Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 27

Thread: Annoying pop-ups in all browsers in bottom right/left corner

  1. #11
    Junior Member
    Join Date
    May 2013
    Posts
    18

    Default

    Contd from above..




    00:58:30.0193 4412 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
    00:58:30.0193 4412 C:\Windows\System32\wiatrace.dll - ok
    00:58:30.0208 4412 [ 929083F6950E491B1AB78298BC404F41 ] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
    00:58:30.0208 4412 C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll - ok
    00:58:30.0208 4412 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
    00:58:30.0208 4412 C:\Windows\System32\wbemcomn.dll - ok
    00:58:30.0208 4412 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
    00:58:30.0208 4412 C:\Windows\System32\wbem\wbemprox.dll - ok
    00:58:30.0208 4412 [ 80313463C704C102A8B0CC33F926ECCC ] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
    00:58:30.0208 4412 C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll - ok
    00:58:30.0224 4412 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
    00:58:30.0224 4412 C:\Windows\System32\drivers\tcpipreg.sys - ok
    00:58:30.0224 4412 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
    00:58:30.0224 4412 C:\Windows\System32\netcfgx.dll - ok
    00:58:30.0224 4412 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
    00:58:30.0224 4412 C:\Windows\System32\trkwks.dll - ok
    00:58:30.0224 4412 [ 535A376629A37E03F993D769490E8EED ] C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
    00:58:30.0224 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe - ok
    00:58:30.0224 4412 [ 9D28D362B7A61663916AF208695EB844 ] C:\Program Files\Intel\WiFi\bin\iWMSProv.dll
    00:58:30.0224 4412 C:\Program Files\Intel\WiFi\bin\iWMSProv.dll - ok
    00:58:30.0239 4412 [ 7373DE70D405FF08DC53336B83989138 ] C:\Windows\System32\rastls.dll
    00:58:30.0239 4412 C:\Windows\System32\rastls.dll - ok
    00:58:30.0239 4412 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
    00:58:30.0239 4412 C:\Windows\System32\raschap.dll - ok
    00:58:30.0239 4412 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
    00:58:30.0239 4412 C:\Windows\System32\drivers\vwifimp.sys - ok
    00:58:30.0239 4412 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
    00:58:30.0239 4412 C:\Windows\System32\msi.dll - ok
    00:58:30.0255 4412 [ 7D110D645030C05A06C3CD08D1E47D0A ] C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
    00:58:30.0255 4412 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe - ok
    00:58:30.0255 4412 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    00:58:30.0255 4412 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
    00:58:30.0255 4412 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
    00:58:30.0255 4412 C:\Windows\System32\wbem\WMIsvc.dll - ok
    00:58:30.0255 4412 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
    00:58:30.0255 4412 C:\Windows\System32\wbem\WinMgmtR.dll - ok
    00:58:30.0255 4412 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
    00:58:30.0255 4412 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
    00:58:30.0271 4412 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
    00:58:30.0271 4412 C:\Windows\System32\wbem\wbemcore.dll - ok
    00:58:30.0271 4412 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
    00:58:30.0271 4412 C:\Windows\System32\wbem\fastprox.dll - ok
    00:58:30.0271 4412 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
    00:58:30.0271 4412 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
    00:58:30.0271 4412 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
    00:58:30.0271 4412 C:\Windows\System32\ntdsapi.dll - ok
    00:58:30.0286 4412 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
    00:58:30.0286 4412 C:\Windows\System32\SensApi.dll - ok
    00:58:30.0286 4412 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
    00:58:30.0286 4412 C:\Windows\System32\wer.dll - ok
    00:58:30.0286 4412 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
    00:58:30.0286 4412 C:\Windows\System32\wbem\esscli.dll - ok
    00:58:30.0286 4412 [ 8BF4B9956E13871A88A3810074E2E110 ] C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    00:58:30.0286 4412 C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe - ok
    00:58:30.0286 4412 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
    00:58:30.0286 4412 C:\Windows\System32\wbem\wbemsvc.dll - ok
    00:58:30.0302 4412 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
    00:58:30.0302 4412 C:\Windows\System32\wbem\wmiutils.dll - ok

    00:58:30.0302 4412 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
    00:58:30.0302 4412 C:\Windows\System32\wbem\repdrvfs.dll - ok
    00:58:30.0302 4412 [ DC1BBA01FFB5745B8862931E7DE7304A ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    00:58:30.0302 4412 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
    00:58:30.0302 4412 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
    00:58:30.0302 4412 C:\Windows\System32\msxml3.dll - ok
    00:58:30.0302 4412 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    00:58:30.0302 4412 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
    00:58:30.0317 4412 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
    00:58:30.0317 4412 C:\Windows\System32\hidserv.dll - ok
    00:58:30.0317 4412 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
    00:58:30.0317 4412 C:\Windows\System32\wdi.dll - ok
    00:58:30.0317 4412 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
    00:58:30.0317 4412 C:\Windows\System32\diagperf.dll - ok
    00:58:30.0317 4412 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
    00:58:30.0317 4412 C:\Windows\System32\wpdbusenum.dll - ok
    00:58:30.0317 4412 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
    00:58:30.0317 4412 C:\Windows\System32\Apphlpdm.dll - ok
    00:58:30.0333 4412 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
    00:58:30.0333 4412 C:\Windows\System32\PortableDeviceApi.dll - ok
    00:58:30.0333 4412 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
    00:58:30.0333 4412 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
    00:58:30.0333 4412 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
    00:58:30.0333 4412 C:\Windows\System32\perftrack.dll - ok
    00:58:30.0333 4412 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
    00:58:30.0333 4412 C:\Windows\System32\pnpts.dll - ok
    00:58:30.0349 4412 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
    00:58:30.0349 4412 C:\Windows\System32\wdiasqmmodule.dll - ok
    00:58:30.0349 4412 [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\SysWOW64\wshbth.dll
    00:58:30.0349 4412 C:\Windows\SysWOW64\wshbth.dll - ok
    00:58:30.0349 4412 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
    00:58:30.0349 4412 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
    00:58:30.0349 4412 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
    00:58:30.0349 4412 C:\Windows\System32\ncobjapi.dll - ok
    00:58:30.0349 4412 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
    00:58:30.0349 4412 C:\Windows\System32\wbem\wbemess.dll - ok
    00:58:30.0364 4412 [ DA1478CBE4CEC560B690861B9DF3CF13 ] C:\Program Files\Intel\WiFi\bin\iWrap.exe
    00:58:30.0364 4412 C:\Program Files\Intel\WiFi\bin\iWrap.exe - ok
    00:58:30.0364 4412 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe
    00:58:30.0364 4412 C:\Windows\System32\wbem\unsecapp.exe - ok
    00:58:30.0364 4412 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
    00:58:30.0364 4412 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
    00:58:30.0364 4412 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
    00:58:30.0364 4412 C:\Windows\System32\wbem\NCProv.dll - ok
    00:58:30.0364 4412 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
    00:58:30.0364 4412 C:\Windows\System32\oledlg.dll - ok
    00:58:30.0380 4412 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
    00:58:30.0380 4412 C:\Windows\System32\dimsjob.dll - ok
    00:58:30.0380 4412 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
    00:58:30.0380 4412 C:\Windows\System32\taskhost.exe - ok
    00:58:30.0380 4412 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
    00:58:30.0380 4412 C:\Windows\System32\npmproxy.dll - ok
    00:58:30.0380 4412 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
    00:58:30.0380 4412 C:\Windows\System32\NapiNSP.dll - ok
    00:58:30.0380 4412 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
    00:58:30.0380 4412 C:\Windows\System32\netshell.dll - ok
    00:58:30.0395 4412 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
    00:58:30.0395 4412 C:\Windows\System32\pnrpnsp.dll - ok
    00:58:30.0395 4412 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
    00:58:30.0395 4412 C:\Windows\System32\winrnr.dll - ok
    00:58:30.0395 4412 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
    00:58:30.0395 4412 C:\Windows\System32\wshbth.dll - ok
    00:58:30.0395 4412 [ C55644F641557A93F93A208E967F7483 ] C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll
    00:58:30.0395 4412 C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll - ok
    00:58:30.0411 4412 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
    00:58:30.0411 4412 C:\Windows\System32\p2pcollab.dll - ok
    00:58:30.0411 4412 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
    00:58:30.0411 4412 C:\Windows\System32\QAGENTRT.DLL - ok
    00:58:30.0411 4412 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
    00:58:30.0411 4412 C:\Windows\System32\fveui.dll - ok
    00:58:30.0411 4412 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
    00:58:30.0411 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys - ok
    00:58:30.0411 4412 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
    00:58:30.0411 4412 C:\Windows\System32\dllhost.exe - ok
    00:58:30.0427 4412 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
    00:58:30.0427 4412 C:\Windows\System32\wbem\wmiprov.dll - ok
    00:58:30.0427 4412 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
    00:58:30.0427 4412 C:\Windows\System32\IDStore.dll - ok
    00:58:30.0427 4412 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
    00:58:30.0427 4412 C:\Windows\System32\HotStartUserAgent.dll - ok
    00:58:30.0427 4412 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
    00:58:30.0427 4412 C:\Windows\System32\taskeng.exe - ok
    00:58:30.0427 4412 [ 820655E11009E0EE9E64C1A08F502486 ] C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
    00:58:30.0427 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe - ok
    00:58:30.0442 4412 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
    00:58:30.0442 4412 C:\Windows\System32\drprov.dll - ok
    00:58:30.0442 4412 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
    00:58:30.0442 4412 C:\Windows\System32\mpr.dll - ok
    00:58:30.0442 4412 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
    00:58:30.0442 4412 C:\Windows\System32\ntlanman.dll - ok
    00:58:30.0442 4412 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
    00:58:30.0442 4412 C:\Windows\System32\localspl.dll - ok
    00:58:30.0458 4412 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
    00:58:30.0458 4412 C:\Windows\System32\davclnt.dll - ok
    00:58:30.0458 4412 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
    00:58:30.0458 4412 C:\Windows\System32\cscapi.dll - ok
    00:58:30.0458 4412 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
    00:58:30.0458 4412 C:\Windows\System32\davhlpr.dll - ok
    00:58:30.0458 4412 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
    00:58:30.0458 4412 C:\Windows\System32\MsCtfMonitor.dll - ok
    00:58:30.0458 4412 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
    00:58:30.0458 4412 C:\Windows\System32\msutb.dll - ok
    00:58:30.0473 4412 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
    00:58:30.0473 4412 C:\Windows\System32\spoolss.dll - ok
    00:58:30.0473 4412 [ 9459134133FB09BA956A28AAFAE78186 ] C:\Windows\System32\E_ILMHAE.DLL
    00:58:30.0473 4412 C:\Windows\System32\E_ILMHAE.DLL - ok
    00:58:30.0473 4412 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
    00:58:30.0473 4412 C:\Windows\System32\PrintIsolationProxy.dll - ok
    00:58:30.0473 4412 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    00:58:30.0473 4412 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
    00:58:30.0473 4412 [ CFF4B5EFAC19893146687EF31B7219C6 ] C:\Program Files\MATLAB\R2011b\bin\win64\MATLABStartupAccelerator.exe
    00:58:30.0473 4412 C:\Program Files\MATLAB\R2011b\bin\win64\MATLABStartupAccelerator.exe - ok
    00:58:30.0489 4412 [ 9C9FC1683DCE4F3FE24FDE04518E138D ] C:\Windows\System32\enppmon.dll
    00:58:30.0489 4412 C:\Windows\System32\enppmon.dll - ok
    00:58:30.0489 4412 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
    00:58:30.0489 4412 C:\Windows\System32\PlaySndSrv.dll - ok
    00:58:30.0489 4412 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
    00:58:30.0489 4412 C:\Windows\System32\TSChannel.dll - ok
    00:58:30.0489 4412 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
    00:58:30.0489 4412 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
    00:58:30.0489 4412 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
    00:58:30.0489 4412 C:\Windows\System32\dssenh.dll - ok
    00:58:30.0505 4412 [ 758D99511FD82B6C55E70494039E9F1A ] C:\Program Files (x86)\Google\Update\1.3.21.145\goopdate.dll
    00:58:30.0505 4412 C:\Program Files (x86)\Google\Update\1.3.21.145\goopdate.dll - ok
    00:58:30.0505 4412 [ 1658E808E4D4889C66DE47EC87F1DED1 ] C:\Windows\System32\msvcp60.dll
    00:58:30.0505 4412 C:\Windows\System32\msvcp60.dll - ok
    00:58:30.0505 4412 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
    00:58:30.0505 4412 C:\Windows\System32\certcli.dll - ok
    00:58:30.0505 4412 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
    00:58:30.0505 4412 C:\Windows\System32\pautoenr.dll - ok
    00:58:30.0520 4412 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
    00:58:30.0520 4412 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
    00:58:30.0520 4412 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
    00:58:30.0520 4412 C:\Windows\SysWOW64\imagehlp.dll - ok
    00:58:30.0520 4412 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
    00:58:30.0520 4412 C:\Windows\SysWOW64\msi.dll - ok
    00:58:30.0520 4412 [ 544482D396F1A0C0337879847032FBB3 ] C:\Windows\System32\enpres.dll
    00:58:30.0520 4412 C:\Windows\System32\enpres.dll - ok
    00:58:30.0520 4412 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
    00:58:30.0520 4412 C:\Windows\System32\CertEnroll.dll - ok
    00:58:30.0536 4412 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
    00:58:30.0536 4412 C:\Windows\System32\FXSMON.dll - ok
    00:58:30.0536 4412 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
    00:58:30.0536 4412 C:\Windows\System32\tcpmon.dll - ok
    00:58:30.0536 4412 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
    00:58:30.0536 4412 C:\Windows\System32\snmpapi.dll - ok
    00:58:30.0536 4412 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
    00:58:30.0536 4412 C:\Windows\System32\wsnmp32.dll - ok
    00:58:30.0536 4412 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
    00:58:30.0536 4412 C:\Windows\System32\usbmon.dll - ok
    00:58:30.0551 4412 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
    00:58:30.0551 4412 C:\Windows\System32\WSDMon.dll - ok
    00:58:30.0551 4412 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
    00:58:30.0551 4412 C:\Windows\System32\fdPnp.dll - ok
    00:58:30.0551 4412 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
    00:58:30.0551 4412 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
    00:58:30.0551 4412 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
    00:58:30.0551 4412 C:\Windows\System32\win32spl.dll - ok
    00:58:30.0567 4412 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
    00:58:30.0567 4412 C:\Windows\SysWOW64\cscapi.dll - ok
    00:58:30.0567 4412 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
    00:58:30.0567 4412 C:\Windows\SysWOW64\dbghelp.dll - ok
    00:58:30.0567 4412 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
    00:58:30.0567 4412 C:\Windows\System32\inetpp.dll - ok
    00:58:30.0567 4412 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
    00:58:30.0567 4412 C:\Windows\SysWOW64\apphelp.dll - ok
    00:58:30.0583 4412 [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
    00:58:30.0583 4412 C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
    00:58:30.0583 4412 [ 4E252E85E5DC31BD645E809222AFAF27 ] C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
    00:58:30.0583 4412 C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe - ok
    00:58:30.0583 4412 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
    00:58:30.0583 4412 C:\Windows\SysWOW64\mstask.dll - ok
    00:58:30.0583 4412 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
    00:58:30.0583 4412 C:\Windows\SysWOW64\wbemcomn.dll - ok
    00:58:30.0583 4412 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
    00:58:30.0583 4412 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
    00:58:30.0598 4412 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
    00:58:30.0692 4412 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
    00:58:30.0692 4412 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
    00:58:30.0692 4412 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
    00:58:30.0692 4412 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
    00:58:30.0692 4412 C:\Windows\SysWOW64\ntdsapi.dll - ok
    00:58:30.0692 4412 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
    00:58:30.0692 4412 C:\Windows\System32\wbem\cimwin32.dll - ok
    00:58:30.0692 4412 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
    00:58:30.0692 4412 C:\Windows\System32\framedynos.dll - ok
    00:58:30.0707 4412 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
    00:58:30.0707 4412 C:\Windows\System32\wmi.dll - ok
    00:58:30.0707 4412 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
    00:58:30.0707 4412 C:\Windows\System32\userinit.exe - ok
    00:58:30.0707 4412 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
    00:58:30.0707 4412 C:\Windows\System32\dwm.exe - ok
    00:58:30.0723 4412 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
    00:58:30.0723 4412 C:\Windows\System32\dwmredir.dll - ok
    00:58:30.0723 4412 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
    00:58:30.0723 4412 C:\Windows\System32\dwmcore.dll - ok
    00:58:30.0723 4412 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
    00:58:30.0723 4412 C:\Windows\System32\d3d10_1.dll - ok
    00:58:30.0723 4412 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
    00:58:30.0723 4412 C:\Windows\System32\d3d10_1core.dll - ok
    00:58:30.0739 4412 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
    00:58:30.0739 4412 C:\Windows\System32\dxgi.dll - ok
    00:58:30.0739 4412 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
    00:58:30.0739 4412 C:\Windows\explorer.exe - ok
    00:58:30.0739 4412 [ C572D2A4AD9C7A332DFE1C6FD215A8F5 ] C:\Windows\System32\igd10umd64.dll
    00:58:30.0739 4412 C:\Windows\System32\igd10umd64.dll - ok
    00:58:30.0739 4412 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
    00:58:30.0739 4412 C:\Windows\System32\ExplorerFrame.dll - ok
    00:58:30.0754 4412 [ 5877A3341AA7DF58789294CEBA38AE2B ] C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    00:58:30.0754 4412 C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll - ok
    00:58:30.0754 4412 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
    00:58:30.0754 4412 C:\Windows\System32\EhStorShell.dll - ok
    00:58:30.0754 4412 [ DBA8142819F06A4A401259011EF59530 ] C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
    00:58:30.0754 4412 C:\Program Files (x86)\Google\Drive\googledrivesync64.dll - ok
    00:58:30.0754 4412 [ EF8857E18BAFF3E4DB9DE20A0491AC31 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll
    00:58:30.0754 4412 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll - ok
    00:58:30.0770 4412 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\msvcp100.dll
    00:58:30.0770 4412 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\msvcp100.dll - ok
    00:58:30.0770 4412 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\msvcr100.dll
    00:58:30.0770 4412 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\msvcr100.dll - ok
    00:58:30.0770 4412 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
    00:58:30.0770 4412 C:\Windows\System32\cscui.dll - ok
    00:58:30.0770 4412 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
    00:58:30.0770 4412 C:\Windows\System32\cscdll.dll - ok
    00:58:30.0785 4412 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
    00:58:30.0785 4412 C:\Windows\System32\IconCodecService.dll - ok
    00:58:30.0785 4412 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
    00:58:30.0785 4412 C:\Windows\System32\appinfo.dll - ok
    00:58:30.0785 4412 [ 862586AD4B1355F7DCDE111EE0AAF350 ] C:\Windows\System32\d3dx10_40.dll
    00:58:30.0785 4412 C:\Windows\System32\d3dx10_40.dll - ok
    00:58:30.0785 4412 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
    00:58:30.0785 4412 C:\Windows\System32\uDWM.dll - ok
    00:58:30.0801 4412 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
    00:58:30.0801 4412 C:\Windows\System32\runonce.exe - ok
    00:58:30.0801 4412 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
    00:58:30.0801 4412 C:\Windows\SysWOW64\runonce.exe - ok
    00:58:30.0801 4412 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
    00:58:30.0801 4412 C:\Windows\SysWOW64\propsys.dll - ok
    00:58:30.0801 4412 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    00:58:30.0801 4412 C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
    00:58:30.0817 4412 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll
    00:58:30.0817 4412 C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok
    00:58:30.0817 4412 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
    00:58:30.0817 4412 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
    00:58:30.0817 4412 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll
    00:58:30.0817 4412 C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok
    00:58:30.0817 4412 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
    00:58:30.0817 4412 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
    00:58:30.0832 4412 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    00:58:30.0832 4412 C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok
    00:58:30.0832 4412 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll
    00:58:30.0832 4412 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok
    00:58:30.0832 4412 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
    00:58:30.0832 4412 C:\Windows\SysWOW64\msxml3.dll - ok
    00:58:30.0832 4412 [ 872B54B33A1F80BB7DE3D8DD98CBAECC ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll
    00:58:30.0832 4412 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll - ok
    00:58:30.0848 4412 [ BC83108B18756547013ED443B8CDB31B ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\msvcp100.dll
    00:58:30.0848 4412 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\msvcp100.dll - ok
    00:58:30.0848 4412 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\msvcr100.dll
    00:58:30.0848 4412 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\msvcr100.dll - ok
    00:58:30.0848 4412 [ 987323F0247D023AD1AE52195540ECE0 ] C:\Windows\SysWOW64\mssvp.dll
    00:58:30.0848 4412 C:\Windows\SysWOW64\mssvp.dll - ok
    00:58:30.0848 4412 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
    00:58:30.0848 4412 C:\Windows\SysWOW64\mapi32.dll - ok
    00:58:30.0863 4412 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
    00:58:30.0863 4412 C:\Windows\SysWOW64\cmd.exe - ok
    00:58:30.0863 4412 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
    00:58:30.0863 4412 C:\Windows\SysWOW64\winbrand.dll - ok
    00:58:30.0863 4412 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
    00:58:30.0863 4412 C:\Windows\System32\radardt.dll - ok
    00:58:30.0863 4412 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
    00:58:30.0863 4412 C:\Windows\System32\tdh.dll - ok
    00:58:30.0879 4412 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll
    00:58:30.0879 4412 C:\Windows\SysWOW64\ieframe.dll - ok
    00:58:30.0879 4412 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
    00:58:30.0879 4412 C:\Windows\System32\pnidui.dll - ok
    00:58:30.0879 4412 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
    00:58:30.0879 4412 C:\Windows\System32\wmp.dll - ok
    00:58:30.0879 4412 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
    00:58:30.0879 4412 C:\Windows\SysWOW64\oleacc.dll - ok
    00:58:30.0895 4412 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
    00:58:30.0895 4412 C:\Windows\SysWOW64\shdocvw.dll - ok
    00:58:30.0895 4412 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Sundhar\AppData\Local\Temp\FBF56925-3374-4278-A169-B62918652FAE.exe
    00:58:30.0895 4412 C:\Users\Sundhar\AppData\Local\Temp\FBF56925-3374-4278-A169-B62918652FAE.exe - ok
    00:58:30.0895 4412 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
    00:58:30.0895 4412 C:\Windows\SysWOW64\ncrypt.dll - ok
    00:58:30.0895 4412 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
    00:58:30.0895 4412 C:\Windows\SysWOW64\bcrypt.dll - ok
    00:58:30.0910 4412 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
    00:58:30.0910 4412 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
    00:58:30.0910 4412 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
    00:58:30.0910 4412 C:\Windows\SysWOW64\gpapi.dll - ok
    00:58:30.0910 4412 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
    00:58:30.0910 4412 C:\Windows\SysWOW64\cryptnet.dll - ok
    00:58:30.0910 4412 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
    00:58:30.0910 4412 C:\Windows\SysWOW64\SensApi.dll - ok
    00:58:30.0910 4412 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
    00:58:30.0910 4412 C:\Windows\SysWOW64\winhttp.dll - ok
    00:58:30.0926 4412 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
    00:58:30.0926 4412 C:\Windows\System32\aelupsvc.dll - ok
    00:58:30.0926 4412 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
    00:58:30.0926 4412 C:\Windows\SysWOW64\webio.dll - ok
    00:58:30.0926 4412 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
    00:58:30.0926 4412 C:\Windows\SysWOW64\credssp.dll - ok
    00:58:30.0926 4412 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
    00:58:30.0926 4412 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
    00:58:30.0941 4412 [ 1F5A570AD942DFCFE4500326ABDD72B2 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
    00:58:30.0941 4412 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
    00:58:30.0941 4412 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
    00:58:30.0941 4412 C:\Windows\SysWOW64\rasadhlp.dll - ok
    00:58:30.0941 4412 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
    00:58:30.0941 4412 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
    00:58:30.0941 4412 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
    00:58:30.0941 4412 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
    00:58:30.0941 4412 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
    00:58:30.0941 4412 C:\Windows\SysWOW64\EhStorShell.dll - ok
    00:58:30.0957 4412 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
    00:58:30.0957 4412 C:\Windows\SysWOW64\ntshrui.dll - ok
    00:58:30.0957 4412 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
    00:58:30.0957 4412 C:\Windows\SysWOW64\imageres.dll - ok
    00:58:30.0957 4412 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
    00:58:30.0957 4412 C:\Windows\SysWOW64\slc.dll - ok
    00:58:30.0957 4412 [ 40D5A756685313B1D3AA12233904CC54 ] C:\Program Files (x86)\TuneUp Utilities 2011\OneClickStarter.exe
    00:58:30.0957 4412 C:\Program Files (x86)\TuneUp Utilities 2011\OneClickStarter.exe - ok
    00:58:30.0973 4412 [ 0400CBB7558638933661984791398CA2 ] C:\Program Files (x86)\TuneUp Utilities 2011\rtl120.bpl
    00:58:30.0973 4412 C:\Program Files (x86)\TuneUp Utilities 2011\rtl120.bpl - ok
    00:58:30.0973 4412 [ 1DC52112D1E1BE5BFA59BB3FBCA4BA76 ] C:\Program Files (x86)\TuneUp Utilities 2011\ProgramRating.bpl
    00:58:30.0973 4412 C:\Program Files (x86)\TuneUp Utilities 2011\ProgramRating.bpl - ok
    00:58:30.0973 4412 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
    00:58:30.0973 4412 C:\Windows\SysWOW64\mpr.dll - ok
    00:58:30.0988 4412 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
    00:58:30.0988 4412 C:\Windows\SysWOW64\wsock32.dll - ok
    00:58:30.0988 4412 [ 066589820A4A17EA2D0A0D0C070D2E90 ] C:\Program Files (x86)\TuneUp Utilities 2011\vcl120.bpl
    00:58:30.0988 4412 C:\Program Files (x86)\TuneUp Utilities 2011\vcl120.bpl - ok
    00:58:30.0988 4412 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
    00:58:30.0988 4412 C:\Windows\SysWOW64\comdlg32.dll - ok
    00:58:31.0004 4412 [ 5102CAE11A2E1894FCD0654FA96BC7A1 ] C:\Program Files (x86)\TuneUp Utilities 2011\MainControls.bpl
    00:58:31.0004 4412 C:\Program Files (x86)\TuneUp Utilities 2011\MainControls.bpl - ok
    00:58:31.0004 4412 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
    00:58:31.0004 4412 C:\Windows\SysWOW64\oledlg.dll - ok
    00:58:31.0004 4412 [ 34EE2408D03505BFB05BE890EBE1B8DC ] C:\Program Files (x86)\TuneUp Utilities 2011\GR32_D6.bpl
    00:58:31.0004 4412 C:\Program Files (x86)\TuneUp Utilities 2011\GR32_D6.bpl - ok
    00:58:31.0004 4412 [ 139EAE714653D55F83C1DD3DDE22A1AA ] C:\Program Files (x86)\TuneUp Utilities 2011\vclimg120.bpl
    00:58:31.0004 4412 C:\Program Files (x86)\TuneUp Utilities 2011\vclimg120.bpl - ok
    00:58:31.0019 4412 [ 78EBDC780E81E187E0AFD6634506953B ] C:\Program Files (x86)\TuneUp Utilities 2011\RegExp.bpl
    00:58:31.0019 4412 C:\Program Files (x86)\TuneUp Utilities 2011\RegExp.bpl - ok
    00:58:31.0019 4412 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
    00:58:31.0019 4412 C:\Windows\SysWOW64\winmm.dll - ok
    00:58:31.0019 4412 [ FF052DEB0F2849B156809DD6CD3DA286 ] C:\Program Files (x86)\TuneUp Utilities 2011\TUTransl.bpl
    00:58:31.0019 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUTransl.bpl - ok
    00:58:31.0035 4412 [ B08ACD89DDA1C40B855DF29453FD6872 ] C:\Program Files (x86)\TuneUp Utilities 2011\XMLComponents.bpl
    00:58:31.0035 4412 C:\Program Files (x86)\TuneUp Utilities 2011\XMLComponents.bpl - ok
    00:58:31.0035 4412 [ EC98DDD52676772C0AEF56670A0FD1E1 ] C:\Program Files (x86)\TuneUp Utilities 2011\TUBasic.bpl
    00:58:31.0035 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUBasic.bpl - ok
    00:58:31.0051 4412 [ 9C905705C28008D633125703382733D4 ] C:\Program Files (x86)\TuneUp Utilities 2011\TUKernel.bpl
    00:58:31.0051 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUKernel.bpl - ok
    00:58:31.0051 4412 [ 058A1F3A0D2CF86C631AB1E55A6BC1E4 ] C:\Program Files (x86)\TuneUp Utilities 2011\DEC.bpl
    00:58:31.0051 4412 C:\Program Files (x86)\TuneUp Utilities 2011\DEC.bpl - ok
    00:58:31.0051 4412 [ 5CEABFAE719EF542A0B1922A8B0F7409 ] C:\Program Files (x86)\TuneUp Utilities 2011\TUBase.bpl
    00:58:31.0051 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUBase.bpl - ok
    00:58:31.0066 4412 [ 65C022648935C8DD321A16298BA1EB2E ] C:\Program Files (x86)\TuneUp Utilities 2011\TUCompression.bpl
    00:58:31.0066 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUCompression.bpl - ok
    00:58:31.0066 4412 [ 1FC945B2CC6DA97FAFEFB5DB38A6A11E ] C:\Program Files (x86)\TuneUp Utilities 2011\Html.bpl
    00:58:31.0066 4412 C:\Program Files (x86)\TuneUp Utilities 2011\Html.bpl - ok
    00:58:31.0066 4412 [ 1D7828406C07FA2B4C90BB40CD28FFB2 ] C:\Program Files (x86)\TuneUp Utilities 2011\vclx120.bpl
    00:58:31.0066 4412 C:\Program Files (x86)\TuneUp Utilities 2011\vclx120.bpl - ok
    00:58:31.0082 4412 [ 34BF4C333C540BBD3ACACC844BFEDFD8 ] C:\Program Files (x86)\TuneUp Utilities 2011\SmallUnits.bpl
    00:58:31.0082 4412 C:\Program Files (x86)\TuneUp Utilities 2011\SmallUnits.bpl - ok
    00:58:31.0082 4412 [ 1514BADEB01C79997B292D7100746B56 ] C:\Program Files (x86)\TuneUp Utilities 2011\ntrtl60.bpl
    00:58:31.0082 4412 C:\Program Files (x86)\TuneUp Utilities 2011\ntrtl60.bpl - ok
    00:58:31.0097 4412 [ 3D2219E6033F3D2B0909A2D6F3BF974F ] C:\Program Files (x86)\TuneUp Utilities 2011\SchedAgent_2007.bpl
    00:58:31.0097 4412 C:\Program Files (x86)\TuneUp Utilities 2011\SchedAgent_2007.bpl - ok
    00:58:31.0097 4412 [ 6E25F80DB404016B00CE25A779111B1F ] C:\Program Files (x86)\TuneUp Utilities 2011\VisControls.bpl
    00:58:31.0097 4412 C:\Program Files (x86)\TuneUp Utilities 2011\VisControls.bpl - ok
    00:58:31.0097 4412 [ C9229382344600034E9E8FCFA82C2E31 ] C:\Program Files (x86)\TuneUp Utilities 2011\dxBarD12.bpl
    00:58:31.0097 4412 C:\Program Files (x86)\TuneUp Utilities 2011\dxBarD12.bpl - ok
    00:58:31.0113 4412 [ 36A218739F4C7A8DDFA206DDD8CA31C1 ] C:\Program Files (x86)\TuneUp Utilities 2011\dxCoreD12.bpl
    00:58:31.0113 4412 C:\Program Files (x86)\TuneUp Utilities 2011\dxCoreD12.bpl - ok
    00:58:31.0113 4412 [ EB196D392C93F72F9089EFBC73BAC495 ] C:\Program Files (x86)\TuneUp Utilities 2011\dxComnD12.bpl
    00:58:31.0113 4412 C:\Program Files (x86)\TuneUp Utilities 2011\dxComnD12.bpl - ok
    00:58:31.0113 4412 [ 32BA1261FBC1CA44ACAB63BD59F2D2DB ] C:\Program Files (x86)\TuneUp Utilities 2011\dxThemeD12.bpl
    00:58:31.0113 4412 C:\Program Files (x86)\TuneUp Utilities 2011\dxThemeD12.bpl - ok
    00:58:31.0129 4412 [ 4B24170FF2C7F1F2A26E1243D5C568DB ] C:\Program Files (x86)\TuneUp Utilities 2011\cxLibraryD12.bpl
    00:58:31.0129 4412 C:\Program Files (x86)\TuneUp Utilities 2011\cxLibraryD12.bpl - ok
    00:58:31.0129 4412 [ 897BE77667D4766AB237059B84735AD6 ] C:\Program Files (x86)\TuneUp Utilities 2011\dxGDIPlusD12.bpl
    00:58:31.0129 4412 C:\Program Files (x86)\TuneUp Utilities 2011\dxGDIPlusD12.bpl - ok
    00:58:31.0129 4412 [ 8A51EC6F1826E68D260DC0993062B951 ] C:\Program Files (x86)\TuneUp Utilities 2011\SysControls.bpl
    00:58:31.0129 4412 C:\Program Files (x86)\TuneUp Utilities 2011\SysControls.bpl - ok
    00:58:31.0129 4412 [ 4E7ECD9C25492F6D5C2AB9C92ED1D01E ] C:\Program Files (x86)\TuneUp Utilities 2011\ehs_d6.bpl
    00:58:31.0129 4412 C:\Program Files (x86)\TuneUp Utilities 2011\ehs_d6.bpl - ok
    00:58:31.0144 4412 [ AEFB476EA69595D4C99DB7F10F6CEA18 ] C:\Program Files (x86)\TuneUp Utilities 2011\xmlrtl120.bpl
    00:58:31.0144 4412 C:\Program Files (x86)\TuneUp Utilities 2011\xmlrtl120.bpl - ok
    00:58:31.0144 4412 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
    00:58:31.0144 4412 C:\Windows\SysWOW64\Faultrep.dll - ok
    00:58:31.0144 4412 [ 63FEA8081FFC7264C28D48D7A5AFFBB5 ] C:\Program Files (x86)\TuneUp Utilities 2011\AppInitialization.bpl
    00:58:31.0144 4412 C:\Program Files (x86)\TuneUp Utilities 2011\AppInitialization.bpl - ok
    00:58:31.0160 4412 [ 044FA8F691D11219B32936F8D16FAACF ] C:\Program Files (x86)\TuneUp Utilities 2011\tulic.dll
    00:58:31.0160 4412 C:\Program Files (x86)\TuneUp Utilities 2011\tulic.dll - ok
    00:58:31.0160 4412 [ 2AC132DF56D683B03C5A6B6F5A6E76EF ] C:\Program Files (x86)\TuneUp Utilities 2011\TUShell.bpl
    00:58:31.0160 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUShell.bpl - ok
    00:58:31.0160 4412 [ E8F1F8C7D1D41D9A75B7A0A6339E4526 ] C:\Program Files (x86)\TuneUp Utilities 2011\TUShredder.bpl
    00:58:31.0160 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUShredder.bpl - ok
    00:58:31.0160 4412 [ 48FBD796C5A4483DDA53DD2ED938C36B ] C:\Program Files (x86)\TuneUp Utilities 2011\TUIcoEngineerDirTree.bpl
    00:58:31.0160 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUIcoEngineerDirTree.bpl - ok
    00:58:31.0175 4412 [ ABF094FA1D9372176E8B147187BA5965 ] C:\Program Files (x86)\TuneUp Utilities 2011\SysInfo.bpl
    00:58:31.0175 4412 C:\Program Files (x86)\TuneUp Utilities 2011\SysInfo.bpl - ok
    00:58:31.0175 4412 [ 20747DA4805037F54A2D377D0C29E3DC ] C:\Program Files (x86)\TuneUp Utilities 2011\MSI_D6.bpl
    00:58:31.0175 4412 C:\Program Files (x86)\TuneUp Utilities 2011\MSI_D6.bpl - ok
    00:58:31.0175 4412 [ 5480CBEA04AEF4E0871A2F2847AE8C1C ] C:\Program Files (x86)\TuneUp Utilities 2011\VirtualTreesR.bpl
    00:58:31.0175 4412 C:\Program Files (x86)\TuneUp Utilities 2011\VirtualTreesR.bpl - ok
    00:58:31.0175 4412 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
    00:58:31.0175 4412 C:\Windows\SysWOW64\browcli.dll - ok
    00:58:31.0191 4412 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
    00:58:31.0191 4412 C:\Windows\SysWOW64\wscapi.dll - ok
    00:58:31.0191 4412 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
    00:58:31.0191 4412 C:\Windows\SysWOW64\logoncli.dll - ok
    00:58:31.0191 4412 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
    00:58:31.0191 4412 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
    00:58:31.0207 4412 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
    00:58:31.0207 4412 C:\Windows\System32\security.dll - ok
    00:58:31.0207 4412 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
    00:58:31.0207 4412 C:\Windows\System32\browcli.dll - ok
    00:58:31.0207 4412 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
    00:58:31.0207 4412 C:\Windows\System32\schedcli.dll - ok
    00:58:31.0207 4412 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
    00:58:31.0207 4412 C:\Windows\SysWOW64\olepro32.dll - ok
    00:58:31.0222 4412 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll
    00:58:31.0222 4412 C:\Windows\SysWOW64\schedcli.dll - ok
    00:58:31.0222 4412 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
    00:58:31.0222 4412 C:\Windows\SysWOW64\winsta.dll - ok
    00:58:31.0222 4412 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
    00:58:31.0222 4412 C:\Windows\SysWOW64\sxs.dll - ok
    00:58:31.0222 4412 [ B6663FC132F0262A5EF48DB2D0187DE3 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
    00:58:31.0222 4412 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
    00:58:31.0222 4412 [ A77BA10A0D610BBB6101AEA1E633ABE1 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    00:58:31.0222 4412 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
    00:58:31.0238 4412 [ AE0A2DE2BB518D204F94DDCF93BBCC4C ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
    00:58:31.0238 4412 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
    00:58:31.0238 4412 [ B720B4D1C97FBE02BE32812B580F1849 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
    00:58:31.0238 4412 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
    00:58:31.0238 4412 [ EC248BC9C9C225FD289F250756503146 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
    00:58:31.0238 4412 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
    00:58:31.0238 4412 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
    00:58:31.0238 4412 C:\Windows\SysWOW64\sfc.dll - ok
    00:58:31.0253 4412 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
    00:58:31.0253 4412 C:\Windows\SysWOW64\sfc_os.dll - ok
    00:58:31.0253 4412 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
    00:58:31.0253 4412 C:\Windows\SysWOW64\devrtl.dll - ok
    00:58:31.0253 4412 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
    00:58:31.0253 4412 C:\Windows\System32\ie4uinit.exe - ok
    00:58:31.0253 4412 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
    00:58:31.0253 4412 C:\Windows\System32\iedkcs32.dll - ok
    00:58:31.0253 4412 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
    00:58:31.0253 4412 C:\Windows\System32\themeui.dll - ok
    00:58:31.0269 4412 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
    00:58:31.0269 4412 C:\Windows\System32\timedate.cpl - ok
    00:58:31.0269 4412 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
    00:58:31.0269 4412 C:\Windows\System32\actxprxy.dll - ok
    00:58:31.0269 4412 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
    00:58:31.0269 4412 C:\Windows\System32\shdocvw.dll - ok
    00:58:31.0269 4412 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
    00:58:31.0269 4412 C:\Windows\System32\linkinfo.dll - ok
    00:58:31.0285 4412 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
    00:58:31.0285 4412 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
    00:58:31.0285 4412 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
    00:58:31.0285 4412 C:\Windows\System32\msftedit.dll - ok
    00:58:31.0285 4412 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
    00:58:31.0285 4412 C:\Windows\System32\msls31.dll - ok
    00:58:31.0285 4412 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
    00:58:31.0285 4412 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
    00:58:31.0285 4412 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
    00:58:31.0285 4412 C:\Windows\System32\gameux.dll - ok
    00:58:31.0300 4412 [ E503E15C88B4BBDA3F6345E34FED3E92 ] C:\Windows\System32\mssvp.dll
    00:58:31.0300 4412 C:\Windows\System32\mssvp.dll - ok
    00:58:31.0300 4412 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
    00:58:31.0300 4412 C:\Windows\System32\mapi32.dll - ok
    00:58:31.0300 4412 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
    00:58:31.0300 4412 C:\Windows\System32\SyncCenter.dll - ok
    00:58:31.0300 4412 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
    00:58:31.0300 4412 C:\Windows\System32\msiltcfg.dll - ok
    00:58:31.0300 4412 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
    00:58:31.0300 4412 C:\Windows\System32\DeviceCenter.dll - ok
    00:58:31.0316 4412 [ 587BB0FA7D11F81251539A630C097C8C ] C:\Windows\System32\appwiz.cpl
    00:58:31.0316 4412 C:\Windows\System32\appwiz.cpl - ok
    00:58:31.0316 4412 [ ECEC505F96DC60024B5C3384B180D07C ] C:\Windows\System32\osbaseln.dll
    00:58:31.0316 4412 C:\Windows\System32\osbaseln.dll - ok
    00:58:31.0316 4412 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
    00:58:31.0316 4412 C:\Windows\System32\thumbcache.dll - ok
    00:58:31.0316 4412 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
    00:58:31.0316 4412 C:\Windows\System32\networkexplorer.dll - ok
    00:58:31.0331 4412 [ 0892837BF89C842D518AC3A323992B47 ] C:\Windows\vsnp2uvc.exe
    00:58:31.0331 4412 C:\Windows\vsnp2uvc.exe - ok
    00:58:31.0331 4412 [ B765660889FB730A1AC49AC7E5A5493D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    00:58:31.0331 4412 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
    00:58:31.0331 4412 [ 39CDCC21F0A1E14AECE38A13049F04E7 ] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
    00:58:31.0331 4412 C:\Program Files\Fujitsu\PSUtility\TrayManager.exe - ok
    00:58:31.0331 4412 [ C14DDD4BB10BFB9162882453A60326C3 ] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe
    00:58:31.0331 4412 C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe - ok
    00:58:31.0347 4412 [ 84B6743FF8C82CAA1B72AC0FF031D751 ] C:\Windows\System32\igfxpers.exe
    00:58:31.0347 4412 C:\Windows\System32\igfxpers.exe - ok
    00:58:31.0347 4412 [ EE73EC3E782DCE640DF2B4CBCF357142 ] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
    00:58:31.0347 4412 C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe - ok
    00:58:31.0347 4412 [ 816CB97E7BC90FF66F64E6AB36FF47C7 ] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
    00:58:31.0347 4412 C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe - ok
    00:58:31.0347 4412 [ 7B97E8F22CE577DC891C6FAF16914FE7 ] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
    00:58:31.0347 4412 C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe - ok
    00:58:31.0363 4412 [ D26F58CAD288E92A45A0F8517179B6A4 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    00:58:31.0363 4412 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe - ok
    00:58:31.0363 4412 [ A93F6D00702900137E4C97C17B01A600 ] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
    00:58:31.0363 4412 C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe - ok
    00:58:31.0363 4412 [ 1E91D7C797290115BB082AD5C1BF6106 ] C:\Windows\System32\hccutils.dll
    00:58:31.0363 4412 C:\Windows\System32\hccutils.dll - ok
    00:58:31.0363 4412 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
    00:58:31.0363 4412 C:\Windows\System32\rundll32.exe - ok
    00:58:31.0378 4412 [ 905857049BA3B71AF15EC55B4C6573D7 ] C:\Program Files (x86)\SmartVoip.com\SmartVoip\smartvoip.exe
    00:58:31.0378 4412 C:\Program Files (x86)\SmartVoip.com\SmartVoip\smartvoip.exe - ok
    00:58:31.0378 4412 [ 6538B56CA1ACD5E2C1CE1E3605E7EE62 ] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
    00:58:31.0378 4412 C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll - ok
    00:58:31.0378 4412 [ 6F338A5BD1F0C25A25F74652D89A4DD7 ] C:\Windows\System32\igfxsrvc.exe
    00:58:31.0378 4412 C:\Windows\System32\igfxsrvc.exe - ok
    00:58:31.0394 4412 [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Windows\System32\msvcr100.dll
    00:58:31.0394 4412 C:\Windows\System32\msvcr100.dll - ok
    00:58:31.0394 4412 [ DE5D803E7D598654CBD97663EA89ECF3 ] C:\Program Files\Fujitsu\PSUtility\ODDEg.dll
    00:58:31.0394 4412 C:\Program Files\Fujitsu\PSUtility\ODDEg.dll - ok
    00:58:31.0394 4412 [ D387677FB0660C7863A8F8A2237B06F0 ] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.dll
    00:58:31.0394 4412 C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.dll - ok
    00:58:31.0409 4412 [ 05D6C6C15BBA54F0021E997E4A4837E2 ] C:\Windows\System32\igfxsrvc.dll
    00:58:31.0409 4412 C:\Windows\System32\igfxsrvc.dll - ok
    00:58:31.0409 4412 [ B28D1EE1884D065D791253C4E95D17EC ] C:\Windows\System32\igfxdev.dll
    00:58:31.0409 4412 C:\Windows\System32\igfxdev.dll - ok
    00:58:31.0409 4412 [ 5D72FDA64EBF95CF0D1F492DF6CCF737 ] C:\Program Files\Fujitsu\Application Panel\BtnHnd.dll
    00:58:31.0409 4412 C:\Program Files\Fujitsu\Application Panel\BtnHnd.dll - ok
    00:58:31.0409 4412 [ D9DC7F47BBFBF0C9DCC0E15484ECDB92 ] C:\Program Files\Fujitsu\PSUtility\AudioEg4.dll
    00:58:31.0409 4412 C:\Program Files\Fujitsu\PSUtility\AudioEg4.dll - ok
    00:58:31.0425 4412 [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Windows\System32\msvcp100.dll
    00:58:31.0425 4412 C:\Windows\System32\msvcp100.dll - ok
    00:58:31.0425 4412 [ 3375D9A7A9E5352CEE5DABE9373D5F08 ] C:\Program Files\Fujitsu\PSUtility\AudioEg5.dll
    00:58:31.0425 4412 C:\Program Files\Fujitsu\PSUtility\AudioEg5.dll - ok
    00:58:31.0425 4412 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
    00:58:31.0425 4412 C:\Windows\System32\IccLibDll_x64.dll - ok
    00:58:31.0425 4412 [ 46A1BC0203BCCAAAB2741065620E7DD6 ] C:\Program Files\Common Files\Intel\WirelessCommon\CustomUIResource.dll
    00:58:31.0425 4412 C:\Program Files\Common Files\Intel\WirelessCommon\CustomUIResource.dll - ok
    00:58:31.0441 4412 [ 456F92F73BCE69226DA0A2C7619E08D4 ] C:\Program Files\Fujitsu\PSUtility\WlanEg.dll
    00:58:31.0441 4412 C:\Program Files\Fujitsu\PSUtility\WlanEg.dll - ok
    00:58:31.0441 4412 [ 12926C4A5337BD528879C22557282C93 ] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\WiWiTray.dll
    00:58:31.0441 4412 C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\WiWiTray.dll - ok
    00:58:31.0441 4412 [ 84EB0014D56AC2A5159A6987A77FFAF3 ] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll
    00:58:31.0441 4412 C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll - ok
    00:58:31.0441 4412 [ FBCE47AFE5F1E93420AF3B68D17421E7 ] C:\Program Files\Fujitsu\PSUtility\WimaxEg.dll
    00:58:31.0441 4412 C:\Program Files\Fujitsu\PSUtility\WimaxEg.dll - ok
    00:58:31.0456 4412 [ 7FE64B0427D915C78DB3F87D13AF2D67 ] C:\Program Files\Fujitsu\PSUtility\BTEg.dll
    00:58:31.0456 4412 C:\Program Files\Fujitsu\PSUtility\BTEg.dll - ok
    00:58:31.0456 4412 [ ABC1ACCFC6824882706E6C5FC324FECB ] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
    00:58:31.0456 4412 C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll - ok
    00:58:31.0456 4412 [ B97A2156CCF49A7EDBCE15F04EB4F733 ] C:\Program Files\Fujitsu\PSUtility\PccMemEg.dll
    00:58:31.0456 4412 C:\Program Files\Fujitsu\PSUtility\PccMemEg.dll - ok
    00:58:31.0456 4412 [ C6108EC61A6BF54CA4CC5DB81A825B87 ] C:\Program Files\Fujitsu\PSUtility\LanEg.dll
    00:58:31.0456 4412 C:\Program Files\Fujitsu\PSUtility\LanEg.dll - ok
    00:58:31.0456 4412 [ BE45BFBA4BF92CD329E465022A824326 ] C:\Program Files\Fujitsu\PSUtility\ModemVNEg.dll
    00:58:31.0456 4412 C:\Program Files\Fujitsu\PSUtility\ModemVNEg.dll - ok
    00:58:31.0472 4412 [ EA443DF7435B1A64BA521A2C7ED94029 ] C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.DLL
    00:58:31.0472 4412 C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.DLL - ok
    00:58:31.0472 4412 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
    00:58:31.0472 4412 C:\Windows\System32\bthprops.cpl - ok
    00:58:31.0472 4412 [ 0186B0A4075C7D51E7E9F2F46C61BA60 ] C:\Program Files\Fujitsu\PSUtility\1394Eg.dll
    00:58:31.0472 4412 C:\Program Files\Fujitsu\PSUtility\1394Eg.dll - ok
    00:58:31.0472 4412 [ CCCB272857CBA3A53BF3C655AE950082 ] C:\Program Files\Intel\WiFi\bin\PanApi.dll
    00:58:31.0472 4412 C:\Program Files\Intel\WiFi\bin\PanApi.dll - ok
    00:58:31.0472 4412 [ F2A6F6F0EA41FA528B4B4B66E076D963 ] C:\Program Files\Fujitsu\PSUtility\LcdTpcEg.dll
    00:58:31.0472 4412 C:\Program Files\Fujitsu\PSUtility\LcdTpcEg.dll - ok
    00:58:31.0487 4412 [ 7E262330DF0C4BE4ECE853B59B9CBE4C ] C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    00:58:31.0487 4412 C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe - ok
    00:58:31.0487 4412 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
    00:58:31.0487 4412 C:\Windows\System32\dsound.dll - ok
    00:58:31.0487 4412 [ 096EA7E7E018B5D0B90B507696664E4F ] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
    00:58:31.0487 4412 C:\Program Files\Intel\WiFi\bin\DbEngine.dll - ok
    00:58:31.0487 4412 [ 1D32DA14E17007E6C51D0B0B81BE3B2E ] C:\Program Files\Fujitsu\PSUtility\LcdEg.dll
    00:58:31.0487 4412 C:\Program Files\Fujitsu\PSUtility\LcdEg.dll - ok
    00:58:31.0503 4412 [ 689AC6EF92C0AB58EA673F134681321D ] C:\Program Files\Fujitsu\PSUtility\RefrateEg.dll
    00:58:31.0503 4412 C:\Program Files\Fujitsu\PSUtility\RefrateEg.dll - ok
    00:58:31.0503 4412 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
    00:58:31.0503 4412 C:\Windows\System32\opengl32.dll - ok
    00:58:31.0503 4412 [ 3B85790C9F321B4638180C86F4A217E5 ] C:\Windows\System32\igfxext.exe
    00:58:31.0503 4412 C:\Windows\System32\igfxext.exe - ok
    00:58:31.0503 4412 [ 247BE884EE38EECF1CBC4CC670EFCE60 ] C:\Program Files\Intel\WiFi\bin\LangResources\enu\PanTrENU.dll
    00:58:31.0503 4412 C:\Program Files\Intel\WiFi\bin\LangResources\enu\PanTrENU.dll - ok
    00:58:31.0503 4412 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
    00:58:31.0503 4412 C:\Windows\System32\glu32.dll - ok
    00:58:31.0519 4412 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
    00:58:31.0519 4412 C:\Windows\System32\ddraw.dll - ok
    00:58:31.0519 4412 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
    00:58:31.0519 4412 C:\Windows\System32\dciman32.dll - ok
    00:58:31.0519 4412 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\05726886.sys
    00:58:31.0519 4412 C:\Windows\System32\drivers\05726886.sys - ok
    00:58:31.0519 4412 [ 9BEF7CC2CC39916B5EA7FDC5FDC43BF4 ] C:\Program Files\Fujitsu\FDM7\FdmCom.exe
    00:58:31.0519 4412 C:\Program Files\Fujitsu\FDM7\FdmCom.exe - ok
    00:58:31.0534 4412 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
    00:58:31.0534 4412 C:\Windows\System32\RtkCfg64.dll - ok
    00:58:31.0534 4412 [ 52395A98E72AB1F48929638BCCEDC873 ] C:\Windows\System32\igfxexps.dll
    00:58:31.0534 4412 C:\Windows\System32\igfxexps.dll - ok
    00:58:31.0534 4412 [ A7B1ADC8491C55BFBC27B11D65F4B619 ] C:\Program Files\Fujitsu\PSUtility\RefrateEg2.dll
    00:58:31.0534 4412 C:\Program Files\Fujitsu\PSUtility\RefrateEg2.dll - ok
    00:58:31.0534 4412 [ 3C9D1583EAA991775B5D3671678A19FB ] C:\Windows\System32\RtkAPO64.dll
    00:58:31.0534 4412 C:\Windows\System32\RtkAPO64.dll - ok
    00:58:31.0550 4412 [ A1E0B1D6D40DDB3D815850A2C138B86F ] C:\Program Files\Fujitsu\PSUtility\HddEg.dll
    00:58:31.0550 4412 C:\Program Files\Fujitsu\PSUtility\HddEg.dll - ok
    00:58:31.0550 4412 [ 45A80D0407E0E6DE92912C01ED08F7EB ] C:\Program Files\Fujitsu\PSUtility\UmtsEg.dll
    00:58:31.0550 4412 C:\Program Files\Fujitsu\PSUtility\UmtsEg.dll - ok
    00:58:31.0550 4412 [ 3423A650F47E603C1EDF771A1F94B984 ] C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
    00:58:31.0550 4412 C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe - ok
    00:58:31.0565 4412 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
    00:58:31.0565 4412 C:\Windows\SysWOW64\dsound.dll - ok
    00:58:31.0565 4412 [ 7476EF80C782DD264D45FE999A39C099 ] C:\Program Files\Fujitsu\FDM7\EngineWin7Com.dll
    00:58:31.0565 4412 C:\Program Files\Fujitsu\FDM7\EngineWin7Com.dll - ok
    00:58:31.0565 4412 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
    00:58:31.0565 4412 C:\Windows\SysWOW64\powrprof.dll - ok
    00:58:31.0565 4412 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
    00:58:31.0565 4412 C:\Windows\System32\hnetcfg.dll - ok
    00:58:31.0565 4412 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
    00:58:31.0565 4412 C:\Windows\System32\netman.dll - ok
    00:58:31.0581 4412 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
    00:58:31.0581 4412 C:\Windows\System32\mscoree.dll - ok
    00:58:31.0581 4412 [ 6EB75D77133B9B42C0EB9D4D0F861CD9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
    00:58:31.0581 4412 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
    00:58:31.0581 4412 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
    00:58:31.0581 4412 C:\Windows\System32\dot3api.dll - ok
    00:58:31.0597 4412 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
    00:58:31.0597 4412 C:\Windows\System32\wlanhlp.dll - ok
    00:58:31.0597 4412 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
    00:58:31.0597 4412 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
    00:58:31.0597 4412 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
    00:58:31.0597 4412 C:\Windows\System32\stobject.dll - ok
    00:58:31.0612 4412 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
    00:58:31.0612 4412 C:\Windows\System32\batmeter.dll - ok
    00:58:31.0612 4412 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
    00:58:31.0612 4412 C:\Windows\SysWOW64\riched20.dll - ok
    00:58:31.0612 4412 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
    00:58:31.0612 4412 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
    00:58:31.0628 4412 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
    00:58:31.0628 4412 C:\Windows\System32\prnfldr.dll - ok
    00:58:31.0628 4412 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
    00:58:31.0628 4412 C:\Windows\System32\DXP.dll - ok
    00:58:31.0628 4412 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
    00:58:31.0628 4412 C:\Windows\SysWOW64\duser.dll - ok
    00:58:31.0628 4412 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
    00:58:31.0628 4412 C:\Windows\System32\AltTab.dll - ok
    00:58:31.0643 4412 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
    00:58:31.0643 4412 C:\Windows\System32\Syncreg.dll - ok
    00:58:31.0643 4412 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
    00:58:31.0643 4412 C:\Windows\SysWOW64\dui70.dll - ok
    00:58:31.0643 4412 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
    00:58:31.0643 4412 C:\Windows\System32\QUTIL.DLL - ok
    00:58:31.0643 4412 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
    00:58:31.0643 4412 C:\Windows\ehome\ehSSO.dll - ok
    00:58:31.0659 4412 [ 070753E47E04181DD440EA2FEFE3115C ] C:\Program Files (x86)\Skype\Phone\Skype.exe
    00:58:31.0659 4412 C:\Program Files (x86)\Skype\Phone\Skype.exe - ok
    00:58:31.0659 4412 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
    00:58:31.0659 4412 C:\Windows\System32\WPDShServiceObj.dll - ok
    00:58:31.0659 4412 [ 3C1F89031F2EDA6EAF8765D2CFEC0805 ] C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
    00:58:31.0659 4412 C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE - ok
    00:58:31.0659 4412 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
    00:58:31.0659 4412 C:\Windows\System32\PortableDeviceTypes.dll - ok
    00:58:31.0675 4412 [ D9EDC964E0478B08BCF3A04F67526D36 ] C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    00:58:31.0675 4412 C:\Program Files (x86)\Google\Drive\googledrivesync.exe - ok
    00:58:31.0675 4412 [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
    00:58:31.0675 4412 C:\Windows\System32\cscobj.dll - ok
    00:58:31.0675 4412 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
    00:58:31.0675 4412 C:\Windows\System32\rasdlg.dll - ok
    00:58:31.0675 4412 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
    00:58:31.0675 4412 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
    00:58:31.0675 4412 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
    00:58:31.0675 4412 C:\Windows\System32\mprapi.dll - ok
    00:58:31.0690 4412 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
    00:58:31.0690 4412 C:\Windows\System32\ntshrui.dll - ok
    00:58:31.0690 4412 [ 2C1BB3AD51826AA96C9802CBC123814F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll
    00:58:31.0690 4412 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll - ok
    00:58:31.0690 4412 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
    00:58:31.0690 4412 C:\Windows\System32\srchadmin.dll - ok
    00:58:31.0690 4412 [ 299B03AF6CD4BA85273641A98437F840 ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
    00:58:31.0690 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe - ok
    00:58:31.0706 4412 [ DEBF34BCF45FC4764CFF6F4CEBD1E03C ] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
    00:58:31.0706 4412 C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe - ok
    00:58:31.0706 4412 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
    00:58:31.0706 4412 C:\Windows\SysWOW64\msvcp100.dll - ok
    00:58:31.0706 4412 [ D3AC38E80E928CC61A22650E04423BB8 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    00:58:31.0706 4412 C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe - ok
    00:58:31.0706 4412 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
    00:58:31.0706 4412 C:\Windows\SysWOW64\msvcr100.dll - ok
    00:58:31.0706 4412 [ 5E118E606E2AF56419A699210DFCF450 ] C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe
    00:58:31.0706 4412 C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
    00:58:31.0721 4412 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
    00:58:31.0721 4412 C:\Windows\System32\SearchIndexer.exe - ok

    To be contd..

  2. #12
    Junior Member
    Join Date
    May 2013
    Posts
    18

    Default

    Contd from above..




    00:58:31.0721 4412 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
    00:58:31.0721 4412 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
    00:58:31.0721 4412 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
    00:58:31.0721 4412 C:\Windows\System32\WWanAPI.dll - ok
    00:58:31.0721 4412 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
    00:58:31.0721 4412 C:\Windows\System32\tquery.dll - ok
    00:58:31.0737 4412 [ 7451774B0E37082DB5F5C7A1A3C896CD ] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\fuj02b1.dll
    00:58:31.0737 4412 C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\fuj02b1.dll - ok
    00:58:31.0737 4412 [ 6867DD4CE47A815D27907A31C2761421 ] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\VFuj02b1.dll
    00:58:31.0737 4412 C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\VFuj02b1.dll - ok
    00:58:31.0737 4412 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
    00:58:31.0737 4412 C:\Windows\System32\wwapi.dll - ok
    00:58:31.0737 4412 [ A3287F8EB6182FB060C818524C7D6A63 ] C:\Windows\System32\dxtrans.dll
    00:58:31.0737 4412 C:\Windows\System32\dxtrans.dll - ok
    00:58:31.0737 4412 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
    00:58:31.0737 4412 C:\Windows\System32\UIAnimation.dll - ok
    00:58:31.0753 4412 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
    00:58:31.0753 4412 C:\Windows\System32\QAGENT.DLL - ok
    00:58:31.0753 4412 [ FD2031A7D5BBB95DC8A763D20B352A46 ] C:\Windows\System32\imgutil.dll
    00:58:31.0753 4412 C:\Windows\System32\imgutil.dll - ok
    00:58:31.0753 4412 [ 4938A4350327E1A5DEB0CD134AC1AAA3 ] C:\Windows\System32\ddrawex.dll
    00:58:31.0753 4412 C:\Windows\System32\ddrawex.dll - ok
    00:58:31.0753 4412 [ 87BA98AD98D6587968AF13A7CDB577A9 ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
    00:58:31.0753 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll - ok
    00:58:31.0753 4412 [ 2031DCC0083A134AF9451CD1402FFCE3 ] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
    00:58:31.0753 4412 C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll - ok
    00:58:31.0768 4412 [ C6A998D40A2699F1C58BB893B182BD22 ] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\BrightMgr.dll
    00:58:31.0768 4412 C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\BrightMgr.dll - ok
    00:58:31.0768 4412 [ 2F31597DA72FE328E1F7FEBF8548759C ] C:\Windows\System32\pngfilt.dll
    00:58:31.0768 4412 C:\Windows\System32\pngfilt.dll - ok
    00:58:31.0768 4412 [ EAFDCD34F5E4DFE1134628B5CF2F2555 ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
    00:58:31.0768 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll - ok
    00:58:31.0768 4412 [ 9682D5B9D9309377C1A7E08C3E6B7B3D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll
    00:58:31.0768 4412 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll - ok
    00:58:31.0784 4412 [ 730860F0D8032C05453F77A145687C1C ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
    00:58:31.0784 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll - ok
    00:58:31.0784 4412 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
    00:58:31.0784 4412 C:\Windows\System32\mssrch.dll - ok
    00:58:31.0784 4412 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
    00:58:31.0784 4412 C:\Windows\System32\FXSST.dll - ok
    00:58:31.0784 4412 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
    00:58:31.0784 4412 C:\Windows\System32\FXSAPI.dll - ok
    00:58:31.0784 4412 [ F584BBA1B0D3A7315F95A274134D4ABA ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
    00:58:31.0784 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll - ok
    00:58:31.0799 4412 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
    00:58:31.0799 4412 C:\Windows\System32\FXSRESM.dll - ok
    00:58:31.0799 4412 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
    00:58:31.0799 4412 C:\Windows\System32\esent.dll - ok
    00:58:31.0799 4412 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
    00:58:31.0799 4412 C:\Windows\System32\FXSSVC.exe - ok
    00:58:31.0799 4412 [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2 ] C:\Windows\SysWOW64\sti.dll
    00:58:31.0799 4412 C:\Windows\SysWOW64\sti.dll - ok
    00:58:31.0815 4412 [ CC5CF2F2B39344BEC48259568D2E3617 ] C:\Program Files (x86)\Epson Software\Event Manager\ScanEngine30.dll
    00:58:31.0815 4412 C:\Program Files (x86)\Epson Software\Event Manager\ScanEngine30.dll - ok
    00:58:31.0815 4412 [ 03627093A13054951A8740D7C55782E5 ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qsvg4.dll
    00:58:31.0815 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qsvg4.dll - ok
    00:58:31.0815 4412 [ 4B61D3ADA18EAE27EAF25FD14802690F ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
    00:58:31.0815 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll - ok
    00:58:31.0815 4412 [ 9DA048718B2520B419F18E19FDA3CAE9 ] C:\Program Files (x86)\Epson Software\Event Manager\ScnMgr10.dll
    00:58:31.0815 4412 C:\Program Files (x86)\Epson Software\Event Manager\ScnMgr10.dll - ok
    00:58:31.0815 4412 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
    00:58:31.0815 4412 C:\Windows\System32\msidle.dll - ok
    00:58:31.0831 4412 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
    00:58:31.0831 4412 C:\Windows\System32\mssprxy.dll - ok
    00:58:31.0831 4412 [ 167685C47B005B4B4CE8D3E09D576B90 ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
    00:58:31.0831 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe - ok
    00:58:31.0831 4412 [ AA054490174EBD8E422D7AFDB98A83C3 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PfNet\6fa29d9fa053b0c9f2ab562c7cc52a4b\PfNet.ni.exe
    00:58:31.0831 4412 C:\Windows\assembly\NativeImages_v2.0.50727_64\PfNet\6fa29d9fa053b0c9f2ab562c7cc52a4b\PfNet.ni.exe - ok
    00:58:31.0846 4412 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
    00:58:31.0846 4412 C:\Windows\SysWOW64\credui.dll - ok
    00:58:31.0846 4412 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
    00:58:31.0846 4412 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
    00:58:31.0846 4412 [ A0CF76137D2F23C76C860CAD2C605780 ] C:\Windows\AppPatch\AcSpecfc.dll
    00:58:31.0846 4412 C:\Windows\AppPatch\AcSpecfc.dll - ok
    00:58:31.0846 4412 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
    00:58:31.0846 4412 C:\Windows\SysWOW64\mscms.dll - ok
    00:58:31.0862 4412 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
    00:58:31.0862 4412 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
    00:58:31.0862 4412 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
    00:58:31.0862 4412 C:\Windows\SysWOW64\ddraw.dll - ok
    00:58:31.0862 4412 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
    00:58:31.0862 4412 C:\Windows\SysWOW64\dciman32.dll - ok
    00:58:31.0877 4412 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
    00:58:31.0877 4412 C:\Windows\SysWOW64\security.dll - ok
    00:58:31.0877 4412 [ 7043D485AEAE435312659FF1461F1491 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSO.DLL
    00:58:31.0877 4412 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSO.DLL - ok
    00:58:31.0877 4412 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
    00:58:31.0877 4412 C:\Windows\System32\en-US\tquery.dll.mui - ok
    00:58:31.0877 4412 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
    00:58:31.0877 4412 C:\Windows\System32\drmv2clt.dll - ok
    00:58:31.0893 4412 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
    00:58:31.0893 4412 C:\Windows\System32\wmdrmdev.dll - ok
    00:58:31.0893 4412 [ 63E0B16CEBB27CAAD1D2970AF77934E0 ] C:\Windows\SysWOW64\TWAIN_32.DLL
    00:58:31.0893 4412 C:\Windows\SysWOW64\TWAIN_32.DLL - ok
    00:58:31.0893 4412 [ B458EB36499704E09EEA90A92C73A0A0 ] C:\Windows\SysWOW64\msvcrt20.dll
    00:58:31.0893 4412 C:\Windows\SysWOW64\msvcrt20.dll - ok
    00:58:31.0893 4412 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
    00:58:31.0893 4412 C:\Windows\System32\wmploc.DLL - ok
    00:58:31.0909 4412 [ 4C039E0834C937825264ED002702C7EA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PFNSwMain\07ceed744f89ae5da029d899e1ea79c6\PFNSwMain.ni.dll
    00:58:31.0909 4412 C:\Windows\assembly\NativeImages_v2.0.50727_64\PFNSwMain\07ceed744f89ae5da029d899e1ea79c6\PFNSwMain.ni.dll - ok
    00:58:31.0909 4412 [ B84FC6B9A1A7C620F3C1ED771125E68D ] C:\Program Files (x86)\Epson Software\Event Manager\EPNSM.dll
    00:58:31.0909 4412 C:\Program Files (x86)\Epson Software\Event Manager\EPNSM.dll - ok
    00:58:31.0909 4412 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
    00:58:31.0909 4412 C:\Windows\SysWOW64\d3d9.dll - ok
    00:58:31.0924 4412 [ 637124CDBFF5819CB8A8478838A33048 ] C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll
    00:58:31.0924 4412 C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll - ok
    00:58:31.0924 4412 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
    00:58:31.0924 4412 C:\Windows\SysWOW64\NapiNSP.dll - ok
    00:58:31.0924 4412 [ 2C88B7A18EE8FDB4135B64C603CCBD16 ] C:\Program Files (x86)\Microsoft Office\Office12\OLMAPI32.DLL
    00:58:31.0924 4412 C:\Program Files (x86)\Microsoft Office\Office12\OLMAPI32.DLL - ok
    00:58:31.0924 4412 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
    00:58:31.0924 4412 C:\Windows\SysWOW64\pnrpnsp.dll - ok
    00:58:31.0940 4412 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
    00:58:31.0940 4412 C:\Windows\SysWOW64\winrnr.dll - ok
    00:58:31.0940 4412 [ 28638660E651578C354BF43CD646EF6D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll
    00:58:31.0940 4412 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll - ok
    00:58:31.0940 4412 [ 4112A6825D37BC799E9531B194265B4B ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\AffStateMc.dll
    00:58:31.0940 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\AffStateMc.dll - ok
    00:58:31.0955 4412 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
    00:58:31.0955 4412 C:\Windows\SysWOW64\d3d8thk.dll - ok
    00:58:31.0955 4412 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
    00:58:31.0955 4412 C:\Windows\SysWOW64\pdh.dll - ok
    00:58:31.0955 4412 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
    00:58:31.0955 4412 C:\Windows\SysWOW64\msacm32.dll - ok
    00:58:31.0955 4412 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
    00:58:31.0955 4412 C:\Windows\SysWOW64\msimtf.dll - ok
    00:58:31.0971 4412 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
    00:58:31.0971 4412 C:\Windows\SysWOW64\wlanapi.dll - ok
    00:58:31.0971 4412 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
    00:58:31.0971 4412 C:\Windows\SysWOW64\wlanutil.dll - ok
    00:58:31.0971 4412 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
    00:58:31.0971 4412 C:\Windows\SysWOW64\avrt.dll - ok
    00:58:31.0971 4412 [ E7F9C5D94B47C686CF54B60CB5A08FC3 ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\affNdis.dll
    00:58:31.0971 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\affNdis.dll - ok
    00:58:31.0987 4412 ============================================================
    00:58:31.0987 4412 Scan finished
    00:58:31.0987 4412 ============================================================
    00:58:31.0987 4396 Detected object count: 0
    00:58:31.0987 4396 Actual detected object count: 0
    00:58:37.0041 4004 Deinitialize success

    The new OTL.txt file

    OTL logfile created on: 31-05-2013 19:15:38 - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sundhar\Downloads
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy

    3.91 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 56.07% Memory free
    7.83 Gb Paging File | 6.00 Gb Available in Paging File | 76.63% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 120.00 Gb Total Space | 32.29 Gb Free Space | 26.91% Space Free | Partition Type: NTFS
    Drive D: | 157.46 Gb Total Space | 56.15 Gb Free Space | 35.66% Space Free | Partition Type: NTFS

    Computer Name: SUNDHAR-PC | User Name: Sundhar | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Sundhar\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
    PRC - C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    PRC - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
    PRC - C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
    PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
    PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
    PRC - C:\Windows\vsnp2uvc.exe (Sonix)
    PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)


    ========== Modules (No Company Name) ==========

    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\wx._core_.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\_ssl.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\windows._cacheinvalidation.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\wx._windows_.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\wx._gdi_.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\wx._misc_.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\_hashlib.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\pysqlite2._sqlite.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\pythoncom27.dll ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32com.shell.shell.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\_elementtree.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\wx._wizard.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32file.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\PyWinTypes27.dll ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32security.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32api.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\_ctypes.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\wx._html2.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\_socket.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32inet.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32process.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\_multiprocessing.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32pdh.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32ts.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32profile.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32crypt.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\wx._controls_.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32event.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\pyexpat.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\unicodedata.pyd ()
    MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\select.pyd ()
    MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()


    ========== Services (SafeList) ==========

    SRV:64bit: - (NIApplicationWebServer64) -- C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe File not found
    SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
    SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
    SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
    SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
    SRV:64bit: - (PFNService) -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe (FUJITSU LIMITED)
    SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
    SRV:64bit: - (PowerSavingUtilityService) -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe (FUJITSU LIMITED)
    SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
    SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
    SRV - (CSObjectsSrv) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
    SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
    SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
    SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
    SRV - (nlsX86cc) -- C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
    SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software)
    SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
    SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
    SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
    SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
    SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
    SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
    SRV - (AffinegyService) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
    DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
    DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab)
    DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
    DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
    DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab)
    DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (Power Software Ltd)
    DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab)
    DRV:64bit: - (SRS_AE_Service) -- C:\Windows\SysNative\drivers\SRS_AE_amd64.sys ()
    DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
    DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
    DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
    DRV:64bit: - (CSCrySec) -- C:\Windows\SysNative\drivers\CSCrySec.sys (Infowatch)
    DRV:64bit: - (CSVirtualDiskDrv) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys (Infowatch)
    DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
    DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
    DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
    DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
    DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
    DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
    DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
    DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
    DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
    DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
    DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
    DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
    DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
    DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
    DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
    DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (FBIOSDRV) -- C:\Windows\SysNative\drivers\FBIOSDRV.sys (FUJITSU LIMITED)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (FUJ02E3) -- C:\Windows\SysNative\drivers\fuj02e3.sys (FUJITSU LIMITED)
    DRV:64bit: - (FUJ02B1) -- C:\Windows\SysNative\drivers\fuj02b1.sys (FUJITSU LIMITED)
    DRV - (FsUsbExDisk) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys ()
    DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software)
    DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
    IE:64bit: - HKLM\..\SearchScopes\{8BF7586B-60A1-4118-920A-5B08B92E1F4F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\URLSearchHook: - No CLSID value found
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{8BF7586B-60A1-4118-920A-5B08B92E1F4F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ts.fujitsu.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.com/ig/redirectd [Binary data over 200 bytes]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ig/redirectd [Binary data over 200 bytes]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKCU\..\URLSearchHook: - No CLSID value found
    IE - HKCU\..\SearchScopes,DefaultScope =
    IE - HKCU\..\SearchScopes\{8BF7586B-60A1-4118-920A-5B08B92E1F4F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG_enNO487
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

    To be contd..

  3. #13
    Junior Member
    Join Date
    May 2013
    Posts
    18

    Default

    Contd from above..





    FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Sundhar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Sundhar\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Sundhar\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Sundhar\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sundhar\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sundhar\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=2.0.8.2: C:\Users\Sundhar\AppData\Roaming\TorrentStream\player\npts_plugin.dll File not found
    FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Sundhar\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-05-13 13:06:49 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013-05-21 21:52:52 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013-05-21 21:52:53 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013-05-21 21:52:30 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013-05-21 21:52:29 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013-05-21 21:52:38 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org: C:\Users\Sundhar\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org

    [2013-01-15 19:59:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Extensions
    [2013-03-05 10:26:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Firefox\C\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions
    [2013-03-05 10:26:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Firefox\C\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions\staged
    [2013-05-29 20:55:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions
    [2013-05-29 20:55:58 | 000,000,000 | ---D | M] (Youtube High Definition) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}
    [2013-05-22 01:23:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2013-05-22 01:23:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll
    CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
    CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
    CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
    CHR - plugin: National Instruments LabVIEW 2010 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2010win32.dll
    CHR - plugin: National Instruments LabVIEW 9.0 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nplv90win32.dll
    CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
    CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
    CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
    CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll
    CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Program Files (x86)\TVUPlayer\npTVUAx.dll
    CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Sundhar\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
    CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
    CHR - Extension: Google Docs = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google Drive = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: YouTube = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Facebook = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
    CHR - Extension: Adblock Plus = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\
    CHR - Extension: Google Search = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: Kaspersky URL Advisor = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_0\
    CHR - Extension: ESPN Cricinfo = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlklinjgampohhihndkofhhaahoicoip\1.0.0_0\
    CHR - Extension: Safe Money = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0\
    CHR - Extension: SimilarWeb = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp\2.0.0.4_0\
    CHR - Extension: Virtual Keyboard = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.558_0\
    CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
    CHR - Extension: Gmail = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
    CHR - Extension: Anti-Banner = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0\

    O1 HOSTS File: ([2013-05-31 19:10:10 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
    O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
    O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
    O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
    O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
    O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
    O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
    O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [PfNet] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
    O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
    O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
    O4 - HKCU..\Run: [SmartVoip] C:\Program Files (x86)\SmartVoip.com\SmartVoip\SmartVoip.exe (SmartVoip)
    O4 - Startup: C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
    O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
    O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
    O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - mmswsock.dll File not found
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07C82958-E9E2-440A-AF17-3FB93F560E1B}: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA4A2F12-02C0-47B3-A2A7-144E72F460D6}: DhcpNameServer = 192.168.2.1
    O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
    O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\G\Shell - "" = AutoRun
    O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\RunGame.exe
    O33 - MountPoints2\H\Shell - "" = AutoRun
    O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe
    O33 - MountPoints2\H\Shell\setup\command - "" = H:\setup.exe
    O33 - MountPoints2\I\Shell - "" = AutoRun
    O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\CDCheck.exe
    O33 - MountPoints2\J\Shell - "" = AutoRun
    O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\autorun.exe
    O33 - MountPoints2\J\Shell\setup\command - "" = J:\setup.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013-05-31 19:09:02 | 000,000,000 | ---D | C] -- C:\_OTL
    [2013-05-30 16:34:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Performance Trends
    [2013-05-26 15:27:02 | 000,000,000 | ---D | C] -- C:\Windows\pss
    [2013-05-26 05:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3
    [2013-05-26 05:35:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
    [2013-05-24 15:48:45 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\Octoshape
    [2013-05-24 03:30:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CricketAcademyBeta
    [2013-05-24 03:30:09 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cricket Academy Beta
    [2013-05-23 16:49:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
    [2013-05-22 01:23:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2013-05-22 00:53:58 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
    [2013-05-21 22:14:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
    [2013-05-21 21:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
    [2013-05-21 21:53:14 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
    [2013-05-21 21:52:56 | 000,084,536 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSCrySec.sys
    [2013-05-21 21:52:56 | 000,066,616 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys
    [2013-05-21 21:52:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
    [2013-05-21 21:52:35 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
    [2013-05-21 21:52:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InfoWatch
    [2013-05-21 02:26:49 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\Desktop\rkill
    [2013-05-19 15:49:04 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\PDAppFlex
    [2013-05-19 15:35:37 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\SolidDocuments
    [2013-05-19 15:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
    [2013-05-19 15:22:02 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\YCanPDF
    [2013-05-19 15:16:13 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
    [2013-05-13 12:22:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
    [2013-05-13 12:21:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
    [2013-05-13 12:19:27 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe
    [2013-05-11 19:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Video Converter
    [2013-05-11 19:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Total Video Converter
    [2013-05-11 19:14:10 | 015,728,768 | ---- | C] (EffectMatrix Inc. ) -- C:\Users\Sundhar\Desktop\tvc.exe
    [2013-05-11 01:20:41 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\DassaultSystemes
    [2013-05-11 01:20:41 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\DassaultSystemes
    [2013-05-11 01:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\DassaultSystemes
    [2013-05-07 20:28:49 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\{FFEB5070-73C9-48F6-941F-7530CDDEBC5A}
    [2013-05-06 15:35:56 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\{E3CCEAA2-634D-482E-AC1D-4CA24CBFE149}
    [2013-05-02 19:24:07 | 000,441,104 | ---- | C] (Hide My IP) -- C:\Windows\SysNative\HMIPCore64.dll
    [2013-05-02 19:23:56 | 000,342,288 | ---- | C] (Hide My IP) -- C:\Windows\SysWow64\HMIPCore.dll

    ========== Files - Modified Within 30 Days ==========

    [2013-05-31 19:16:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013-05-31 19:13:18 | 000,000,550 | ---- | M] () -- C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job
    [2013-05-31 19:12:52 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013-05-31 19:12:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013-05-31 19:12:24 | 3152,506,880 | -HS- | M] () -- C:\hiberfil.sys
    [2013-05-31 19:11:52 | 000,020,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013-05-31 19:11:52 | 000,020,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013-05-31 19:10:10 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
    [2013-05-31 19:05:11 | 000,000,121 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
    [2013-05-31 18:54:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001UA.job
    [2013-05-31 18:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013-05-31 18:26:10 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001UA.job
    [2013-05-31 11:54:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001Core.job
    [2013-05-30 22:47:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001Core.job
    [2013-05-27 09:40:00 | 000,782,748 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013-05-27 09:40:00 | 000,655,090 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013-05-27 09:40:00 | 000,121,962 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013-05-26 17:20:07 | 002,350,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013-05-26 15:34:17 | 000,002,161 | ---- | M] () -- C:\Users\Public\Desktop\Rise of Nations Gold.lnk
    [2013-05-26 05:32:01 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
    [2013-05-24 20:16:12 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2013-05-24 03:30:10 | 000,001,147 | ---- | M] () -- C:\Users\Sundhar\Desktop\Cricket Academy Beta.lnk
    [2013-05-23 16:50:18 | 000,001,711 | ---- | M] () -- C:\Users\Sundhar\Desktop\Google Drive.lnk
    [2013-05-22 01:45:25 | 000,000,189 | ---- | M] () -- C:\Users\Sundhar\Desktop\register.bat
    [2013-05-20 06:59:25 | 000,009,910 | ---- | M] () -- C:\Users\Sundhar\Documents\MEC-3050-56_Tentti31102012.pdf
    [2013-05-15 15:31:11 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2013-05-15 15:31:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2013-05-15 15:31:06 | 017,613,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    [2013-05-13 12:20:31 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
    [2013-05-11 19:14:30 | 000,001,018 | ---- | M] () -- C:\Users\Sundhar\Desktop\Total Video Converter.lnk
    [2013-05-11 19:14:30 | 000,000,987 | ---- | M] () -- C:\Users\Sundhar\Desktop\Total Video Player.lnk
    [2013-05-11 19:14:14 | 015,728,768 | ---- | M] (EffectMatrix Inc. ) -- C:\Users\Sundhar\Desktop\tvc.exe
    [2013-05-11 01:13:25 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
    [2013-05-02 20:41:57 | 000,003,912 | ---- | M] () -- C:\Windows\SysWow64\HideMyIpSRV.ini
    [2013-05-02 20:41:57 | 000,002,096 | ---- | M] () -- C:\Windows\SysWow64\HideMyIpSRVOff.ini
    [2013-05-02 20:41:57 | 000,002,096 | ---- | M] () -- C:\Windows\SysNative\HideMyIpSRVOff.ini

    ========== Files Created - No Company Name ==========

    [2013-05-31 19:05:03 | 000,000,121 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
    [2013-05-26 17:32:01 | 000,001,061 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    [2013-05-26 15:34:17 | 000,002,161 | ---- | C] () -- C:\Users\Public\Desktop\Rise of Nations Gold.lnk
    [2013-05-26 05:32:01 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
    [2013-05-24 03:30:10 | 000,001,147 | ---- | C] () -- C:\Users\Sundhar\Desktop\Cricket Academy Beta.lnk
    [2013-05-23 16:50:18 | 000,001,711 | ---- | C] () -- C:\Users\Sundhar\Desktop\Google Drive.lnk
    [2013-05-22 01:45:25 | 000,000,189 | ---- | C] () -- C:\Users\Sundhar\Desktop\register.bat
    [2013-05-20 06:59:16 | 000,009,910 | ---- | C] () -- C:\Users\Sundhar\Documents\MEC-3050-56_Tentti31102012.pdf
    [2013-05-13 12:20:31 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
    [2013-05-13 12:19:27 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
    [2013-05-13 12:19:27 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
    [2013-05-11 19:14:30 | 000,001,018 | ---- | C] () -- C:\Users\Sundhar\Desktop\Total Video Converter.lnk
    [2013-05-11 19:14:30 | 000,000,987 | ---- | C] () -- C:\Users\Sundhar\Desktop\Total Video Player.lnk
    [2013-05-11 01:13:25 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
    [2013-05-11 01:13:24 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    [2013-05-02 19:23:36 | 000,003,912 | ---- | C] () -- C:\Windows\SysWow64\HideMyIpSRV.ini
    [2013-05-02 19:23:36 | 000,002,096 | ---- | C] () -- C:\Windows\SysWow64\HideMyIpSRVOff.ini
    [2013-05-02 19:23:36 | 000,002,096 | ---- | C] () -- C:\Windows\SysNative\HideMyIpSRVOff.ini
    [2012-12-04 22:57:22 | 000,026,895 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Comma Separated Values (Windows).ADR
    [2012-08-28 10:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
    [2012-08-28 10:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
    [2012-08-28 10:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
    [2012-08-28 10:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
    [2012-08-28 10:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
    [2012-08-26 23:46:16 | 000,017,408 | ---- | C] () -- C:\Users\Sundhar\AppData\Local\WebpageIcons.db
    [2012-08-26 17:03:35 | 000,012,229 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Comma Separated Values (Windows).CAL
    [2012-08-26 13:21:37 | 000,097,792 | ---- | C] () -- C:\Windows\FunambolAddin.dll
    [2012-08-25 11:43:42 | 720,432,986 | ---- | C] () -- C:\Users\Sundhar\www.TamilRockers.net - Urumi (2012) Tamil - DVD-Rip - 1CD - Xvid - 700MB.avi
    [2012-08-21 23:14:15 | 000,020,480 | ---- | C] () -- C:\Windows\gettopdirloc.exe
    [2012-08-21 23:14:15 | 000,020,480 | ---- | C] () -- C:\Windows\getstopdirloc.exe
    [2012-08-21 23:14:15 | 000,020,480 | ---- | C] () -- C:\Windows\getruntime.exe
    [2012-08-21 23:14:15 | 000,016,384 | ---- | C] () -- C:\Windows\w9xpopen.exe
    [2012-06-11 02:04:45 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
    [2012-06-11 02:04:45 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
    [2012-06-11 02:04:45 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

    ========== ZeroAccess Check ==========

    [2009-07-14 07:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 08:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 07:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 04:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 06:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 04:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    < End of report >




    I think that's pretty much it.

    Awaiting ur reply.

    SS

  4. #14
    Malware Team-Emeritus
    Join Date
    Sep 2012
    Location
    Florida, USA
    Posts
    1,161

    Default

    Hi anton_ego,

    1. RogueKiller

    Download to your desktop RogueKiller (by tigzy)

    Right click and select "Run as Administrator"
    • Quit all programs
    • Wait until Prescan has finished ...
    • Click on Scan, Do Not Fix Anything at this point.
    • Click the Report button, save the report to your desktop

    =========================

    2. ComboFix

    Refer to the ComboFix User's Guide

    • Download ComboFix from the following location:

      Link

      * IMPORTANT !!! Place ComboFix.exe on your Desktop
    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
      You can get help on disabling your protection programs here
    • Double click on ComboFix.exe & follow the prompts.
    • Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
    • When finished, it shall produce a log for you. Post that log in your next reply

      Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

      ---------------------------------------------------------------------------------------------
    • Ensure your AntiVirus and AntiSpyware applications are re-enabled.
      ---------------------------------------------------------------------------------------------

    NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

    =========================

    In your next post please provide the following:

    • RKreport[1].txt
    • ComboFix.txt
    OCD
    ----------
    Graduate of WTT Classroom
    Member of UNITE

    Threads will be closed if no response after 5 days

  5. #15
    Junior Member
    Join Date
    May 2013
    Posts
    18

    Default

    Hi. Here are the news log files.




    RKReport.txt

    RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files...3-roguekiller/
    Website : http://tigzy.geekstogo.com/roguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Sundhar [Admin rights]
    Mode : Scan -- Date : 06/01/2013 12:26:09
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\Windows\system32\drivers\etc\hosts

    ’ž1

    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: Hitachi HTS543232A7A384 +++++
    --- User ---
    [MBR] 9d8b5e79b9be8e10e0a7a81af670be43
    [BSP] 61182d56c6f82882d08c53cb6ab2c91e : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 2117 Mo
    1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 4339712 | Size: 303125 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[1]_S_06012013_02d1226.txt >>
    RKreport[1]_S_06012013_02d1226.txt




    ComboFix.txt

    ComboFix 13-05-31.02 - Sundhar 01-06-2013 12:31:33.1.4 - x64
    Microsoft Windows 7 Professional 6.1.7601.1.1252.358.1033.18.4009.1749 [GMT 3:00]
    Sijainti: c:\users\Sundhar\Desktop\ComboFix.exe
    AV: Kaspersky Internet Security *Disabled/Outdated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
    FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
    SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\ntuser.dat
    c:\programdata\Roaming
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\_ctypes.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\_elementtree.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\_hashlib.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\_multiprocessing.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\_socket.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\_ssl.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\pyexpat.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\pysqlite2._sqlite.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\python27.dll
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\pythoncom27.dll
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\PyWinTypes27.dll
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\select.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\unicodedata.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32api.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32com.shell.shell.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32crypt.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32event.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32file.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32inet.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32pdh.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32process.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32profile.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32security.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32ts.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\windows._cacheinvalidation.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wx._controls_.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wx._core_.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wx._gdi_.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wx._html2.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wx._misc_.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wx._windows_.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wx._wizard.pyd
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wxbase294u_net_vc90.dll
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wxbase294u_vc90.dll
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wxmsw294u_adv_vc90.dll
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wxmsw294u_core_vc90.dll
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wxmsw294u_html_vc90.dll
    c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wxmsw294u_webview_vc90.dll
    c:\users\Sundhar\AppData\Roaming\system32
    c:\windows\SysWow64\DEBUG.log
    c:\windows\SysWow64\drivers\10CF_FUJITSU_FTS_LIFEBOOK AH531 GFO_PI_FUJITSU_FJNBB10_Default System BIOS_FUJ - 1_1.19_Intel(R) HD Graphics Family_NVIDIA GeForce GT 525M .MRK
    c:\windows\SysWow64\muzapp.exe
    .
    .
    ((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2013-05-01 to 2013-06-01 )))))))))))))))))
    .
    .
    2013-06-01 09:48 . 2013-06-01 09:48 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
    2013-06-01 08:53 . 2013-06-01 08:53 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2013-05-31 21:35 . 2013-05-31 21:35 -------- d-----w- c:\program files\Microsoft Silverlight
    2013-05-31 21:35 . 2013-05-31 21:35 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
    2013-05-31 19:17 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
    2013-05-31 19:17 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
    2013-05-31 19:17 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
    2013-05-31 19:15 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
    2013-05-31 18:46 . 2013-05-31 18:46 -------- d-----w- c:\program files (x86)\Microsoft SkyDrive
    2013-05-31 18:46 . 2013-06-01 09:28 -------- d-----r- c:\users\Sundhar\SkyDrive
    2013-05-31 18:45 . 2013-05-31 18:45 -------- d-----w- c:\programdata\Microsoft SkyDrive
    2013-05-31 17:43 . 2013-05-31 17:43 -------- d-----w- c:\windows\system32\ms-MY
    2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\pl-PL
    2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\zh-CN
    2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\ja-JP
    2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\pt-BR
    2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\pt-PT
    2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\nl-NL
    2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\it-IT
    2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\de-DE
    2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\fr-FR
    2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\es-ES
    2013-05-31 17:40 . 2013-05-31 17:42 -------- d-----w- c:\program files\Zune
    2013-05-31 16:09 . 2013-05-31 16:09 -------- d-----w- C:\_OTL
    2013-05-31 16:05 . 2013-05-31 16:05 121 ----a-w- c:\windows\DeleteOnReboot.bat
    2013-05-30 13:34 . 2013-05-30 13:34 -------- d-----w- c:\program files (x86)\Performance Trends
    2013-05-26 02:42 . 2013-05-26 02:42 -------- d-----w- c:\programdata\Age of Empires 3
    2013-05-26 02:38 . 2006-11-21 17:48 203576 ------w- c:\program files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe
    2013-05-26 02:35 . 2013-05-26 02:38 -------- d-----w- c:\program files (x86)\Common Files\Microsoft Games
    2013-05-26 02:35 . 2006-08-30 22:03 34304 ------w- c:\program files (x86)\Microsoft Games\Age of Empires III\SetupENU2.dll
    2013-05-24 12:48 . 2013-05-26 13:53 -------- d-----w- c:\users\Sundhar\AppData\Roaming\Octoshape
    2013-05-24 00:30 . 2013-05-24 00:30 -------- d-----w- c:\program files (x86)\CricketAcademyBeta
    2013-05-21 21:53 . 2013-05-21 21:53 -------- d-----w- C:\TDSSKiller_Quarantine
    2013-05-21 19:14 . 2013-05-21 19:14 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
    2013-05-21 18:53 . 2012-07-11 14:09 64856 ----a-w- c:\windows\system32\klfphc.dll
    2013-05-21 18:52 . 2013-05-21 18:52 -------- dc----w- c:\windows\system32\DRVSTORE
    2013-05-21 18:52 . 2011-06-02 11:39 84536 ----a-w- c:\windows\system32\drivers\CSCrySec.sys
    2013-05-21 18:52 . 2011-06-02 11:39 66616 ----a-w- c:\windows\system32\drivers\CSVirtualDiskDrv.sys
    2013-05-21 18:52 . 2013-05-21 18:52 -------- d-----w- c:\windows\ELAMBKUP
    2013-05-21 18:52 . 2013-05-21 18:52 -------- d-----w- c:\program files (x86)\Common Files\InfoWatch
    2013-05-19 12:49 . 2013-05-19 12:49 -------- d-----w- c:\users\Sundhar\AppData\Roaming\PDAppFlex
    2013-05-19 12:35 . 2013-05-19 12:35 -------- d-----w- c:\users\Sundhar\AppData\Roaming\SolidDocuments
    2013-05-19 12:33 . 2013-05-19 12:33 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
    2013-05-19 12:22 . 2013-05-19 12:22 -------- d-----w- c:\users\Sundhar\AppData\Roaming\YCanPDF
    2013-05-19 12:16 . 2013-05-19 12:16 -------- d-----w- c:\users\Sundhar\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
    2013-05-13 09:19 . 2013-04-18 10:09 37344 ----a-w- c:\windows\SysWow64\FsUsbExDisk.Sys
    2013-05-13 09:19 . 2013-04-18 10:09 233472 ----a-w- c:\windows\SysWow64\FsUsbExService.Exe
    2013-05-13 09:19 . 2012-08-28 07:05 110592 ----a-w- c:\windows\SysWow64\FsUsbExDevice.Dll
    2013-05-11 16:14 . 2013-05-11 16:14 -------- d-----w- c:\program files (x86)\Total Video Converter
    2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
    2013-05-10 22:20 . 2013-05-10 22:20 -------- d-----w- c:\users\Sundhar\AppData\Roaming\DassaultSystemes
    2013-05-10 22:20 . 2013-05-10 22:20 -------- d-----w- c:\users\Sundhar\AppData\Local\DassaultSystemes
    2013-05-10 22:20 . 2013-05-10 22:20 -------- d-----w- c:\programdata\DassaultSystemes
    2013-05-02 16:24 . 2012-12-11 09:12 441104 ----a-w- c:\windows\system32\HMIPCore64.dll
    2013-05-02 16:23 . 2012-12-11 09:12 342288 ----a-w- c:\windows\SysWow64\HMIPCore.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-05-18 06:52 . 2010-06-24 18:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2013-05-15 12:31 . 2012-08-15 07:16 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-05-15 12:31 . 2012-08-15 07:16 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2013-05-15 12:31 . 2013-03-12 19:31 17613192 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
    2013-05-03 13:15 . 2012-08-21 15:33 75016696 ----a-w- c:\windows\system32\MRT.exe
    2013-04-13 05:49 . 2013-05-31 19:16 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
    2013-04-13 05:49 . 2013-05-31 19:16 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
    2013-04-13 05:49 . 2013-05-31 19:16 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
    2013-04-13 05:49 . 2013-05-31 19:16 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
    2013-04-13 04:45 . 2013-05-31 19:16 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
    2013-04-13 04:45 . 2013-05-31 19:16 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
    2013-04-04 02:35 . 2013-04-25 14:46 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2013-03-23 01:09 . 2013-03-23 01:09 354656 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
    2013-03-16 06:30 . 2013-03-16 06:30 4546560 ----a-w- c:\windows\SysWow64\GPhotos.scr
    2013-03-14 09:41 . 2013-03-14 09:44 10752 ----a-w- c:\windows\system32\E_GCINST.DLL
    2013-03-14 09:41 . 2013-03-14 09:43 83968 ----a-w- c:\windows\system32\E_ID4BHAE.DLL
    2013-03-14 09:41 . 2013-03-14 09:43 120320 ----a-w- c:\windows\system32\E_ILMHAE.DLL
    2013-03-11 08:59 . 2012-11-06 18:05 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
    2013-03-11 08:59 . 2012-11-06 18:05 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
    .
    .
    (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2013-05-31 18:45 222808 ----a-w- c:\users\Sundhar\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2013-05-31 18:45 222808 ----a-w- c:\users\Sundhar\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2013-05-31 18:45 222808 ----a-w- c:\users\Sundhar\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:\users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:\users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:\users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
    @="{dd230880-495a-11d1-b064-008048ec2fc5}"
    [HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
    2012-12-20 15:20 459784 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-04-19 18678376]
    "Microsoft Office Outlook"="c:\progra~2\MICROS~3\Office12\OUTLOOK.EXE" [2012-10-20 13007440]
    "GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-04-16 19662744]
    "SmartVoip"="c:\program files (x86)\SmartVoip.com\SmartVoip\SmartVoip.exe" [2013-04-02 19204416]
    "SkyDrive"="c:\users\Sundhar\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2013-05-31 256600]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2010-09-30 48752]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
    .
    c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    LaunchCenter.lnk - c:\program files\Fujitsu\LaunchCenter\LaunchCenter.exe [2011-4-12 375296]
    .
    c:\users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
    .
    c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    LaunchCenter.lnk - c:\program files\Fujitsu\LaunchCenter\LaunchCenter.exe [2011-4-12 375296]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux7"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
    "UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
    "DeskUpdateNotifier"="c:\fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe"
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
    "KiesTrayAgent"=c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe
    "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    "YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCam.exe" /s
    "YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe"
    "InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
    "EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe"
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
    R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
    R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [2011-03-08 46592]
    R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
    R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS [2013-04-18 37344]
    R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-03-24 34200]
    R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 340240]
    R3 SRS_AE_Service;SRS Audio;c:\windows\system32\drivers\SRS_AE_amd64.sys [2012-06-21 549704]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-15 1255736]
    R4 NIApplicationWebServer64;NI Application Web Server (64-bit);c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
    S0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\DRIVERS\CSCrySec.sys [2011-06-02 84536]
    S0 FBIOSDRV;Fujitsu BIOS Driver;c:\windows\System32\Drivers\FBIOSDRV.sys [2009-06-24 21104]
    S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-02 30056]
    S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-11-08 30568]
    S1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\DRIVERS\CSVirtualDiskDrv.sys [2011-06-02 66616]
    S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 29488]
    S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [2012-10-18 54104]
    S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [2012-08-13 178008]
    S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
    S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
    S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
    S2 CSObjectsSrv;CryptoStorage control service;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2012-12-21 819040]
    S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE [2012-05-16 69640]
    S2 PFNService;PFNService;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe [2010-10-07 331776]
    S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe [2010-06-17 63336]
    S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-12-08 2028864]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
    S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
    S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
    S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2012-02-16 31216]
    S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\FUJ02E3.sys [2006-11-01 7296]
    S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-22 59904]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
    S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-03-24 25496]
    S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [2012-09-03 29016]
    S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2012-09-03 29528]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-05-07 245792]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776]
    S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2013-05-24 17:16 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe
    .
    'Ajoitetut tehtävät'-kansion sisältö
    .
    2013-06-01 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 12:31]
    .
    2013-05-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001Core.job
    - c:\users\Sundhar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-16 19:42]
    .
    2013-06-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001UA.job
    - c:\users\Sundhar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-16 19:42]
    .
    2013-06-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-16 19:28]
    .
    2013-06-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-16 19:28]
    .
    2013-06-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001Core.job
    - c:\users\Sundhar\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-20 16:33]
    .
    2013-06-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001UA.job
    - c:\users\Sundhar\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-20 16:33]
    .
    2013-06-01 c:\windows\Tasks\MATLAB R2011b Startup Accelerator.job
    - c:\program files\MATLAB\R2011b\bin\win64\MATLABStartupAccelerator.exe [2012-06-11 14:34]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2013-05-31 18:45 261704 ----a-w- c:\users\Sundhar\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2013-05-31 18:45 261704 ----a-w- c:\users\Sundhar\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2013-05-31 18:45 261704 ----a-w- c:\users\Sundhar\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 ----a-w- c:\users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 ----a-w- c:\users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 ----a-w- c:\users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 ----a-w- c:\users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
    2013-04-16 13:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
    2013-04-16 13:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
    2013-04-16 13:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
    2013-04-16 13:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
    @="{dd230880-495a-11d1-b064-008048ec2fc5}"
    [HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
    2012-12-20 15:22 492040 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "snp2uvc"="c:\windows\vsnp2uvc.exe" [2009-08-13 662016]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-07 11663464]
    "PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2010-11-13 199528]
    "PfNet"="c:\program files\Fujitsu\Plugfree NETWORK\PfNet.exe" [2010-10-07 6311424]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-20 416024]
    "LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2010-07-16 162416]
    "LoadFUJ02E3"="c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe" [2010-06-08 45680]
    "LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2010-07-09 21616]
    "IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-01-05 1933584]
    "FDM7"="c:\program files\Fujitsu\FDM7\FdmDaemon.exe" [2009-11-26 164712]
    "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
    "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=c:\windows\System32\nvinitx.dll
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
    FontCache
    .
    ------- Täydentävä tarkistus -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
    TCP: DhcpNameServer = 192.168.2.1
    FF - ProfilePath -
    .
    - - - - POISTETUT JÄMÄRIVIT - - - -
    .
    Toolbar-Locked - (no file)
    SafeBoot-18173901.sys
    SafeBoot-56669000.sys
    HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
    Toolbar-Locked - (no file)
    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
    AddRemove-TorrentStream - c:\users\Sundhar\AppData\Roaming\TorrentStream\Uninstall.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BFE]
    "ImagePath"="."
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc]
    "ImagePath"="."
    .
    --------------------- LUKITUT REKISTERIAVAIMET ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
    @="?????????????????? v1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
    @="?????????????????? v2"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Muut prosessit ------------------------
    .
    c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
    c:\program files (x86)\Bonjour\mDNSResponder.exe
    c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    .
    **************************************************************************
    .
    Valmistumisajankohta: 2013-06-01 13:02:24 - kone käynnistettiin uudelleen
    ComboFix-quarantined-files.txt 2013-06-01 10:02
    .
    Ennen ajoa: 27,694,460,928 bytes free
    Ajon jälkeen: 27,913,506,816 bytes free
    .
    - - End Of File - - 28CCED48AEBC74BA9D37A55E11D57288




    BR,
    SS

  6. #16
    Malware Team-Emeritus
    Join Date
    Sep 2012
    Location
    Florida, USA
    Posts
    1,161

    Default

    Hi anton_ego,

    1. Re-run OTL (it should be located on your desktop).

    Windows Vista and Windows 7 & 8 users Right Click and select "Run as Administrator" on the icon to run it.
    • Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Uncheck the boxes beside LOP Check and Purity Check.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open one notepad window. OTL.Txt. (No Extras.txt will be produced)
      Note:The log can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
    • Please copy (Edit->Select All, Edit->Copy) the contents of the file, and post it with your next reply.

    =========================

    In your next post please provide the following:

    • OTL.txt
    • How is the computer running?
    OCD
    ----------
    Graduate of WTT Classroom
    Member of UNITE

    Threads will be closed if no response after 5 days

  7. #17
    Junior Member
    Join Date
    May 2013
    Posts
    18

    Default

    Hi OCD,

    Here is the new OTL log file.

    OTL.txt

    OTL logfile created on: 02-06-2013 10:51:32 - Run 3
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sundhar\Downloads
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16576)
    Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy

    3.91 Gb Total Physical Memory | 2.48 Gb Available Physical Memory | 63.38% Memory free
    7.83 Gb Paging File | 6.05 Gb Available in Paging File | 77.27% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 120.00 Gb Total Space | 25.32 Gb Free Space | 21.10% Space Free | Partition Type: NTFS
    Drive D: | 157.46 Gb Total Space | 55.21 Gb Free Space | 35.06% Space Free | Partition Type: NTFS
    Drive F: | 1.02 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

    Computer Name: SUNDHAR-PC | User Name: Sundhar | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Sundhar\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    PRC - C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    PRC - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
    PRC - C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
    PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
    PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
    PRC - C:\Windows\vsnp2uvc.exe (Sonix)
    PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)


    ========== Modules (No Company Name) ==========


    ========== Services (SafeList) ==========

    SRV:64bit: - (NIApplicationWebServer64) -- C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe File not found
    SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
    SRV:64bit: - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
    SRV:64bit: - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
    SRV:64bit: - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
    SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
    SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
    SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
    SRV:64bit: - (PFNService) -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe (FUJITSU LIMITED)
    SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
    SRV:64bit: - (PowerSavingUtilityService) -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe (FUJITSU LIMITED)
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
    SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
    SRV - (CSObjectsSrv) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
    SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
    SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
    SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
    SRV - (nlsX86cc) -- C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
    SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software)
    SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
    SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
    SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
    SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
    SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
    SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
    SRV - (AffinegyService) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
    DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
    DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab)
    DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
    DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
    DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab)
    DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (Power Software Ltd)
    DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab)
    DRV:64bit: - (SRS_AE_Service) -- C:\Windows\SysNative\drivers\SRS_AE_amd64.sys ()
    DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
    DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
    DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
    DRV:64bit: - (CSCrySec) -- C:\Windows\SysNative\drivers\CSCrySec.sys (Infowatch)
    DRV:64bit: - (CSVirtualDiskDrv) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys (Infowatch)
    DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
    DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
    DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
    DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
    DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
    DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
    DRV:64bit: - (btmaudio) -- C:\Windows\SysNative\drivers\btmaud.sys (Intel Corporation)
    DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
    DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
    DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
    DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
    DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
    DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
    DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
    DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
    DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
    DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (FBIOSDRV) -- C:\Windows\SysNative\drivers\FBIOSDRV.sys (FUJITSU LIMITED)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (FUJ02E3) -- C:\Windows\SysNative\drivers\fuj02e3.sys (FUJITSU LIMITED)
    DRV:64bit: - (FUJ02B1) -- C:\Windows\SysNative\drivers\fuj02b1.sys (FUJITSU LIMITED)
    DRV - (FsUsbExDisk) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys ()
    DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software)
    DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
    IE:64bit: - HKLM\..\SearchScopes\{8BF7586B-60A1-4118-920A-5B08B92E1F4F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\URLSearchHook: - No CLSID value found
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{8BF7586B-60A1-4118-920A-5B08B92E1F4F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.com/ig/redirectd [Binary data over 200 bytes]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKCU\..\URLSearchHook: - No CLSID value found
    IE - HKCU\..\SearchScopes,DefaultScope =
    IE - HKCU\..\SearchScopes\{8BF7586B-60A1-4118-920A-5B08B92E1F4F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG_enNO487
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Sundhar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Sundhar\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Sundhar\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Sundhar\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sundhar\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sundhar\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=2.0.8.2: C:\Users\Sundhar\AppData\Roaming\TorrentStream\player\npts_plugin.dll File not found
    FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Sundhar\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-05-13 13:06:49 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013-05-21 21:52:52 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013-05-21 21:52:53 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013-05-21 21:52:30 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013-05-21 21:52:29 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013-05-21 21:52:38 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org: C:\Users\Sundhar\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org

    [2013-01-15 19:59:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Extensions
    [2013-03-05 10:26:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Firefox\C\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions
    [2013-03-05 10:26:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Firefox\C\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions\staged
    [2013-05-29 20:55:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions
    [2013-05-29 20:55:58 | 000,000,000 | ---D | M] (Youtube High Definition) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}
    [2013-05-22 01:23:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2013-05-22 01:23:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll
    CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
    CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
    CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
    CHR - plugin: National Instruments LabVIEW 2010 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2010win32.dll
    CHR - plugin: National Instruments LabVIEW 9.0 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nplv90win32.dll
    CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
    CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
    CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
    CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll
    CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Program Files (x86)\TVUPlayer\npTVUAx.dll
    CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Sundhar\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
    CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
    CHR - Extension: Google Docs = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google Drive = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: YouTube = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Facebook = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
    CHR - Extension: Adblock Plus = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\
    CHR - Extension: Google Search = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: Kaspersky URL Advisor = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_0\
    CHR - Extension: ESPN Cricinfo = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlklinjgampohhihndkofhhaahoicoip\1.0.0_0\
    CHR - Extension: Safe Money = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0\
    CHR - Extension: SimilarWeb = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp\2.0.0.4_0\
    CHR - Extension: Virtual Keyboard = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.558_0\
    CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
    CHR - Extension: Gmail = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
    CHR - Extension: Anti-Banner = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0\

    O1 HOSTS File: ([2013-06-01 12:50:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
    O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
    O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
    O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
    O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
    O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
    O3 - HKLM\..\Toolbar: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
    O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
    O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [PfNet] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
    O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
    O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
    O4 - HKCU..\Run: [SkyDrive] C:\Users\Sundhar\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [SmartVoip] C:\Program Files (x86)\SmartVoip.com\SmartVoip\SmartVoip.exe (SmartVoip)
    O4 - Startup: C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
    O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
    O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
    O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07C82958-E9E2-440A-AF17-3FB93F560E1B}: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA4A2F12-02C0-47B3-A2A7-144E72F460D6}: DhcpNameServer = 192.168.2.1
    O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
    O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013-06-01 12:50:33 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
    [2013-06-01 12:48:03 | 000,000,000 | ---D | C] -- C:\Windows\temp
    [2013-06-01 12:28:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2013-06-01 12:28:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2013-06-01 12:28:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2013-06-01 12:28:44 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2013-06-01 12:28:19 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
    [2013-06-01 12:26:51 | 005,076,038 | R--- | C] (Swearware) -- C:\Users\Sundhar\Desktop\ComboFix.exe
    [2013-06-01 11:55:08 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
    [2013-06-01 11:55:08 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
    [2013-06-01 11:55:08 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
    [2013-06-01 11:55:08 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
    [2013-06-01 11:55:08 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
    [2013-06-01 11:55:08 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
    [2013-06-01 11:55:08 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
    [2013-06-01 11:55:08 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
    [2013-06-01 11:55:08 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    [2013-06-01 11:55:07 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2013-06-01 11:55:07 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2013-06-01 11:55:07 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2013-06-01 11:55:07 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
    [2013-06-01 11:55:07 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
    [2013-06-01 11:55:07 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
    [2013-06-01 11:55:07 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
    [2013-06-01 11:55:07 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2013-06-01 11:55:07 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
    [2013-06-01 11:55:07 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
    [2013-06-01 11:55:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
    [2013-06-01 11:55:07 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
    [2013-06-01 11:55:06 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2013-06-01 11:55:06 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
    [2013-06-01 11:55:06 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2013-06-01 11:55:06 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
    [2013-06-01 11:55:06 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2013-06-01 11:55:06 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
    [2013-06-01 11:55:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
    [2013-06-01 11:55:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2013-06-01 11:55:06 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2013-06-01 11:55:06 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
    [2013-06-01 11:55:05 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
    [2013-06-01 11:55:04 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2013-06-01 11:55:04 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
    [2013-06-01 11:55:04 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
    [2013-06-01 11:55:04 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2013-06-01 11:55:04 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2013-06-01 11:55:04 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2013-06-01 11:55:04 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
    [2013-06-01 11:55:04 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
    [2013-06-01 11:55:04 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
    [2013-06-01 11:55:04 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
    [2013-06-01 11:55:04 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
    [2013-06-01 11:55:04 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
    [2013-06-01 11:55:04 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
    [2013-06-01 11:55:04 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
    [2013-06-01 11:55:04 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
    [2013-06-01 11:55:04 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2013-06-01 11:55:04 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
    [2013-06-01 11:55:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2013-06-01 11:55:04 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2013-06-01 11:55:04 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2013-06-01 11:55:04 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
    [2013-06-01 11:55:03 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2013-06-01 11:55:03 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2013-06-01 11:55:03 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2013-06-01 11:55:03 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2013-06-01 11:55:03 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
    [2013-06-01 11:55:03 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
    [2013-06-01 11:55:03 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
    [2013-06-01 11:55:03 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
    [2013-06-01 11:55:03 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
    [2013-06-01 11:55:03 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
    [2013-06-01 11:55:03 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
    [2013-06-01 11:55:03 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
    [2013-06-01 11:55:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
    [2013-06-01 11:55:03 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
    [2013-06-01 11:55:03 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
    [2013-06-01 11:53:49 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
    [2013-06-01 11:53:49 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
    [2013-06-01 11:53:49 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
    [2013-06-01 11:53:49 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
    [2013-06-01 11:53:49 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
    [2013-06-01 11:53:49 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
    [2013-06-01 11:53:49 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
    [2013-06-01 11:53:49 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
    [2013-06-01 11:53:49 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
    [2013-06-01 11:53:49 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
    [2013-06-01 11:53:49 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
    [2013-06-01 11:53:49 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
    [2013-06-01 11:53:49 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
    [2013-06-01 11:53:49 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
    [2013-06-01 11:53:49 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
    [2013-06-01 11:53:49 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
    [2013-06-01 11:53:49 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
    [2013-06-01 11:53:49 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
    [2013-06-01 11:53:49 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
    [2013-06-01 11:53:49 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
    [2013-06-01 11:53:49 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
    [2013-06-01 11:53:49 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
    [2013-06-01 11:53:49 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
    [2013-06-01 11:53:49 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    [2013-06-01 11:53:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    [2013-06-01 11:53:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
    [2013-06-01 11:53:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
    [2013-06-01 11:53:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
    [2013-06-01 11:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

    To be contd..

  8. #18
    Junior Member
    Join Date
    May 2013
    Posts
    18

    Default

    Contd from above..

    [2013-06-01 00:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
    [2013-06-01 00:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
    [2013-05-31 22:17:01 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
    [2013-05-31 22:17:01 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
    [2013-05-31 22:16:54 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
    [2013-05-31 22:16:53 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
    [2013-05-31 22:16:53 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
    [2013-05-31 22:16:53 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
    [2013-05-31 22:16:53 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
    [2013-05-31 22:16:53 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
    [2013-05-31 22:16:08 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
    [2013-05-31 22:16:07 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
    [2013-05-31 22:16:07 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
    [2013-05-31 22:16:07 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
    [2013-05-31 22:15:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
    [2013-05-31 22:15:29 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
    [2013-05-31 22:15:24 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
    [2013-05-31 22:15:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
    [2013-05-31 22:15:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
    [2013-05-31 22:15:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
    [2013-05-31 22:15:23 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
    [2013-05-31 22:15:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
    [2013-05-31 22:15:19 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
    [2013-05-31 22:15:02 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
    [2013-05-31 22:15:02 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
    [2013-05-31 22:15:01 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
    [2013-05-31 22:15:01 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
    [2013-05-31 22:15:00 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
    [2013-05-31 22:15:00 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
    [2013-05-31 21:46:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
    [2013-05-31 21:46:01 | 000,000,000 | R--D | C] -- C:\Users\Sundhar\SkyDrive
    [2013-05-31 21:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
    [2013-05-31 20:43:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ms-MY
    [2013-05-31 20:42:16 | 000,000,000 | R--D | C] -- C:\Users\Sundhar\Podcasts
    [2013-05-31 20:42:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
    [2013-05-31 20:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
    [2013-05-31 20:40:35 | 000,000,000 | ---D | C] -- C:\Program Files\Zune
    [2013-05-31 20:11:03 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\{C7DF535E-9E69-4C15-89E9-8CCAAF66E1F8}
    [2013-05-31 19:09:02 | 000,000,000 | ---D | C] -- C:\_OTL
    [2013-05-30 16:34:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Performance Trends
    [2013-05-26 15:27:02 | 000,000,000 | ---D | C] -- C:\Windows\pss
    [2013-05-26 05:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3
    [2013-05-26 05:35:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
    [2013-05-24 15:48:45 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\Octoshape
    [2013-05-24 03:30:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CricketAcademyBeta
    [2013-05-24 03:30:09 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cricket Academy Beta
    [2013-05-23 16:49:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
    [2013-05-22 01:23:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2013-05-22 00:53:58 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
    [2013-05-21 22:14:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
    [2013-05-21 21:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
    [2013-05-21 21:53:14 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
    [2013-05-21 21:52:56 | 000,084,536 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSCrySec.sys
    [2013-05-21 21:52:56 | 000,066,616 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys
    [2013-05-21 21:52:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
    [2013-05-21 21:52:35 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
    [2013-05-21 21:52:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InfoWatch
    [2013-05-21 02:26:49 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\Desktop\rkill
    [2013-05-19 15:49:04 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\PDAppFlex
    [2013-05-19 15:35:37 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\SolidDocuments
    [2013-05-19 15:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
    [2013-05-19 15:22:02 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\YCanPDF
    [2013-05-19 15:16:13 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
    [2013-05-13 12:22:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
    [2013-05-13 12:21:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
    [2013-05-13 12:19:27 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe
    [2013-05-11 19:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Video Converter
    [2013-05-11 19:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Total Video Converter
    [2013-05-11 19:14:10 | 015,728,768 | ---- | C] (EffectMatrix Inc. ) -- C:\Users\Sundhar\Desktop\tvc.exe
    [2013-05-11 01:20:41 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\DassaultSystemes
    [2013-05-11 01:20:41 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\DassaultSystemes
    [2013-05-11 01:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\DassaultSystemes
    [2013-05-07 20:28:49 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\{FFEB5070-73C9-48F6-941F-7530CDDEBC5A}
    [2013-05-06 15:35:56 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\{E3CCEAA2-634D-482E-AC1D-4CA24CBFE149}

    ========== Files - Modified Within 30 Days ==========

    [2013-06-02 10:54:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001UA.job
    [2013-06-02 10:47:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001UA.job
    [2013-06-02 10:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013-06-02 10:16:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013-06-02 10:09:40 | 000,000,550 | ---- | M] () -- C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job
    [2013-06-02 10:08:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013-06-02 00:51:07 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001Core.job
    [2013-06-01 13:11:33 | 000,020,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013-06-01 13:11:33 | 000,020,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013-06-01 13:04:45 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013-06-01 13:03:56 | 3152,506,880 | -HS- | M] () -- C:\hiberfil.sys
    [2013-06-01 12:50:31 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2013-06-01 12:27:05 | 005,076,038 | R--- | M] (Swearware) -- C:\Users\Sundhar\Desktop\ComboFix.exe
    [2013-06-01 12:10:45 | 002,350,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013-06-01 11:55:08 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
    [2013-06-01 11:55:08 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
    [2013-06-01 11:55:08 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
    [2013-06-01 11:55:08 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
    [2013-06-01 11:55:08 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
    [2013-06-01 11:55:08 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
    [2013-06-01 11:55:08 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
    [2013-06-01 11:55:08 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
    [2013-06-01 11:55:08 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2013-06-01 11:55:08 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    [2013-06-01 11:55:07 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2013-06-01 11:55:07 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2013-06-01 11:55:07 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2013-06-01 11:55:07 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
    [2013-06-01 11:55:07 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
    [2013-06-01 11:55:07 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
    [2013-06-01 11:55:07 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
    [2013-06-01 11:55:07 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
    [2013-06-01 11:55:07 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
    [2013-06-01 11:55:07 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
    [2013-06-01 11:55:07 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
    [2013-06-01 11:55:06 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2013-06-01 11:55:06 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
    [2013-06-01 11:55:06 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2013-06-01 11:55:06 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
    [2013-06-01 11:55:06 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2013-06-01 11:55:06 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
    [2013-06-01 11:55:06 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
    [2013-06-01 11:55:06 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2013-06-01 11:55:06 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2013-06-01 11:55:06 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
    [2013-06-01 11:55:06 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
    [2013-06-01 11:55:05 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
    [2013-06-01 11:55:04 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2013-06-01 11:55:04 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
    [2013-06-01 11:55:04 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
    [2013-06-01 11:55:04 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2013-06-01 11:55:04 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2013-06-01 11:55:04 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2013-06-01 11:55:04 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
    [2013-06-01 11:55:04 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
    [2013-06-01 11:55:04 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
    [2013-06-01 11:55:04 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
    [2013-06-01 11:55:04 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
    [2013-06-01 11:55:04 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
    [2013-06-01 11:55:04 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
    [2013-06-01 11:55:04 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
    [2013-06-01 11:55:04 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
    [2013-06-01 11:55:04 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2013-06-01 11:55:04 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
    [2013-06-01 11:55:04 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2013-06-01 11:55:04 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2013-06-01 11:55:04 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2013-06-01 11:55:04 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
    [2013-06-01 11:55:04 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
    [2013-06-01 11:55:03 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2013-06-01 11:55:03 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2013-06-01 11:55:03 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2013-06-01 11:55:03 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2013-06-01 11:55:03 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
    [2013-06-01 11:55:03 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
    [2013-06-01 11:55:03 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
    [2013-06-01 11:55:03 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
    [2013-06-01 11:55:03 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
    [2013-06-01 11:55:03 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
    [2013-06-01 11:55:03 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
    [2013-06-01 11:55:03 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
    [2013-06-01 11:55:03 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
    [2013-06-01 11:55:03 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
    [2013-06-01 11:55:03 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
    [2013-06-01 11:54:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001Core.job
    [2013-06-01 11:53:49 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
    [2013-06-01 11:53:49 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
    [2013-06-01 11:53:49 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
    [2013-06-01 11:53:49 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
    [2013-06-01 11:53:49 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
    [2013-06-01 11:53:49 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
    [2013-06-01 11:53:49 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
    [2013-06-01 11:53:49 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
    [2013-06-01 11:53:49 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
    [2013-06-01 11:53:49 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
    [2013-06-01 11:53:49 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
    [2013-06-01 11:53:49 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
    [2013-06-01 11:53:49 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
    [2013-06-01 11:53:49 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
    [2013-06-01 11:53:49 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
    [2013-06-01 11:53:49 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
    [2013-06-01 11:53:49 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
    [2013-06-01 11:53:49 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
    [2013-06-01 11:53:49 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
    [2013-06-01 11:53:49 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
    [2013-06-01 11:53:49 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
    [2013-06-01 11:53:49 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
    [2013-06-01 11:53:49 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
    [2013-06-01 11:53:49 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    [2013-06-01 11:53:49 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    [2013-06-01 11:53:49 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
    [2013-06-01 11:53:49 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
    [2013-06-01 11:53:49 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
    [2013-06-01 11:53:49 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
    [2013-06-01 11:50:30 | 000,788,988 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013-06-01 11:50:30 | 000,655,090 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013-06-01 11:50:30 | 000,121,962 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013-05-31 20:43:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
    [2013-05-31 20:43:02 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
    [2013-05-31 20:40:38 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Zune.lnk
    [2013-05-31 19:05:11 | 000,000,121 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
    [2013-05-26 15:34:17 | 000,002,161 | ---- | M] () -- C:\Users\Public\Desktop\Rise of Nations Gold.lnk
    [2013-05-26 05:32:01 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
    [2013-05-24 20:16:12 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2013-05-24 03:30:10 | 000,001,147 | ---- | M] () -- C:\Users\Sundhar\Desktop\Cricket Academy Beta.lnk
    [2013-05-23 16:50:18 | 000,001,711 | ---- | M] () -- C:\Users\Sundhar\Desktop\Google Drive.lnk
    [2013-05-22 01:45:25 | 000,000,189 | ---- | M] () -- C:\Users\Sundhar\Desktop\register.bat
    [2013-05-20 06:59:25 | 000,009,910 | ---- | M] () -- C:\Users\Sundhar\Documents\MEC-3050-56_Tentti31102012.pdf
    [2013-05-15 15:31:11 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2013-05-15 15:31:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2013-05-15 15:31:06 | 017,613,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    [2013-05-13 12:20:31 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
    [2013-05-11 19:14:30 | 000,001,018 | ---- | M] () -- C:\Users\Sundhar\Desktop\Total Video Converter.lnk
    [2013-05-11 19:14:30 | 000,000,987 | ---- | M] () -- C:\Users\Sundhar\Desktop\Total Video Player.lnk
    [2013-05-11 19:14:14 | 015,728,768 | ---- | M] (EffectMatrix Inc. ) -- C:\Users\Sundhar\Desktop\tvc.exe
    [2013-05-11 01:13:25 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk

    ========== Files Created - No Company Name ==========

    [2013-06-01 12:28:56 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2013-06-01 12:28:56 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2013-06-01 12:28:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2013-06-01 12:28:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2013-06-01 12:28:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2013-06-01 11:55:06 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
    [2013-06-01 11:55:04 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
    [2013-05-31 21:46:01 | 000,002,176 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
    [2013-05-31 20:43:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
    [2013-05-31 20:43:02 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
    [2013-05-31 20:40:38 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Zune.lnk
    [2013-05-31 19:05:03 | 000,000,121 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
    [2013-05-26 17:32:01 | 000,001,061 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    [2013-05-26 15:34:17 | 000,002,161 | ---- | C] () -- C:\Users\Public\Desktop\Rise of Nations Gold.lnk
    [2013-05-26 05:32:01 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
    [2013-05-24 03:30:10 | 000,001,147 | ---- | C] () -- C:\Users\Sundhar\Desktop\Cricket Academy Beta.lnk
    [2013-05-23 16:50:18 | 000,001,711 | ---- | C] () -- C:\Users\Sundhar\Desktop\Google Drive.lnk
    [2013-05-22 01:45:25 | 000,000,189 | ---- | C] () -- C:\Users\Sundhar\Desktop\register.bat
    [2013-05-20 06:59:16 | 000,009,910 | ---- | C] () -- C:\Users\Sundhar\Documents\MEC-3050-56_Tentti31102012.pdf
    [2013-05-13 12:20:31 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
    [2013-05-13 12:19:27 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
    [2013-05-13 12:19:27 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
    [2013-05-11 19:14:30 | 000,001,018 | ---- | C] () -- C:\Users\Sundhar\Desktop\Total Video Converter.lnk
    [2013-05-11 19:14:30 | 000,000,987 | ---- | C] () -- C:\Users\Sundhar\Desktop\Total Video Player.lnk
    [2013-05-11 01:13:25 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
    [2013-05-11 01:13:24 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    [2013-05-02 19:23:36 | 000,003,912 | ---- | C] () -- C:\Windows\SysWow64\HideMyIpSRV.ini
    [2013-05-02 19:23:36 | 000,002,096 | ---- | C] () -- C:\Windows\SysWow64\HideMyIpSRVOff.ini
    [2012-12-04 22:57:22 | 000,026,895 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Comma Separated Values (Windows).ADR
    [2012-08-28 10:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
    [2012-08-28 10:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
    [2012-08-28 10:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
    [2012-08-28 10:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
    [2012-08-28 10:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
    [2012-08-26 23:46:16 | 000,017,408 | ---- | C] () -- C:\Users\Sundhar\AppData\Local\WebpageIcons.db
    [2012-08-26 17:03:35 | 000,012,229 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Comma Separated Values (Windows).CAL
    [2012-08-26 13:21:37 | 000,097,792 | ---- | C] () -- C:\Windows\FunambolAddin.dll
    [2012-08-25 11:43:42 | 720,432,986 | ---- | C] () -- C:\Users\Sundhar\www.TamilRockers.net - Urumi (2012) Tamil - DVD-Rip - 1CD - Xvid - 700MB.avi
    [2012-08-21 23:14:15 | 000,020,480 | ---- | C] () -- C:\Windows\gettopdirloc.exe
    [2012-08-21 23:14:15 | 000,020,480 | ---- | C] () -- C:\Windows\getstopdirloc.exe
    [2012-08-21 23:14:15 | 000,020,480 | ---- | C] () -- C:\Windows\getruntime.exe
    [2012-08-21 23:14:15 | 000,016,384 | ---- | C] () -- C:\Windows\w9xpopen.exe
    [2012-06-11 02:04:45 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
    [2012-06-11 02:04:45 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
    [2012-06-11 02:04:45 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

    ========== ZeroAccess Check ==========

    [2009-07-14 07:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013-02-27 08:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 07:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 04:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 06:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 04:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences

    < End of report >




    Current response:

    The pop up ads are no more appearing in the most common websites I use. I hope it has permanently disappeared. Also the invisible region in the left-bottom side of browser has disappeared.

    Am I clear now?

    BR,
    SS

  9. #19
    Malware Team-Emeritus
    Join Date
    Sep 2012
    Location
    Florida, USA
    Posts
    1,161

    Default

    Hi anton_ego,

    1. Uninstall via Programs and Features

    Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:

    • TorrentStream

    =========================

    2. Disable Plug-in

    • At the top of the Firefox window, click on the Firefox button (Tools menu in Windows XP), and then click Add-ons. The Add-ons Manager tab will open.
    • In the Add-ons Manager tab, select the Extensions or Appearance panel.
    • Select the add-on you wish to disable.
      • TorrentStream
    • Click the Disable button.
    • Click Restart now if it pops up. Your tabs will be saved and restored after the restart.

    =========================

    3. Run OTL.exe

    Windows Vista and Windows 7 users Right Click and select "Run as Administrator"
    • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

      Code:
      :OTL
      FF - HKCU\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=2.0.8.2: C:\Users\Sundhar\AppData\Roaming\TorrentStream\player\npts_plugin.dll File not found
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org: C:\Users\Sundhar\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
      
      :Files
      C:\Users\Sundhar\AppData\Roaming\TorrentStream
      
      :Commands
      [purity]
      [createrestorepoint]
      [emptytemp]
      [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot when it is done

    =========================

    In your next post please provide the following:

    • OTL.txt
    • Any remaining issues?
    OCD
    ----------
    Graduate of WTT Classroom
    Member of UNITE

    Threads will be closed if no response after 5 days

  10. #20
    Junior Member
    Join Date
    May 2013
    Posts
    18

    Default

    Hi OCD.

    The new OTL file is attached here.




    OTL.txt

    All processes killed
    ========== OTL ==========
    Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=2.0.8.2\ deleted successfully.
    Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org deleted successfully.
    File C:\Users\Sundhar\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
    ========== FILES ==========
    File\Folder C:\Users\Sundhar\AppData\Roaming\TorrentStream not found.
    ========== COMMANDS ==========
    Restore point Set: OTL Restore Point

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Guest
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes
    ->FireFox cache emptied: 1412370 bytes
    ->Google Chrome cache emptied: 6600141 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    User: Sundhar
    ->Temp folder emptied: 721814 bytes
    ->Temporary Internet Files folder emptied: 11749936 bytes
    ->Java cache emptied: 0 bytes
    ->Google Chrome cache emptied: 349747551 bytes
    ->Flash cache emptied: 20547 bytes

    User: UpdatusUser
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 11166 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42321176 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 393.00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 06032013_113731

    Files\Folders moved on Reboot...
    C:\Users\Sundhar\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\Sundhar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{366D0227-3958-4876-BD0C-6E6CDDCDB20C}.tmp moved successfully.
    C:\Users\Sundhar\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...




    I think the system is behaving properly now. There are no more of those annoying ads popping up. Is that all or anything else to be done?

    BR,
    SS

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •