.DLL - ok

09:23:55.0559 4636 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll

09:23:55.0559 4636 C:\Windows\System32\wmp.dll - ok

09:23:55.0566 4636 [ A6D351093F75D16C574DB31CDF736153 ] C:\Users\GrahamO\AppData\Local\Temp\djgthpae.sys

09:23:55.0567 4636 C:\Users\GrahamO\AppData\Local\Temp\djgthpae.sys - ok

09:23:55.0573 4636 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll

09:23:55.0573 4636 C:\Windows\SysWOW64\FirewallAPI.dll - ok

09:23:55.0580 4636 [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe

09:23:55.0580 4636 C:\Windows\System32\PrintIsolationHost.exe - ok

09:23:55.0586 4636 [ 59BEA4786D3782C98D85400F45FCD2A9 ] C:\Windows\System32\spool\drivers\x64\3\CNMCPAR.DLL

09:23:55.0586 4636 C:\Windows\System32\spool\drivers\x64\3\CNMCPAR.DLL - ok

09:23:55.0593 4636 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll

09:23:55.0593 4636 C:\Windows\SysWOW64\mscms.dll - ok

09:23:55.0599 4636 [ 89AFDD29832AA923926BDD4B5F5243D5 ] C:\Windows\erdnt\AutoBackup\7-8-2013\ERDNT.EXE

09:23:55.0599 4636 C:\Windows\erdnt\AutoBackup\7-8-2013\ERDNT.EXE - ok

09:23:55.0606 4636 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll

09:23:55.0606 4636 C:\Windows\SysWOW64\icm32.dll - ok

09:23:55.0614 4636 [ 28638660E651578C354BF43CD646EF6D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll

09:23:55.0614 4636 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll - ok

09:23:55.0619 4636 [ 976594682076387B72EC28176034CAD8 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key

09:23:55.0619 4636 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok

09:23:55.0626 4636 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL

09:23:55.0626 4636 C:\Windows\System32\wmploc.DLL - ok

09:23:55.0632 4636 [ 4D2A265C64B0EAAD21BC175902F35E63 ] C:\Windows\System32\spool\drivers\x64\3\CNMBS3AR.DLL

09:23:55.0633 4636 C:\Windows\System32\spool\drivers\x64\3\CNMBS3AR.DLL - ok

09:23:55.0639 4636 [ A7934B26A096F39B15960E0A56C1C8C4 ] C:\Windows\SysWOW64\bidispl.dll

09:23:55.0639 4636 C:\Windows\SysWOW64\bidispl.dll - ok

09:23:55.0643 4636 [ C0035666593496CA0FCD61600A11C83B ] C:\Windows\System32\spool\drivers\x64\3\CNMFUAR.DLL

09:23:55.0643 4636 C:\Windows\System32\spool\drivers\x64\3\CNMFUAR.DLL - ok

09:23:55.0650 4636 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll

09:23:55.0650 4636 C:\Windows\System32\upnp.dll - ok

09:23:55.0656 4636 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll

09:23:55.0656 4636 C:\Windows\System32\ssdpsrv.dll - ok

09:23:55.0664 4636 [ 7403E983C3B76A4D92A92229DA1FFBE7 ] C:\Windows\System32\spool\drivers\x64\3\CNMBM3AR.DLL

09:23:55.0664 4636 C:\Windows\System32\spool\drivers\x64\3\CNMBM3AR.DLL - ok

09:23:55.0670 4636 [ 41D113966CAFEE905864259B7D4ECD65 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\18f31a371a986b6f6b968530d8b89e25\System.Windows.Forms.ni.dll

09:23:55.0670 4636 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\18f31a371a986b6f6b968530d8b89e25\System.Windows.Forms.ni.dll - ok

09:23:55.0677 4636 [ CEF66E065D97983A1018EE61982D20C1 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0401\CNMurAR.dll

09:23:55.0677 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0401\CNMurAR.dll - ok

09:23:55.0684 4636 [ 75B8FFEA5A8A033BD2FA4873011DB719 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0404\CNMurAR.dll

09:23:55.0684 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0404\CNMurAR.dll - ok

09:23:55.0690 4636 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll

09:23:55.0690 4636 C:\Windows\SysWOW64\linkinfo.dll - ok

09:23:55.0699 4636 [ 5FAEE65241F282743EE23DE6D5AB867A ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0405\CNMurAR.dll

09:23:55.0699 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0405\CNMurAR.dll - ok

09:23:55.0704 4636 [ FCCAD56D0EBB05EF6B3CB5937DD85476 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0406\CNMurAR.dll

09:23:55.0705 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0406\CNMurAR.dll - ok

09:23:55.0711 4636 [ F58D2CA33D58C2C8AC56FA0BA4E744D3 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0407\CNMurAR.dll

09:23:55.0711 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0407\CNMurAR.dll - ok

09:23:55.0718 4636 [ A5BE518E515EF80EFD10B6727F31E366 ] C:\Program Files\Internet Explorer\ieproxy.dll

09:23:55.0718 4636 C:\Program Files\Internet Explorer\ieproxy.dll - ok

09:23:55.0725 4636 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll

09:23:55.0725 4636 C:\Windows\System32\provsvc.dll - ok

09:23:55.0732 4636 [ C62230C28C9B58332A37F614156F8D23 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0408\CNMurAR.dll

09:23:55.0732 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0408\CNMurAR.dll - ok

09:23:55.0738 4636 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll

09:23:55.0738 4636 C:\Windows\System32\wmpps.dll - ok

09:23:55.0745 4636 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll

09:23:55.0745 4636 C:\Windows\System32\wmpmde.dll - ok

09:23:55.0751 4636 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll

09:23:55.0752 4636 C:\Windows\System32\WinSATAPI.dll - ok

09:23:55.0758 4636 [ 592D6989F8464A1700748A5B96A7FD4E ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0409\CNMurAR.dll

09:23:55.0758 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0409\CNMurAR.dll - ok

09:23:55.0766 4636 [ 05920BD009621D06722A1CD339DA6481 ] C:\Windows\SysWOW64\mshtml.dll

09:23:55.0766 4636 C:\Windows\SysWOW64\mshtml.dll - ok

09:23:55.0771 4636 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL

09:23:55.0771 4636 C:\Windows\System32\MSMPEG2ENC.DLL - ok

09:23:55.0777 4636 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll

09:23:55.0778 4636 C:\Windows\System32\devenum.dll - ok

09:23:55.0785 4636 [ A7B49CEF6BF0DBF44DD3494D036033BB ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\040b\CNMurAR.dll

09:23:55.0785 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\040b\CNMurAR.dll - ok

09:23:55.0791 4636 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll

09:23:55.0791 4636 C:\Windows\System32\msdmo.dll - ok

09:23:55.0797 4636 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll

09:23:55.0797 4636 C:\Windows\System32\upnphost.dll - ok

09:23:55.0805 4636 [ BF2B8E5C6F62FB13F83F91942228FA07 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\040c\CNMurAR.dll

09:23:55.0805 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\040c\CNMurAR.dll - ok

09:23:55.0811 4636 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll

09:23:55.0811 4636 C:\Windows\System32\wbem\wmiprov.dll - ok

09:23:55.0820 4636 [ 7107DA3F5DCA124C71055943A84BE940 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\040e\CNMurAR.dll

09:23:55.0821 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\040e\CNMurAR.dll - ok

09:23:55.0825 4636 [ 7508531B6A63221EE7D94D3C26A8CD2C ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0410\CNMurAR.dll

09:23:55.0825 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0410\CNMurAR.dll - ok

09:23:55.0832 4636 [ FD16677B09FAE5D68D0AEE998D721D36 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0411\CNMurAR.dll

09:23:55.0832 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0411\CNMurAR.dll - ok

09:23:55.0839 4636 [ 9B556934956FB52E1D3D37A14583215A ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0412\CNMurAR.dll

09:23:55.0839 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0412\CNMurAR.dll - ok

09:23:55.0846 4636 [ B7B6AA550D82D550DC9EF92E73D4C38C ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0413\CNMurAR.dll

09:23:55.0846 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0413\CNMurAR.dll - ok

09:23:55.0853 4636 [ 0D3E91A1F056B1FD511D4A4D6F5AB180 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0414\CNMurAR.dll

09:23:55.0853 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0414\CNMurAR.dll - ok

09:23:55.0860 4636 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll

09:23:55.0860 4636 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok

09:23:55.0867 4636 [ 38B26E0B6D2E3A4C371F10EB261CAE9E ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0415\CNMurAR.dll

09:23:55.0867 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0415\CNMurAR.dll - ok

09:23:55.0874 4636 [ D1BD7BA53E3977B62C4B98F4C55472C6 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0416\CNMurAR.dll

09:23:55.0875 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0416\CNMurAR.dll - ok

09:23:55.0884 4636 [ 9E4EBD035E8F349C0BBA6F35A0E7DBF9 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0419\CNMurAR.dll

09:23:55.0884 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0419\CNMurAR.dll - ok

09:23:55.0889 4636 [ 5786C5AE6BB93E7FF72116D857FD33B9 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\041D\CNMurAR.dll

09:23:55.0889 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\041D\CNMurAR.dll - ok

09:23:55.0896 4636 [ 93512E6DD0EB477E523557EFAFA607F9 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\041E\CNMurAR.dll

09:23:55.0896 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\041E\CNMurAR.dll - ok

09:23:55.0900 4636 [ 426BEFE249D5EA4A79838C99FB2C7FF9 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\041F\CNMurAR.dll

09:23:55.0900 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\041F\CNMurAR.dll - ok

09:23:55.0907 4636 [ AEA6E072BB96D7D5D05BA4D8E2733D33 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0421\CNMurAR.dll

09:23:55.0907 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0421\CNMurAR.dll - ok

09:23:55.0914 4636 [ A7C48F3D2F119712E779184933698F90 ] C:\Program Files (x86)\AVG\AVG2013\avgdecider.dll

09:23:55.0914 4636 C:\Program Files (x86)\AVG\AVG2013\avgdecider.dll - ok

09:23:55.0921 4636 [ 954DC690A1F523098EA97CFB1F0C9FEE ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0804\CNMurAR.dll

09:23:55.0921 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0804\CNMurAR.dll - ok

09:23:55.0928 4636 [ 1589D8C640EC72EF93492DB78D8E86E4 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0c0a\CNMurAR.dll

09:23:55.0928 4636 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MG3100 series Printer\LanguageModules\0c0a\CNMurAR.dll - ok

09:23:55.0935 4636 [ 6DF3EA6FB1D0521127377F454081ABEA ] C:\Windows\SysWOW64\msscript.ocx

09:23:55.0935 4636 C:\Windows\SysWOW64\msscript.ocx - ok

09:23:55.0942 4636 [ 091C7153A1292F19BE34FAC07FFF12EC ] C:\Windows\SysWOW64\jscript.dll

09:23:55.0942 4636 C:\Windows\SysWOW64\jscript.dll - ok

09:23:55.0948 4636 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll

09:23:55.0948 4636 C:\Windows\SysWOW64\msimtf.dll - ok

09:23:55.0955 4636 [ ADEBE066D15DC0C0B88A4C8698B90704 ] C:\Windows\System32\spool\drivers\x64\3\CNMUBAR.DLL

09:23:55.0955 4636 C:\Windows\System32\spool\drivers\x64\3\CNMUBAR.DLL - ok

09:23:55.0961 4636 [ C225E5307D8D4982A1687F2702C37C78 ] C:\Windows\SysWOW64\msls31.dll

09:23:55.0961 4636 C:\Windows\SysWOW64\msls31.dll - ok

09:23:55.0968 4636 [ 9FF8F684BACF326082E5562F7C104A79 ] C:\Windows\SysWOW64\d2d1.dll

09:23:55.0968 4636 C:\Windows\SysWOW64\d2d1.dll - ok

09:23:55.0974 4636 [ 5E3BA3887FA79E2588FAF1CC51EE3DB6 ] C:\Windows\System32\spool\drivers\x64\3\CNMBS6AR.DLL

09:23:55.0974 4636 C:\Windows\System32\spool\drivers\x64\3\CNMBS6AR.DLL - ok

09:23:55.0981 4636 [ 9FA56171C452530E2F51E3238B52140B ] C:\Windows\System32\bidispl.dll

09:23:55.0981 4636 C:\Windows\System32\bidispl.dll - ok

09:23:55.0987 4636 [ 2362B23E77CF7B05EFBBC18AC7E72694 ] C:\Windows\System32\spool\drivers\x64\3\CNMEIAR.DLL

09:23:55.0988 4636 C:\Windows\System32\spool\drivers\x64\3\CNMEIAR.DLL - ok

09:23:55.0994 4636 [ 4277F5164DE9B7C665BB928B9145BEE0 ] C:\Windows\SysWOW64\DWrite.dll

09:23:55.0994 4636 C:\Windows\SysWOW64\DWrite.dll - ok

09:23:56.0001 4636 [ B527D573D454C5629EE039103B842184 ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMAIN.EXE

09:23:56.0001 4636 C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMAIN.EXE - ok

09:23:56.0007 4636 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll

09:23:56.0007 4636 C:\Windows\SysWOW64\dxgi.dll - ok

09:23:56.0013 4636 [ 7390AB2B900AD9D1768F471818854196 ] C:\Windows\SysWOW64\igdumdx32.dll

09:23:56.0014 4636 C:\Windows\SysWOW64\igdumdx32.dll - ok

09:23:56.0020 4636 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll

09:23:56.0020 4636 C:\Windows\System32\drprov.dll - ok

09:23:56.0027 4636 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll

09:23:56.0027 4636 C:\Windows\System32\ntlanman.dll - ok

09:23:56.0033 4636 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll

09:23:56.0033 4636 C:\Windows\System32\davclnt.dll - ok

09:23:56.0040 4636 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll

09:23:56.0040 4636 C:\Windows\System32\davhlpr.dll - ok

09:23:56.0046 4636 [ 6DE66FE7C526637E74CD066461C7C871 ] C:\Windows\SysWOW64\d3d11.dll

09:23:56.0046 4636 C:\Windows\SysWOW64\d3d11.dll - ok

09:23:56.0053 4636 [ BC0D4AFBE94D8E1F81C8926D805C3366 ] C:\Windows\System32\webcheck.dll

09:23:56.0053 4636 C:\Windows\System32\webcheck.dll - ok

09:23:56.0059 4636 [ B3170CCC779B682C3341873EA60CF084 ] C:\Windows\SysWOW64\d3d10warp.dll

09:23:56.0059 4636 C:\Windows\SysWOW64\d3d10warp.dll - ok

09:23:56.0065 4636 [ 005C2F73761226A4224248B178F95612 ] C:\Program Files (x86)\Canon\MP Navigator EX 5.0\mpnex50.exe

09:23:56.0065 4636 C:\Program Files (x86)\Canon\MP Navigator EX 5.0\mpnex50.exe - ok

09:23:56.0072 4636 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll

09:23:56.0072 4636 C:\Windows\System32\SyncCenter.dll - ok

09:23:56.0079 4636 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll

09:23:56.0079 4636 C:\Windows\System32\udhisapi.dll - ok

09:23:56.0087 4636 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll

09:23:56.0087 4636 C:\Windows\System32\imapi2.dll - ok

09:23:56.0092 4636 [ 20308CF0675AD7CE5AAA6712DB823216 ] C:\Program Files (x86)\Windows Defender\MpClient.dll

09:23:56.0092 4636 C:\Program Files (x86)\Windows Defender\MpClient.dll - ok

09:23:56.0099 4636 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll

09:23:56.0099 4636 C:\Windows\System32\hgcpl.dll - ok

09:23:56.0105 4636 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll

09:23:56.0105 4636 C:\Windows\System32\fdPHost.dll - ok

09:23:56.0112 4636 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll

09:23:56.0112 4636 C:\Windows\System32\FDResPub.dll - ok

09:23:56.0120 4636 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll

09:23:56.0120 4636 C:\Windows\System32\fdWSD.dll - ok

09:23:56.0125 4636 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll

09:23:56.0125 4636 C:\Windows\System32\fdSSDP.dll - ok

09:23:56.0131 4636 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll

09:23:56.0131 4636 C:\Windows\SysWOW64\mlang.dll - ok

09:23:56.0138 4636 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll

09:23:56.0138 4636 C:\Windows\System32\ListSvc.dll - ok

09:23:56.0144 4636 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll

09:23:56.0144 4636 C:\Windows\System32\P2P.dll - ok

09:23:56.0148 4636 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll

09:23:56.0148 4636 C:\Windows\System32\p2pcollab.dll - ok

09:23:56.0155 4636 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll

09:23:56.0155 4636 C:\Windows\System32\pnrpsvc.dll - ok

09:23:56.0161 4636 [ FD049C25A168D3DE310D9207B7B6367B ] C:\Windows\SysWOW64\UIAutomationCore.dll

09:23:56.0161 4636 C:\Windows\SysWOW64\UIAutomationCore.dll - ok

09:23:56.0168 4636 [ E69A7AD873CAF58D3A39DD8B0DB94724 ] C:\Program Files (x86)\AVG\AVG2013\avgcslx.dll

09:23:56.0168 4636 C:\Program Files (x86)\AVG\AVG2013\avgcslx.dll - ok

09:23:56.0175 4636 [ EBBD4C4F1EDB5C599E66E787C5C623CE ] C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe

09:23:56.0175 4636 C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe - ok

09:23:56.0181 4636 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL

09:23:56.0181 4636 C:\Windows\System32\QAGENTRT.DLL - ok

09:23:56.0190 4636 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll

09:23:56.0190 4636 C:\Windows\System32\fveui.dll - ok

09:23:56.0194 4636 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll

09:23:56.0194 4636 C:\Windows\System32\p2psvc.dll - ok

09:23:56.0201 4636 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll

09:23:56.0201 4636 C:\Windows\System32\P2PGraph.dll - ok

09:23:56.0207 4636 [ 5858DE874168C5F0AEA7A353DD520D48 ] C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

09:23:56.0208 4636 C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE - ok

09:23:56.0214 4636 [ 14DA421E463CE278854106421100E8DF ] C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNPUT.EXE

09:23:56.0214 4636 C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNPUT.EXE - ok

09:23:56.0221 4636 [ 97FA62873FF759574B20DF39FF22CC27 ] C:\Windows\SysWOW64\jscript9.dll

09:23:56.0221 4636 C:\Windows\SysWOW64\jscript9.dll - ok

09:23:56.0227 4636 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll

09:23:56.0227 4636 C:\Windows\System32\wbem\NCProv.dll - ok

09:23:56.0234 4636 [ 6B140B1382F1FE04BA57B196AEB19725 ] C:\Windows\SysWOW64\t2embed.dll

09:23:56.0234 4636 C:\Windows\SysWOW64\t2embed.dll - ok

09:23:56.0241 4636 [ C717D9B9C7B86D0D1641992F7BB19C47 ] C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexdl.dll

09:23:56.0241 4636 C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexdl.dll - ok

09:23:56.0247 4636 [ 70694A8314330B33F12C7838C1B0CC73 ] C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexdl.exe

09:23:56.0247 4636 C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexdl.exe - ok

09:23:56.0255 4636 [ 0A4B4A8991F9B7B38EF8EA2A877F11AD ] C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpdllng.dll

09:23:56.0255 4636 C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpdllng.dll - ok

09:23:56.0261 4636 [ 80A755D7F131990B4C5A78DF5A24ADC4 ] C:\Program Files (x86)\AVG\AVG2013\avguiadvx.dll

09:23:56.0261 4636 C:\Program Files (x86)\AVG\AVG2013\avguiadvx.dll - ok

09:23:56.0265 4636 ============================================================

09:23:56.0265 4636 Scan finished

09:23:56.0265 4636 ============================================================

09:23:56.0279 4628 Detected object count: 0

09:23:56.0279 4628 Actual detected object count: 0

09:24:28.0909 3736 Deinitialize success

AdvancedSetup · July 8, 2013

Please run the MBAM Anti-Rootkit scanner again and post back the log as an attachment.

Go ahead and download a new fresh copy of Combofix and run it.

Please visit this webpage for instructions on downloading and running ComboFix: How to use ComboFix

Please make sure you disable your security applications before running ComboFix.

Once Combofix has completed it will produce and open a log file. Please attach that log file to your next reply.
If needed the file can be located here: C:\combofix.txt

NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.

gco1133 · July 8, 2013

Malwarebytes Anti-Rootkit BETA 1.06.0.1004

www.malwarebytes.org

Database version: v2013.07.08.03

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16618

GrahamO :: GRAHAMO-TOSH [administrator]

08/07/2013 11:50:33

mbar-log-2013-07-08 (11-50-33).txt

Scan type: Quick scan

Scan options disabled: PUP

Objects scanned: 237337

Time elapsed: 34 minute(s), 43 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 4

HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Replace on reboot.

HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Replace on reboot.

HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Replace on reboot.

HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit (Hijack.UserInit) -> Bad: (userinit.exe,,C:\Users\GrahamO\AppData\Local\nsycuvkh\vyqofytx.exe) Good: (userinit.exe) -> Replace on reboot.

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

Physical Sectors Detected: 0

(No malicious items detected)

(end)

gco1133 · July 8, 2013

ComboFix 13-07-08.02 - GrahamO 08/07/2013 12:38:43.10.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3964.2126 [GMT 1:00]

Running from: c:\users\GrahamO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8MRB2O65\ComboFix.exe

AV: AVG AntiVirus Free Edition 2013 *Enabled/Outdated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG AntiVirus Free Edition 2013 *Enabled/Outdated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\GrahamO\AppData\Local\nsycuvkh\vyqofytx.exe

c:\users\GrahamO\AppData\Local\wfdhxtap.log

.

---- Previous Run -------

.

c:\users\GrahamO\AppData\Local\nsycuvkh\vyqofytx.exe

.

((((((((((((((((((((((((( Files Created from 2013-06-08 to 2013-07-08 )))))))))))))))))))))))))))))))

.

2013-07-08 11:52 . 2013-07-08 11:52 -------- d-----w- c:\users\Public\AppData\Local\temp

2013-07-08 11:52 . 2013-07-08 11:52 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-07-07 10:20 . 2013-07-07 10:20 -------- d-----w- c:\windows\ERUNT

2013-07-07 10:20 . 2013-07-07 10:20 -------- d-----w- C:\JRT

2013-07-07 08:56 . 2013-07-08 11:26 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)

2013-07-07 08:55 . 2013-07-07 08:55 36680 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2013-07-07 08:50 . 2013-07-07 08:50 -------- d-----w- c:\program files (x86)\ERUNT

2013-07-06 08:28 . 2013-07-06 08:28 -------- d-----w- c:\program files (x86)\ESET

2013-07-05 23:03 . 2013-07-05 23:03 -------- d-----w- c:\program files\CCleaner

2013-07-05 21:53 . 2013-07-05 21:54 -------- d-----w- c:\users\GrahamO\AppData\Roaming\GetRightToGo

2013-07-05 09:30 . 2013-07-05 09:30 -------- d-----w- c:\users\GrahamO\AppData\Roaming\Xulow

2013-07-05 09:30 . 2013-07-05 09:30 -------- d-----w- c:\users\GrahamO\AppData\Roaming\Ciwyq

2013-06-29 13:08 . 2013-06-29 13:08 -------- d-----w- c:\users\GrahamO\AppData\Local\CRE

2013-06-29 13:07 . 2013-06-29 13:07 -------- d-----w- c:\programdata\StarApp

2013-06-25 13:47 . 2013-07-08 11:53 -------- d-----w- c:\users\GrahamO\AppData\Local\nsycuvkh

2013-06-18 16:07 . 2013-06-18 16:07 286720 ----a-w- c:\windows\iun506.exe

2013-06-13 07:49 . 2013-05-17 01:25 257536 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll

2013-06-12 15:40 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-06-26 17:14 . 2012-09-04 15:22 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2013-06-13 07:50 . 2010-10-28 12:39 75825640 ----a-w- c:\windows\system32\MRT.exe

2013-06-12 16:04 . 2012-08-23 17:37 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-06-12 16:04 . 2011-10-29 21:01 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-31 02:05 . 2013-05-31 02:05 226304 ----a-w- c:\windows\system32\elshyph.dll

2013-05-31 02:05 . 2013-05-31 02:05 185344 ----a-w- c:\windows\SysWow64\elshyph.dll

2013-05-31 02:05 . 2013-05-31 02:05 158720 ----a-w- c:\windows\SysWow64\msls31.dll

2013-05-31 02:05 . 2013-05-31 02:05 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe

2013-05-31 02:05 . 2013-05-31 02:05 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll

2013-05-31 02:05 . 2013-05-31 02:05 523264 ----a-w- c:\windows\SysWow64\vbscript.dll

2013-05-31 02:05 . 2013-05-31 02:05 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2013-05-31 02:05 . 2013-05-31 02:05 138752 ----a-w- c:\windows\SysWow64\wextract.exe

2013-05-31 02:05 . 2013-05-31 02:05 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2013-05-31 02:05 . 2013-05-31 02:05 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2013-05-31 02:05 . 2013-05-31 02:05 38400 ----a-w- c:\windows\SysWow64\imgutil.dll

2013-05-31 02:05 . 2013-05-31 02:05 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2013-05-31 02:05 . 2013-05-31 02:05 12800 ----a-w- c:\windows\SysWow64\mshta.exe

2013-05-31 02:05 . 2013-05-31 02:05 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2013-05-31 02:05 . 2013-05-31 02:05 61952 ----a-w- c:\windows\SysWow64\tdc.ocx

2013-05-31 02:05 . 2013-05-31 02:05 361984 ----a-w- c:\windows\SysWow64\html.iec

2013-05-31 02:05 . 2013-05-31 02:05 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll

2013-05-31 02:05 . 2013-05-31 02:05 216064 ----a-w- c:\windows\system32\msls31.dll

2013-05-31 02:05 . 2013-05-31 02:05 197120 ----a-w- c:\windows\system32\msrating.dll

2013-05-31 02:05 . 2013-05-31 02:05 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2013-05-31 02:05 . 2013-05-31 02:05 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll

2013-05-31 02:05 . 2013-05-31 02:05 81408 ----a-w- c:\windows\system32\icardie.dll

2013-05-31 02:05 . 2013-05-31 02:05 762368 ----a-w- c:\windows\system32\ieapfltr.dll

2013-05-31 02:05 . 2013-05-31 02:05 452096 ----a-w- c:\windows\system32\dxtmsft.dll

2013-05-31 02:05 . 2013-05-31 02:05 441856 ----a-w- c:\windows\system32\html.iec

2013-05-31 02:05 . 2013-05-31 02:05 281600 ----a-w- c:\windows\system32\dxtrans.dll

2013-05-31 02:05 . 2013-05-31 02:05 270848 ----a-w- c:\windows\system32\iedkcs32.dll

2013-05-31 02:05 . 2013-05-31 02:05 235008 ----a-w- c:\windows\system32\url.dll

2013-05-31 02:05 . 2013-05-31 02:05 1509376 ----a-w- c:\windows\system32\inetcpl.cpl

2013-05-31 02:05 . 2013-05-31 02:05 1400416 ----a-w- c:\windows\system32\ieapfltr.dat

2013-05-31 02:05 . 2013-05-31 02:05 97280 ----a-w- c:\windows\system32\mshtmled.dll

2013-05-31 02:05 . 2013-05-31 02:05 27648 ----a-w- c:\windows\system32\licmgr10.dll

2013-05-31 02:05 . 2013-05-31 02:05 247296 ----a-w- c:\windows\system32\webcheck.dll

2013-05-31 02:05 . 2013-05-31 02:05 167424 ----a-w- c:\windows\system32\iexpress.exe

2013-05-31 02:05 . 2013-05-31 02:05 144896 ----a-w- c:\windows\system32\wextract.exe

2013-05-31 02:05 . 2013-05-31 02:05 102912 ----a-w- c:\windows\system32\inseng.dll

2013-05-31 02:05 . 2013-05-31 02:05 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2013-05-31 02:05 . 2013-05-31 02:05 62976 ----a-w- c:\windows\system32\pngfilt.dll

2013-05-31 02:05 . 2013-05-31 02:05 599552 ----a-w- c:\windows\system32\vbscript.dll

2013-05-31 02:05 . 2013-05-31 02:05 52224 ----a-w- c:\windows\system32\msfeedsbs.dll

2013-05-31 02:05 . 2013-05-31 02:05 51200 ----a-w- c:\windows\system32\imgutil.dll

2013-05-31 02:05 . 2013-05-31 02:05 173568 ----a-w- c:\windows\system32\ieUnatt.exe

2013-05-31 02:05 . 2013-05-31 02:05 149504 ----a-w- c:\windows\system32\occache.dll

2013-05-31 02:05 . 2013-05-31 02:05 13824 ----a-w- c:\windows\system32\mshta.exe

2013-05-31 02:05 . 2013-05-31 02:05 136192 ----a-w- c:\windows\system32\iepeers.dll

2013-05-31 02:05 . 2013-05-31 02:05 135680 ----a-w- c:\windows\system32\IEAdvpack.dll

2013-05-31 02:05 . 2013-05-31 02:05 12800 ----a-w- c:\windows\system32\msfeedssync.exe

2013-05-31 02:05 . 2013-05-31 02:05 77312 ----a-w- c:\windows\system32\tdc.ocx

2013-05-31 02:05 . 2013-05-31 02:05 48640 ----a-w- c:\windows\system32\mshtmler.dll

2013-05-31 02:03 . 2013-05-31 02:03 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll

2013-05-31 02:03 . 2013-05-31 02:03 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll

2013-05-31 02:03 . 2013-05-31 02:03 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-05-31 02:03 . 2013-05-31 02:03 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2013-05-31 02:03 . 2013-05-31 02:03 465920 ----a-w- c:\windows\system32\WMPhoto.dll

2013-05-31 02:03 . 2013-05-31 02:03 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll

2013-05-31 02:03 . 2013-05-31 02:03 3928064 ----a-w- c:\windows\system32\d2d1.dll

2013-05-31 02:03 . 2013-05-31 02:03 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll

2013-05-31 02:03 . 2013-05-31 02:03 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll

2013-05-31 02:03 . 2013-05-31 02:03 1682432 ----a-w- c:\windows\system32\XpsPrint.dll

2013-05-31 02:03 . 2013-05-31 02:03 363008 ----a-w- c:\windows\system32\dxgi.dll

2013-05-31 02:03 . 2013-05-31 02:03 2565120 ----a-w- c:\windows\system32\d3d10warp.dll

2013-05-31 02:03 . 2013-05-31 02:03 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll

2013-05-31 02:03 . 2013-05-31 02:03 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll

2013-05-31 02:03 . 2013-05-31 02:03 1643520 ----a-w- c:\windows\system32\DWrite.dll

2013-05-31 02:03 . 2013-05-31 02:03 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll

2013-05-31 02:03 . 2013-05-31 02:03 1175552 ----a-w- c:\windows\system32\FntCache.dll

2013-05-31 02:03 . 2013-05-31 02:03 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll

2013-05-31 02:03 . 2013-05-31 02:03 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll

2013-05-31 02:03 . 2013-05-31 02:03 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll

2013-05-31 02:03 . 2013-05-31 02:03 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll

2013-05-31 02:03 . 2013-05-31 02:03 296960 ----a-w- c:\windows\system32\d3d10core.dll

2013-05-31 02:03 . 2013-05-31 02:03 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll

2013-05-31 02:03 . 2013-05-31 02:03 333312 ----a-w- c:\windows\system32\d3d10_1core.dll

2013-05-31 02:03 . 2013-05-31 02:03 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll

2013-05-31 02:03 . 2013-05-31 02:03 194560 ----a-w- c:\windows\system32\d3d10_1.dll

2013-05-31 02:03 . 2013-05-31 02:03 1238528 ----a-w- c:\windows\system32\d3d10.dll

2013-05-31 02:03 . 2013-05-31 02:03 648192 ----a-w- c:\windows\system32\d3d10level9.dll

2013-05-31 02:03 . 2013-05-31 02:03 293376 ----a-w- c:\windows\SysWow64\dxgi.dll

2013-05-31 02:03 . 2013-05-31 02:03 221184 ----a-w- c:\windows\system32\UIAnimation.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-07-13 39408]

"VyqOfytx"="c:\users\GrahamO\AppData\Local\nsycuvkh\vyqofytx.exe" [2013-07-04 221184]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]

"NBAgent"="c:\program files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" [2010-03-09 1086760]

"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]

"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]

"QuickTime Task"="c:\program files (x86)\QuickTime\qttask.exe" [2010-11-17 98304]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-04-28 4408368]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1612920]

"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-01-15 452016]

"EKIJ5000StatusMonitor"="c:\windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe" [2010-09-02 2045440]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]

.

c:\users\GrahamO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE %SystemRoot%\ERDNT\AutoBackup\#Date# /noconfirmdelete /noprogresswindow [2005-10-20 38912]

TRDCReminder.lnk - c:\program files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]

vyqofytx.exe [2013-7-4 221184]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

TRDCReminder.lnk - c:\program files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="c:\windows\system32\userinit.exe,,c:\users\GrahamO\AppData\Local\nsycuvkh\vyqofytx.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UpdatesDisableNotify"=dword:00000001

"UacDisableNotify"=dword:00000001

"AntiVirusOverride"=dword:00000001

"AntiVirusDisableNotify"=dword:00000001

"FirewallDisableNotify"=dword:00000001

"FirewallOverride"=dword:00000001

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R2 X5XSEx_Pr143;X5XSEx_Pr143;c:\program files (x86)\Free Ride Games\X5XSEx_Pr143.Sys;c:\program files (x86)\Free Ride Games\X5XSEx_Pr143.Sys [x]

R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]

R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]

R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]

S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]

S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]

S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]

S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]

S2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [x]

S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys;c:\windows\SYSNATIVE\DRIVERS\FwLnk.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]

S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-06-21 21:34 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-07-08 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-23 16:04]

.

2012-12-06 c:\windows\Tasks\auIwOeT.job

- c:\windows\system32\auIwOeT.exe [2012-12-06 12:13]

.

2013-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-13 09:45]

.

2013-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-13 09:45]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"EKIJ5000StatusMonitor"="c:\windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe" [2010-09-02 2045440]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = <local>

uInternet Settings,ProxyServer = http=127.0.0.1:49475

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\GrahamO\AppData\Roaming\Mozilla\Firefox\Profiles\y804vfuy.default\

FF - ExtSQL: 2013-06-29 14:08; {739df940-c5ee-4bab-9d7e-270894ae687a}; c:\users\GrahamO\AppData\Roaming\Mozilla\Firefox\Profiles\y804vfuy.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}

FF - ExtSQL: 2013-07-02 17:25; uysmcj@wboyuu.org; c:\users\GrahamO\AppData\Roaming\Mozilla\Firefox\Profiles\y804vfuy.default\extensions\uysmcj@wboyuu.org

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

Wow6432Node-HKU-Default-Run-Exetender - c:\program files (x86)\Free Ride Games\GPlayer.exe

SafeBoot-01349586.sys

AddRemove-{E9927B1C-25A1-3334-37CF-A7544596C4DC} - c:\progra~3\INSTAL~1\{8B590~1\Setup.exe

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-4251969968-1379280595-1161405124-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-4251969968-1379280595-1161405124-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_

Hijack.userInit virus

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites