Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014 Ran by marian (administrator) on DELL on 25-06-2014 21:50:23 Running from C:\Users\marian\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\stacsv64.exe (AMD) C:\Windows\System32\atieclxx.exe (Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\MSK\msksrver.exe () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (IDT, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-13] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807600 2009-11-13] () HKU\S-1-5-21-3543806110-3392153129-2015654010-1001\...\Policies\Explorer\DisallowRun: [0] msseces.exe HKU\S-1-5-21-3543806110-3392153129-2015654010-1001\...\Policies\Explorer\DisallowRun: [1] MSASCui.exe HKU\S-1-5-21-3543806110-3392153129-2015654010-1001\...\Policies\Explorer\DisallowRun: [4] avgnt.exe HKU\S-1-5-21-3543806110-3392153129-2015654010-1001\...\Policies\Explorer\DisallowRun: [5] avcenter.exe HKU\S-1-5-21-3543806110-3392153129-2015654010-1001\...\Policies\Explorer\DisallowRun: [6] avscan.exe HKU\S-1-5-21-3543806110-3392153129-2015654010-1001\...\Policies\Explorer\DisallowRun: [7] avgfrw.exe HKU\S-1-5-21-3543806110-3392153129-2015654010-1001\...\Policies\Explorer\DisallowRun: [8] avgui.exe HKU\S-1-5-21-3543806110-3392153129-2015654010-1001\...\Policies\Explorer\DisallowRun: [9] avgtray.exe HKU\S-1-5-21-3543806110-3392153129-2015654010-1001\...\Policies\Explorer\DisallowRun: [10] avgscanx.exe HKU\S-1-5-21-3543806110-3392153129-2015654010-1001\...\Policies\Explorer\DisallowRun: [11] avgcfgex.exe HKU\S-1-5-21-3543806110-3392153129-2015654010-1001\...\Policies\Explorer\DisallowRun: [12] avgemc.exe HKU\S-1-5-21-3543806110-3392153129-2015654010-1001\...\Policies\Explorer\DisallowRun: [13] avgchsvx.exe HKU\S-1-5-21-3543806110-3392153129-2015654010-1001\...\Policies\Explorer\DisallowRun: [14] avgcmgr.exe HKU\S-1-5-21-3543806110-3392153129-2015654010-1001\...\Policies\Explorer\DisallowRun: [15] avgwdsvc.exe HKU\S-1-5-21-3543806110-3392153129-2015654010-1001\...\Policies\Explorer: [DisallowRun] 1 IFEO: [Debugger] svchost.exe IFEO\a.exe: [Debugger] svchost.exe IFEO\aAvgApi.exe: [Debugger] svchost.exe IFEO\AAWTray.exe: [Debugger] svchost.exe IFEO\About.exe: [Debugger] svchost.exe IFEO\ackwin32.exe: [Debugger] svchost.exe IFEO\Ad-Aware.exe: [Debugger] svchost.exe IFEO\adaware.exe: [Debugger] svchost.exe IFEO\advxdwin.exe: [Debugger] svchost.exe IFEO\AdwarePrj.exe: [Debugger] svchost.exe IFEO\agent.exe: [Debugger] svchost.exe IFEO\agentsvr.exe: [Debugger] svchost.exe IFEO\agentw.exe: [Debugger] svchost.exe IFEO\alertsvc.exe: [Debugger] svchost.exe IFEO\alevir.exe: [Debugger] svchost.exe IFEO\alogserv.exe: [Debugger] svchost.exe IFEO\AlphaAV: [Debugger] svchost.exe IFEO\AlphaAV.exe: [Debugger] svchost.exe IFEO\AluSchedulerSvc.exe: [Debugger] svchost.exe IFEO\amon9x.exe: [Debugger] svchost.exe IFEO\anti-trojan.exe: [Debugger] svchost.exe IFEO\Anti-Virus Professional.exe: [Debugger] svchost.exe IFEO\AntispywarXP2009.exe: [Debugger] svchost.exe IFEO\antivirus.exe: [Debugger] svchost.exe IFEO\AntivirusPlus: [Debugger] svchost.exe IFEO\AntivirusPlus.exe: [Debugger] svchost.exe IFEO\AntivirusPro_2010.exe: [Debugger] svchost.exe IFEO\AntivirusXP: [Debugger] svchost.exe IFEO\AntivirusXP.exe: [Debugger] svchost.exe IFEO\antivirusxppro2009.exe: [Debugger] svchost.exe IFEO\AntiVirus_Pro.exe: [Debugger] svchost.exe IFEO\ants.exe: [Debugger] svchost.exe IFEO\apimonitor.exe: [Debugger] svchost.exe IFEO\aplica32.exe: [Debugger] svchost.exe IFEO\apvxdwin.exe: [Debugger] svchost.exe IFEO\arr.exe: [Debugger] svchost.exe IFEO\Arrakis3.exe: [Debugger] svchost.exe IFEO\ashAvast.exe: [Debugger] svchost.exe IFEO\ashBug.exe: [Debugger] svchost.exe IFEO\ashChest.exe: [Debugger] svchost.exe IFEO\ashCnsnt.exe: [Debugger] svchost.exe IFEO\ashDisp.exe: [Debugger] svchost.exe IFEO\ashLogV.exe: [Debugger] svchost.exe IFEO\ashMaiSv.exe: [Debugger] svchost.exe IFEO\ashPopWz.exe: [Debugger] svchost.exe IFEO\ashQuick.exe: [Debugger] svchost.exe IFEO\ashServ.exe: [Debugger] svchost.exe IFEO\ashSimp2.exe: [Debugger] svchost.exe IFEO\ashSimpl.exe: [Debugger] svchost.exe IFEO\ashSkPcc.exe: [Debugger] svchost.exe IFEO\ashSkPck.exe: [Debugger] svchost.exe IFEO\ashUpd.exe: [Debugger] svchost.exe IFEO\ashWebSv.exe: [Debugger] svchost.exe IFEO\aswChLic.exe: [Debugger] svchost.exe IFEO\aswRegSvr.exe: [Debugger] svchost.exe IFEO\aswRunDll.exe: [Debugger] svchost.exe IFEO\aswUpdSv.exe: [Debugger] svchost.exe IFEO\atcon.exe: [Debugger] svchost.exe IFEO\atguard.exe: [Debugger] svchost.exe IFEO\atro55en.exe: [Debugger] svchost.exe IFEO\atupdater.exe: [Debugger] svchost.exe IFEO\atwatch.exe: [Debugger] svchost.exe IFEO\au.exe: [Debugger] svchost.exe IFEO\aupdate.exe: [Debugger] svchost.exe IFEO\auto-protect.nav80try.exe: [Debugger] svchost.exe IFEO\autodown.exe: [Debugger] svchost.exe IFEO\autotrace.exe: [Debugger] svchost.exe IFEO\autoupdate.exe: [Debugger] svchost.exe IFEO\av360.exe: [Debugger] svchost.exe IFEO\avadmin.exe: [Debugger] svchost.exe IFEO\AVCare.exe: [Debugger] svchost.exe IFEO\avcenter.exe: [Debugger] svchost.exe IFEO\avciman.exe: [Debugger] svchost.exe IFEO\avconfig.exe: [Debugger] svchost.exe IFEO\avconsol.exe: [Debugger] svchost.exe IFEO\ave32.exe: [Debugger] svchost.exe IFEO\AVENGINE.EXE: [Debugger] svchost.exe IFEO\avgcc32.exe: [Debugger] svchost.exe IFEO\avgchk.exe: [Debugger] svchost.exe IFEO\avgcmgr.exe: [Debugger] svchost.exe IFEO\avgcsrvx.exe: [Debugger] svchost.exe IFEO\avgctrl.exe: [Debugger] svchost.exe IFEO\avgdumpx.exe: [Debugger] svchost.exe IFEO\avgemc.exe: [Debugger] svchost.exe IFEO\avgiproxy.exe: [Debugger] svchost.exe IFEO\avgnsx.exe: [Debugger] svchost.exe IFEO\avgnt.exe: [Debugger] svchost.exe IFEO\avgrsx.exe: [Debugger] svchost.exe IFEO\avgscanx.exe: [Debugger] svchost.exe IFEO\avgserv.exe: [Debugger] svchost.exe IFEO\avgserv9.exe: [Debugger] svchost.exe IFEO\avgsrmax.exe: [Debugger] svchost.exe IFEO\avgtray.exe: [Debugger] svchost.exe IFEO\avgui.exe: [Debugger] svchost.exe IFEO\avgupd.exe: [Debugger] svchost.exe IFEO\avgw.exe: [Debugger] svchost.exe IFEO\avgwdsvc.exe: [Debugger] svchost.exe IFEO\avkpop.exe: [Debugger] svchost.exe IFEO\avkserv.exe: [Debugger] svchost.exe IFEO\avkservice.exe: [Debugger] svchost.exe IFEO\avkwctl9.exe: [Debugger] svchost.exe IFEO\avltmain.exe: [Debugger] svchost.exe IFEO\avmailc.exe: [Debugger] svchost.exe IFEO\avmcdlg.exe: [Debugger] svchost.exe IFEO\avnotify.exe: [Debugger] svchost.exe IFEO\avnt.exe: [Debugger] svchost.exe IFEO\avp32.exe: [Debugger] svchost.exe IFEO\avpcc.exe: [Debugger] svchost.exe IFEO\avpdos32.exe: [Debugger] svchost.exe IFEO\avpm.exe: [Debugger] svchost.exe IFEO\avptc32.exe: [Debugger] svchost.exe IFEO\avpupd.exe: [Debugger] svchost.exe IFEO\avsched32.exe: [Debugger] svchost.exe IFEO\avsynmgr.exe: [Debugger] svchost.exe IFEO\avupgsvc.exe: [Debugger] svchost.exe IFEO\AVWEBGRD.EXE: [Debugger] svchost.exe IFEO\avwin.exe: [Debugger] svchost.exe IFEO\avwin95.exe: [Debugger] svchost.exe IFEO\avwinnt.exe: [Debugger] svchost.exe IFEO\avwsc.exe: [Debugger] svchost.exe IFEO\avwupd.exe: [Debugger] svchost.exe IFEO\avwupd32.exe: [Debugger] svchost.exe IFEO\avwupsrv.exe: [Debugger] svchost.exe IFEO\avxmonitor9x.exe: [Debugger] svchost.exe IFEO\avxmonitornt.exe: [Debugger] svchost.exe IFEO\avxquar.exe: [Debugger] svchost.exe IFEO\b.exe: [Debugger] svchost.exe IFEO\backweb.exe: [Debugger] svchost.exe IFEO\bargains.exe: [Debugger] svchost.exe IFEO\bdagent.exe: [Debugger] svchost.exe IFEO\bdfvcl.exe: [Debugger] svchost.exe IFEO\bdfvwiz.exe: [Debugger] svchost.exe IFEO\BDInProcPatch.exe: [Debugger] svchost.exe IFEO\bdmcon.exe: [Debugger] svchost.exe IFEO\BDMsnScan.exe: [Debugger] svchost.exe IFEO\bdreinit.exe: [Debugger] svchost.exe IFEO\bdsubwiz.exe: [Debugger] svchost.exe IFEO\BDSurvey.exe: [Debugger] svchost.exe IFEO\bdtkexec.exe: [Debugger] svchost.exe IFEO\bdwizreg.exe: [Debugger] svchost.exe IFEO\bd_professional.exe: [Debugger] svchost.exe IFEO\beagle.exe: [Debugger] svchost.exe IFEO\belt.exe: [Debugger] svchost.exe IFEO\bidef.exe: [Debugger] svchost.exe IFEO\bidserver.exe: [Debugger] svchost.exe IFEO\bipcp.exe: [Debugger] svchost.exe IFEO\bipcpevalsetup.exe: [Debugger] svchost.exe IFEO\bisp.exe: [Debugger] svchost.exe IFEO\blackd.exe: [Debugger] svchost.exe IFEO\blackice.exe: [Debugger] svchost.exe IFEO\blink.exe: [Debugger] svchost.exe IFEO\blss.exe: [Debugger] svchost.exe IFEO\bootconf.exe: [Debugger] svchost.exe IFEO\bootwarn.exe: [Debugger] svchost.exe IFEO\borg2.exe: [Debugger] svchost.exe IFEO\bpc.exe: [Debugger] svchost.exe IFEO\brasil.exe: [Debugger] svchost.exe IFEO\brastk.exe: [Debugger] svchost.exe IFEO\brw.exe: [Debugger] svchost.exe IFEO\bs120.exe: [Debugger] svchost.exe IFEO\bspatch.exe: [Debugger] svchost.exe IFEO\bundle.exe: [Debugger] svchost.exe IFEO\bvt.exe: [Debugger] svchost.exe IFEO\c.exe: [Debugger] svchost.exe IFEO\cavscan.exe: [Debugger] svchost.exe IFEO\ccapp.exe: [Debugger] svchost.exe IFEO\ccevtmgr.exe: [Debugger] svchost.exe IFEO\ccpxysvc.exe: [Debugger] svchost.exe IFEO\ccSvcHst.exe: [Debugger] svchost.exe IFEO\cdp.exe: [Debugger] svchost.exe IFEO\cfd.exe: [Debugger] svchost.exe IFEO\cfgwiz.exe: [Debugger] svchost.exe IFEO\cfiadmin.exe: [Debugger] svchost.exe IFEO\cfiaudit.exe: [Debugger] svchost.exe IFEO\cfinet.exe: [Debugger] svchost.exe IFEO\cfinet32.exe: [Debugger] svchost.exe IFEO\cfp.exe: [Debugger] svchost.exe IFEO\cfpconfg.exe: [Debugger] svchost.exe IFEO\cfplogvw.exe: [Debugger] svchost.exe IFEO\cfpupdat.exe: [Debugger] svchost.exe IFEO\Cl.exe: [Debugger] svchost.exe IFEO\claw95.exe: [Debugger] svchost.exe IFEO\claw95cf.exe: [Debugger] svchost.exe IFEO\clean.exe: [Debugger] svchost.exe IFEO\cleaner.exe: [Debugger] svchost.exe IFEO\cleaner3.exe: [Debugger] svchost.exe IFEO\cleanIELow.exe: [Debugger] svchost.exe IFEO\cleanpc.exe: [Debugger] svchost.exe IFEO\click.exe: [Debugger] svchost.exe IFEO\cmd32.exe: [Debugger] svchost.exe IFEO\cmdagent.exe: [Debugger] svchost.exe IFEO\cmesys.exe: [Debugger] svchost.exe IFEO\cmgrdian.exe: [Debugger] svchost.exe IFEO\cmon016.exe: [Debugger] svchost.exe IFEO\connectionmonitor.exe: [Debugger] svchost.exe IFEO\control: [Debugger] svchost.exe IFEO\cpd.exe: [Debugger] svchost.exe IFEO\cpf9x206.exe: [Debugger] svchost.exe IFEO\cpfnt206.exe: [Debugger] svchost.exe IFEO\crashrep.exe: [Debugger] svchost.exe IFEO\csc.exe: [Debugger] svchost.exe IFEO\cssconfg.exe: [Debugger] svchost.exe IFEO\cssupdat.exe: [Debugger] svchost.exe IFEO\cssurf.exe: [Debugger] svchost.exe IFEO\ctrl.exe: [Debugger] svchost.exe IFEO\cv.exe: [Debugger] svchost.exe IFEO\cwnb181.exe: [Debugger] svchost.exe IFEO\cwntdwmo.exe: [Debugger] svchost.exe IFEO\d.exe: [Debugger] svchost.exe IFEO\datemanager.exe: [Debugger] svchost.exe IFEO\dcomx.exe: [Debugger] svchost.exe IFEO\defalert.exe: [Debugger] svchost.exe IFEO\defscangui.exe: [Debugger] svchost.exe IFEO\defwatch.exe: [Debugger] svchost.exe IFEO\deloeminfs.exe: [Debugger] svchost.exe IFEO\deputy.exe: [Debugger] svchost.exe IFEO\divx.exe: [Debugger] svchost.exe IFEO\dllcache.exe: [Debugger] svchost.exe IFEO\dllreg.exe: [Debugger] svchost.exe IFEO\doors.exe: [Debugger] svchost.exe IFEO\dop.exe: [Debugger] svchost.exe IFEO\dpf.exe: [Debugger] svchost.exe IFEO\dpfsetup.exe: [Debugger] svchost.exe IFEO\dpps2.exe: [Debugger] svchost.exe IFEO\driverctrl.exe: [Debugger] svchost.exe IFEO\drwatson.exe: [Debugger] svchost.exe IFEO\drweb32.exe: [Debugger] svchost.exe IFEO\drwebupw.exe: [Debugger] svchost.exe IFEO\dssagent.exe: [Debugger] svchost.exe IFEO\dvp95.exe: [Debugger] svchost.exe IFEO\dvp95_0.exe: [Debugger] svchost.exe IFEO\ecengine.exe: [Debugger] svchost.exe IFEO\efpeadm.exe: [Debugger] svchost.exe IFEO\egui.exe: [Debugger] svchost.exe IFEO\ekrn.exe: [Debugger] svchost.exe IFEO\emsw.exe: [Debugger] svchost.exe IFEO\ent.exe: [Debugger] svchost.exe IFEO\esafe.exe: [Debugger] svchost.exe IFEO\escanhnt.exe: [Debugger] svchost.exe IFEO\escanv95.exe: [Debugger] svchost.exe IFEO\espwatch.exe: [Debugger] svchost.exe IFEO\ethereal.exe: [Debugger] svchost.exe IFEO\etrustcipe.exe: [Debugger] svchost.exe IFEO\evpn.exe: [Debugger] svchost.exe IFEO\exantivirus-cnet.exe: [Debugger] svchost.exe IFEO\exe.avxw.exe: [Debugger] svchost.exe IFEO\expert.exe: [Debugger] svchost.exe IFEO\explore.exe: [Debugger] svchost.exe IFEO\f-agnt95.exe: [Debugger] svchost.exe IFEO\f-prot.exe: [Debugger] svchost.exe IFEO\f-prot95.exe: [Debugger] svchost.exe IFEO\f-stopw.exe: [Debugger] svchost.exe IFEO\fact.exe: [Debugger] svchost.exe IFEO\fameh32.exe: [Debugger] svchost.exe IFEO\fast.exe: [Debugger] svchost.exe IFEO\fch32.exe: [Debugger] svchost.exe IFEO\fih32.exe: [Debugger] svchost.exe IFEO\findviru.exe: [Debugger] svchost.exe IFEO\firewall.exe: [Debugger] svchost.exe IFEO\fixcfg.exe: [Debugger] svchost.exe IFEO\fixfp.exe: [Debugger] svchost.exe IFEO\fnrb32.exe: [Debugger] svchost.exe IFEO\fp-win.exe: [Debugger] svchost.exe IFEO\fp-win_trial.exe: [Debugger] svchost.exe IFEO\fprot.exe: [Debugger] svchost.exe IFEO\frmwrk32.exe: [Debugger] svchost.exe IFEO\frw.exe: [Debugger] svchost.exe IFEO\fsaa.exe: [Debugger] svchost.exe IFEO\fsav.exe: [Debugger] svchost.exe IFEO\fsav32.exe: [Debugger] svchost.exe IFEO\fsav530stbyb.exe: [Debugger] svchost.exe IFEO\fsav530wtbyb.exe: [Debugger] svchost.exe IFEO\fsav95.exe: [Debugger] svchost.exe IFEO\fsgk32.exe: [Debugger] svchost.exe IFEO\fsm32.exe: [Debugger] svchost.exe IFEO\fsma32.exe: [Debugger] svchost.exe IFEO\fsmb32.exe: [Debugger] svchost.exe IFEO\gator.exe: [Debugger] svchost.exe IFEO\gav.exe: [Debugger] svchost.exe IFEO\gbmenu.exe: [Debugger] svchost.exe IFEO\gbn976rl.exe: [Debugger] svchost.exe IFEO\gbpoll.exe: [Debugger] svchost.exe IFEO\generics.exe: [Debugger] svchost.exe IFEO\gmt.exe: [Debugger] svchost.exe IFEO\guard.exe: [Debugger] svchost.exe IFEO\guarddog.exe: [Debugger] svchost.exe IFEO\guardgui.exe: [Debugger] svchost.exe IFEO\hacktracersetup.exe: [Debugger] svchost.exe IFEO\hbinst.exe: [Debugger] svchost.exe IFEO\hbsrv.exe: [Debugger] svchost.exe IFEO\History.exe: [Debugger] svchost.exe IFEO\homeav2010.exe: [Debugger] svchost.exe IFEO\hotactio.exe: [Debugger] svchost.exe IFEO\hotpatch.exe: [Debugger] svchost.exe IFEO\htlog.exe: [Debugger] svchost.exe IFEO\htpatch.exe: [Debugger] svchost.exe IFEO\hwpe.exe: [Debugger] svchost.exe IFEO\hxdl.exe: [Debugger] svchost.exe IFEO\hxiul.exe: [Debugger] svchost.exe IFEO\iamapp.exe: [Debugger] svchost.exe IFEO\iamserv.exe: [Debugger] svchost.exe IFEO\iamstats.exe: [Debugger] svchost.exe IFEO\ibmasn.exe: [Debugger] svchost.exe IFEO\ibmavsp.exe: [Debugger] svchost.exe IFEO\icload95.exe: [Debugger] svchost.exe IFEO\icloadnt.exe: [Debugger] svchost.exe IFEO\icmon.exe: [Debugger] svchost.exe IFEO\icsupp95.exe: [Debugger] svchost.exe IFEO\icsuppnt.exe: [Debugger] svchost.exe IFEO\Identity.exe: [Debugger] svchost.exe IFEO\idle.exe: [Debugger] svchost.exe IFEO\iedll.exe: [Debugger] svchost.exe IFEO\iedriver.exe: [Debugger] svchost.exe IFEO\IEShow.exe: [Debugger] svchost.exe IFEO\iface.exe: [Debugger] svchost.exe IFEO\ifw2000.exe: [Debugger] svchost.exe IFEO\inetlnfo.exe: [Debugger] svchost.exe IFEO\infus.exe: [Debugger] svchost.exe IFEO\infwin.exe: [Debugger] svchost.exe IFEO\init.exe: [Debugger] svchost.exe IFEO\init32.exe : [Debugger] svchost.exe IFEO\install.exe: [Debugger] svchost.exe IFEO\install[1].exe: [Debugger] svchost.exe IFEO\install[2].exe: [Debugger] svchost.exe IFEO\install[3].exe: [Debugger] svchost.exe IFEO\install[4].exe: [Debugger] svchost.exe IFEO\install[5].exe: [Debugger] svchost.exe IFEO\intdel.exe: [Debugger] svchost.exe IFEO\intren.exe: [Debugger] svchost.exe IFEO\iomon98.exe: [Debugger] svchost.exe IFEO\istsvc.exe: [Debugger] svchost.exe IFEO\jammer.exe: [Debugger] svchost.exe IFEO\jdbgmrg.exe: [Debugger] svchost.exe IFEO\jedi.exe: [Debugger] svchost.exe IFEO\JsRcGen.exe: [Debugger] svchost.exe IFEO\kavlite40eng.exe: [Debugger] svchost.exe IFEO\kavpers40eng.exe: [Debugger] svchost.exe IFEO\kavpf.exe: [Debugger] svchost.exe IFEO\kazza.exe: [Debugger] svchost.exe IFEO\keenvalue.exe: [Debugger] svchost.exe IFEO\kerio-pf-213-en-win.exe: [Debugger] svchost.exe IFEO\kerio-wrl-421-en-win.exe: [Debugger] svchost.exe IFEO\kerio-wrp-421-en-win.exe: [Debugger] svchost.exe IFEO\killprocesssetup161.exe: [Debugger] svchost.exe IFEO\ldnetmon.exe: [Debugger] svchost.exe IFEO\ldpro.exe: [Debugger] svchost.exe IFEO\ldpromenu.exe: [Debugger] svchost.exe IFEO\ldscan.exe: [Debugger] svchost.exe IFEO\licmgr.exe: [Debugger] svchost.exe IFEO\livesrv.exe: [Debugger] svchost.exe IFEO\lnetinfo.exe: [Debugger] svchost.exe IFEO\loader.exe: [Debugger] svchost.exe IFEO\localnet.exe: [Debugger] svchost.exe IFEO\lockdown.exe: [Debugger] svchost.exe IFEO\lockdown2000.exe: [Debugger] svchost.exe IFEO\lookout.exe: [Debugger] svchost.exe IFEO\lordpe.exe: [Debugger] svchost.exe IFEO\lsetup.exe: [Debugger] svchost.exe IFEO\luall.exe: [Debugger] svchost.exe IFEO\luau.exe: [Debugger] svchost.exe IFEO\lucomserver.exe: [Debugger] svchost.exe IFEO\luinit.exe: [Debugger] svchost.exe IFEO\luspt.exe: [Debugger] svchost.exe IFEO\MalwareRemoval.exe: [Debugger] svchost.exe IFEO\mapisvc32.exe: [Debugger] svchost.exe IFEO\mcagent.exe: [Debugger] svchost.exe IFEO\mcmnhdlr.exe: [Debugger] svchost.exe IFEO\mcmscsvc.exe: [Debugger] svchost.exe IFEO\mcnasvc.exe: [Debugger] svchost.exe IFEO\mcproxy.exe: [Debugger] svchost.exe IFEO\McSACore.exe: [Debugger] svchost.exe IFEO\mcshell.exe: [Debugger] svchost.exe IFEO\mcshield.exe: [Debugger] svchost.exe IFEO\mcsysmon.exe: [Debugger] svchost.exe IFEO\mctool.exe: [Debugger] svchost.exe IFEO\mcupdate.exe: [Debugger] svchost.exe IFEO\mcvsrte.exe: [Debugger] svchost.exe IFEO\mcvsshld.exe: [Debugger] svchost.exe IFEO\md.exe: [Debugger] svchost.exe IFEO\mfin32.exe: [Debugger] svchost.exe IFEO\mfw2en.exe: [Debugger] svchost.exe IFEO\mfweng3.02d30.exe: [Debugger] svchost.exe IFEO\mgavrtcl.exe: [Debugger] svchost.exe IFEO\mgavrte.exe: [Debugger] svchost.exe IFEO\mghtml.exe: [Debugger] svchost.exe IFEO\mgui.exe: [Debugger] svchost.exe IFEO\minilog.exe: [Debugger] svchost.exe IFEO\mmod.exe: [Debugger] svchost.exe IFEO\monitor.exe: [Debugger] svchost.exe IFEO\moolive.exe: [Debugger] svchost.exe IFEO\mostat.exe: [Debugger] svchost.exe IFEO\mpfagent.exe: [Debugger] svchost.exe IFEO\mpfservice.exe: [Debugger] svchost.exe IFEO\MPFSrv.exe: [Debugger] svchost.exe IFEO\mpftray.exe: [Debugger] svchost.exe IFEO\mrflux.exe: [Debugger] svchost.exe IFEO\mrt.exe: [Debugger] svchost.exe IFEO\msa.exe: [Debugger] svchost.exe IFEO\msapp.exe: [Debugger] svchost.exe IFEO\MSASCui.exe: [Debugger] svchost.exe IFEO\msbb.exe: [Debugger] svchost.exe IFEO\msblast.exe: [Debugger] svchost.exe IFEO\mscache.exe: [Debugger] svchost.exe IFEO\msccn32.exe: [Debugger] svchost.exe IFEO\mscman.exe: [Debugger] svchost.exe IFEO\msconfig: [Debugger] svchost.exe IFEO\msdm.exe: [Debugger] svchost.exe IFEO\msdos.exe: [Debugger] svchost.exe IFEO\msiexec16.exe: [Debugger] svchost.exe IFEO\mslaugh.exe: [Debugger] svchost.exe IFEO\msmgt.exe: [Debugger] svchost.exe IFEO\msmsgri32.exe: [Debugger] svchost.exe IFEO\msseces.exe: [Debugger] svchost.exe IFEO\mssmmc32.exe: [Debugger] svchost.exe IFEO\mssys.exe: [Debugger] svchost.exe IFEO\msvxd.exe: [Debugger] svchost.exe IFEO\mu0311ad.exe: [Debugger] svchost.exe IFEO\mwatch.exe: [Debugger] svchost.exe IFEO\n32scanw.exe: [Debugger] svchost.exe IFEO\nav.exe: [Debugger] svchost.exe IFEO\navap.navapsvc.exe: [Debugger] svchost.exe IFEO\navapsvc.exe: [Debugger] svchost.exe IFEO\navapw32.exe: [Debugger] svchost.exe IFEO\navdx.exe: [Debugger] svchost.exe IFEO\navlu32.exe: [Debugger] svchost.exe IFEO\navnt.exe: [Debugger] svchost.exe IFEO\navstub.exe: [Debugger] svchost.exe IFEO\navw32.exe: [Debugger] svchost.exe IFEO\navwnt.exe: [Debugger] svchost.exe IFEO\nc2000.exe: [Debugger] svchost.exe IFEO\ncinst4.exe: [Debugger] svchost.exe IFEO\ndd32.exe: [Debugger] svchost.exe IFEO\neomonitor.exe: [Debugger] svchost.exe IFEO\neowatchlog.exe: [Debugger] svchost.exe IFEO\netarmor.exe: [Debugger] svchost.exe IFEO\netd32.exe: [Debugger] svchost.exe IFEO\netinfo.exe: [Debugger] svchost.exe IFEO\netmon.exe: [Debugger] svchost.exe IFEO\netscanpro.exe: [Debugger] svchost.exe IFEO\netspyhunter-1.2.exe: [Debugger] svchost.exe IFEO\netutils.exe: [Debugger] svchost.exe IFEO\nisserv.exe: [Debugger] svchost.exe IFEO\nisum.exe: [Debugger] svchost.exe IFEO\nmain.exe: [Debugger] svchost.exe IFEO\nod32.exe: [Debugger] svchost.exe IFEO\normist.exe: [Debugger] svchost.exe IFEO\norton_internet_secu_3.0_407.exe: [Debugger] svchost.exe IFEO\notstart.exe: [Debugger] svchost.exe IFEO\npf40_tw_98_nt_me_2k.exe: [Debugger] svchost.exe IFEO\npfmessenger.exe: [Debugger] svchost.exe IFEO\nprotect.exe: [Debugger] svchost.exe IFEO\npscheck.exe: [Debugger] svchost.exe IFEO\npssvc.exe: [Debugger] svchost.exe IFEO\nsched32.exe: [Debugger] svchost.exe IFEO\nssys32.exe: [Debugger] svchost.exe IFEO\nstask32.exe: [Debugger] svchost.exe IFEO\nsupdate.exe: [Debugger] svchost.exe IFEO\nt.exe: [Debugger] svchost.exe IFEO\ntrtscan.exe: [Debugger] svchost.exe IFEO\ntvdm.exe: [Debugger] svchost.exe IFEO\ntxconfig.exe: [Debugger] svchost.exe IFEO\nui.exe: [Debugger] svchost.exe IFEO\nupgrade.exe: [Debugger] svchost.exe IFEO\nvarch16.exe: [Debugger] svchost.exe IFEO\nvc95.exe: [Debugger] svchost.exe IFEO\nvsvc32.exe: [Debugger] svchost.exe IFEO\nwinst4.exe: [Debugger] svchost.exe IFEO\nwservice.exe: [Debugger] svchost.exe IFEO\nwtool16.exe: [Debugger] svchost.exe IFEO\OAcat.exe: [Debugger] svchost.exe IFEO\OAhlp.exe: [Debugger] svchost.exe IFEO\OAReg.exe: [Debugger] svchost.exe IFEO\oasrv.exe: [Debugger] svchost.exe IFEO\oaui.exe: [Debugger] svchost.exe IFEO\oaview.exe: [Debugger] svchost.exe IFEO\ODSW.exe: [Debugger] svchost.exe IFEO\ollydbg.exe: [Debugger] svchost.exe IFEO\OLT.exe: [Debugger] svchost.exe IFEO\onsrvr.exe: [Debugger] svchost.exe IFEO\optimize.exe: [Debugger] svchost.exe IFEO\ostronet.exe: [Debugger] svchost.exe IFEO\otfix.exe: [Debugger] svchost.exe IFEO\outpost.exe: [Debugger] svchost.exe IFEO\outpostinstall.exe: [Debugger] svchost.exe IFEO\outpostproinstall.exe: [Debugger] svchost.exe IFEO\ozn695m5.exe: [Debugger] svchost.exe IFEO\padmin.exe: [Debugger] svchost.exe IFEO\panixk.exe: [Debugger] svchost.exe IFEO\patch.exe: [Debugger] svchost.exe IFEO\pav.exe: [Debugger] svchost.exe IFEO\pavcl.exe: [Debugger] svchost.exe IFEO\PavFnSvr.exe: [Debugger] svchost.exe IFEO\pavproxy.exe: [Debugger] svchost.exe IFEO\pavprsrv.exe: [Debugger] svchost.exe IFEO\pavsched.exe: [Debugger] svchost.exe IFEO\pavsrv51.exe: [Debugger] svchost.exe IFEO\pavw.exe: [Debugger] svchost.exe IFEO\pc.exe: [Debugger] svchost.exe IFEO\pccwin98.exe: [Debugger] svchost.exe IFEO\pcfwallicon.exe: [Debugger] svchost.exe IFEO\pcip10117_0.exe: [Debugger] svchost.exe IFEO\pcscan.exe: [Debugger] svchost.exe IFEO\pctsAuxs.exe: [Debugger] svchost.exe IFEO\pctsGui.exe: [Debugger] svchost.exe IFEO\pctsSvc.exe: [Debugger] svchost.exe IFEO\pctsTray.exe: [Debugger] svchost.exe IFEO\PC_Antispyware2010.exe: [Debugger] svchost.exe IFEO\pdfndr.exe: [Debugger] svchost.exe IFEO\pdsetup.exe: [Debugger] svchost.exe IFEO\PerAvir.exe: [Debugger] svchost.exe IFEO\periscope.exe: [Debugger] svchost.exe IFEO\persfw.exe: [Debugger] svchost.exe IFEO\personalguard: [Debugger] svchost.exe IFEO\personalguard.exe: [Debugger] svchost.exe IFEO\perswf.exe: [Debugger] svchost.exe IFEO\pf2.exe: [Debugger] svchost.exe IFEO\pfwadmin.exe: [Debugger] svchost.exe IFEO\pgmonitr.exe: [Debugger] svchost.exe IFEO\pingscan.exe: [Debugger] svchost.exe IFEO\platin.exe: [Debugger] svchost.exe IFEO\pop3trap.exe: [Debugger] svchost.exe IFEO\poproxy.exe: [Debugger] svchost.exe IFEO\popscan.exe: [Debugger] svchost.exe IFEO\portdetective.exe: [Debugger] svchost.exe IFEO\portmonitor.exe: [Debugger] svchost.exe IFEO\powerscan.exe: [Debugger] svchost.exe IFEO\ppinupdt.exe: [Debugger] svchost.exe IFEO\pptbc.exe: [Debugger] svchost.exe IFEO\ppvstop.exe: [Debugger] svchost.exe IFEO\prizesurfer.exe: [Debugger] svchost.exe IFEO\prmt.exe: [Debugger] svchost.exe IFEO\prmvr.exe: [Debugger] svchost.exe IFEO\procdump.exe: [Debugger] svchost.exe IFEO\processmonitor.exe: [Debugger] svchost.exe IFEO\procexplorerv1.0.exe: [Debugger] svchost.exe IFEO\programauditor.exe: [Debugger] svchost.exe IFEO\proport.exe: [Debugger] svchost.exe IFEO\protector.exe: [Debugger] svchost.exe IFEO\protectx.exe: [Debugger] svchost.exe IFEO\PSANCU.exe: [Debugger] svchost.exe IFEO\PSANHost.exe: [Debugger] svchost.exe IFEO\PSANToManager.exe: [Debugger] svchost.exe IFEO\PsCtrls.exe: [Debugger] svchost.exe IFEO\PsImSvc.exe: [Debugger] svchost.exe IFEO\PskSvc.exe: [Debugger] svchost.exe IFEO\pspf.exe: [Debugger] svchost.exe IFEO\PSUNMain.exe: [Debugger] svchost.exe IFEO\purge.exe: [Debugger] svchost.exe IFEO\qconsole.exe: [Debugger] svchost.exe IFEO\qh.exe: [Debugger] svchost.exe IFEO\qserver.exe: [Debugger] svchost.exe IFEO\Quick Heal.exe: [Debugger] svchost.exe IFEO\QuickHealCleaner.exe: [Debugger] svchost.exe IFEO\rapapp.exe: [Debugger] svchost.exe IFEO\rav7.exe: [Debugger] svchost.exe IFEO\rav7win.exe: [Debugger] svchost.exe IFEO\rav8win32eng.exe: [Debugger] svchost.exe IFEO\ray.exe: [Debugger] svchost.exe IFEO\rb32.exe: [Debugger] svchost.exe IFEO\rcsync.exe: [Debugger] svchost.exe IFEO\realmon.exe: [Debugger] svchost.exe IFEO\reged.exe: [Debugger] svchost.exe IFEO\regedt32.exe: [Debugger] svchost.exe IFEO\rescue.exe: [Debugger] svchost.exe IFEO\rescue32.exe: [Debugger] svchost.exe IFEO\rrguard.exe: [Debugger] svchost.exe IFEO\rscdwld.exe: [Debugger] svchost.exe IFEO\rshell.exe: [Debugger] svchost.exe IFEO\rtvscan.exe: [Debugger] svchost.exe IFEO\rtvscn95.exe: [Debugger] svchost.exe IFEO\rulaunch.exe: [Debugger] svchost.exe IFEO\rwg: [Debugger] svchost.exe IFEO\rwg.exe: [Debugger] svchost.exe IFEO\SafetyKeeper.exe: [Debugger] svchost.exe IFEO\safeweb.exe: [Debugger] svchost.exe IFEO\sahagent.exe: [Debugger] svchost.exe IFEO\Save.exe: [Debugger] svchost.exe IFEO\SaveArmor.exe: [Debugger] svchost.exe IFEO\SaveDefense.exe: [Debugger] svchost.exe IFEO\SaveKeep.exe: [Debugger] svchost.exe IFEO\savenow.exe: [Debugger] svchost.exe IFEO\sbserv.exe: [Debugger] svchost.exe IFEO\sc.exe: [Debugger] svchost.exe IFEO\scam32.exe: [Debugger] svchost.exe IFEO\scan32.exe: [Debugger] svchost.exe IFEO\scan95.exe: [Debugger] svchost.exe IFEO\scanpm.exe: [Debugger] svchost.exe IFEO\scrscan.exe: [Debugger] svchost.exe IFEO\seccenter.exe: [Debugger] svchost.exe IFEO\Secure Veteran.exe: [Debugger] svchost.exe IFEO\secureveteran.exe: [Debugger] svchost.exe IFEO\Security Center.exe: [Debugger] svchost.exe IFEO\SecurityFighter.exe: [Debugger] svchost.exe IFEO\securitysoldier.exe: [Debugger] svchost.exe IFEO\serv95.exe: [Debugger] svchost.exe IFEO\setloadorder.exe: [Debugger] svchost.exe IFEO\setupvameeval.exe: [Debugger] svchost.exe IFEO\setup_flowprotector_us.exe: [Debugger] svchost.exe IFEO\sgssfw32.exe: [Debugger] svchost.exe IFEO\sh.exe: [Debugger] svchost.exe IFEO\shellspyinstall.exe: [Debugger] svchost.exe IFEO\shield.exe: [Debugger] svchost.exe IFEO\shn.exe: [Debugger] svchost.exe IFEO\showbehind.exe: [Debugger] svchost.exe IFEO\signcheck.exe: [Debugger] svchost.exe IFEO\smart.exe: [Debugger] svchost.exe IFEO\smartprotector.exe: [Debugger] svchost.exe IFEO\smc.exe: [Debugger] svchost.exe IFEO\smrtdefp.exe: [Debugger] svchost.exe IFEO\sms.exe: [Debugger] svchost.exe IFEO\smss32.exe: [Debugger] svchost.exe IFEO\snetcfg.exe: [Debugger] svchost.exe IFEO\soap.exe: [Debugger] svchost.exe IFEO\sofi.exe: [Debugger] svchost.exe IFEO\SoftSafeness.exe: [Debugger] svchost.exe IFEO\sperm.exe: [Debugger] svchost.exe IFEO\spf.exe: [Debugger] svchost.exe IFEO\sphinx.exe: [Debugger] svchost.exe IFEO\spoler.exe: [Debugger] svchost.exe IFEO\spoolcv.exe: [Debugger] svchost.exe IFEO\spoolsv32.exe: [Debugger] svchost.exe IFEO\spywarexpguard.exe: [Debugger] svchost.exe IFEO\spyxx.exe: [Debugger] svchost.exe IFEO\srexe.exe: [Debugger] svchost.exe IFEO\srng.exe: [Debugger] svchost.exe IFEO\ss3edit.exe: [Debugger] svchost.exe IFEO\ssgrate.exe: [Debugger] svchost.exe IFEO\ssg_4104.exe: [Debugger] svchost.exe IFEO\st2.exe: [Debugger] svchost.exe IFEO\start.exe: [Debugger] svchost.exe IFEO\stcloader.exe: [Debugger] svchost.exe IFEO\supftrl.exe: [Debugger] svchost.exe IFEO\support.exe: [Debugger] svchost.exe IFEO\supporter5.exe: [Debugger] svchost.exe IFEO\svc.exe: [Debugger] svchost.exe IFEO\svchostc.exe: [Debugger] svchost.exe IFEO\svchosts.exe: [Debugger] svchost.exe IFEO\svshost.exe: [Debugger] svchost.exe IFEO\sweep95.exe: [Debugger] svchost.exe IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: [Debugger] svchost.exe IFEO\symlcsvc.exe: [Debugger] svchost.exe IFEO\symproxysvc.exe: [Debugger] svchost.exe IFEO\symtray.exe: [Debugger] svchost.exe IFEO\system.exe: [Debugger] svchost.exe IFEO\system32.exe: [Debugger] svchost.exe IFEO\sysupd.exe: [Debugger] svchost.exe IFEO\tapinstall.exe: [Debugger] svchost.exe IFEO\taskmgr.exe: [Debugger] svchost.exe IFEO\taumon.exe: [Debugger] svchost.exe IFEO\tbscan.exe: [Debugger] svchost.exe IFEO\tc.exe: [Debugger] svchost.exe IFEO\tca.exe: [Debugger] svchost.exe IFEO\tcm.exe: [Debugger] svchost.exe IFEO\tds-3.exe: [Debugger] svchost.exe IFEO\tds2-98.exe: [Debugger] svchost.exe IFEO\tds2-nt.exe: [Debugger] svchost.exe IFEO\teekids.exe: [Debugger] svchost.exe IFEO\tfak.exe: [Debugger] svchost.exe IFEO\tfak5.exe: [Debugger] svchost.exe IFEO\tgbob.exe: [Debugger] svchost.exe IFEO\titanin.exe: [Debugger] svchost.exe IFEO\titaninxp.exe: [Debugger] svchost.exe IFEO\TPSrv.exe: [Debugger] svchost.exe IFEO\trickler.exe: [Debugger] svchost.exe IFEO\trjscan.exe: [Debugger] svchost.exe IFEO\trjsetup.exe: [Debugger] svchost.exe IFEO\trojantrap3.exe: [Debugger] svchost.exe IFEO\TrustWarrior.exe: [Debugger] svchost.exe IFEO\tsadbot.exe: [Debugger] svchost.exe IFEO\tsc.exe: [Debugger] svchost.exe IFEO\tvmd.exe: [Debugger] svchost.exe IFEO\tvtmd.exe: [Debugger] svchost.exe IFEO\uiscan.exe: [Debugger] svchost.exe IFEO\undoboot.exe: [Debugger] svchost.exe IFEO\updat.exe: [Debugger] svchost.exe IFEO\upgrad.exe: [Debugger] svchost.exe IFEO\upgrepl.exe: [Debugger] svchost.exe IFEO\utpost.exe: [Debugger] svchost.exe IFEO\vbcmserv.exe: [Debugger] svchost.exe IFEO\vbcons.exe: [Debugger] svchost.exe IFEO\vbust.exe: [Debugger] svchost.exe IFEO\vbwin9x.exe: [Debugger] svchost.exe IFEO\vbwinntw.exe: [Debugger] svchost.exe IFEO\vcsetup.exe: [Debugger] svchost.exe IFEO\vet32.exe: [Debugger] svchost.exe IFEO\vet95.exe: [Debugger] svchost.exe IFEO\vettray.exe: [Debugger] svchost.exe IFEO\vfsetup.exe: [Debugger] svchost.exe IFEO\vir-help.exe: [Debugger] svchost.exe IFEO\virusmdpersonalfirewall.exe: [Debugger] svchost.exe IFEO\VisthAux.exe: [Debugger] svchost.exe IFEO\VisthLic.exe: [Debugger] svchost.exe IFEO\VisthUpd.exe: [Debugger] svchost.exe IFEO\vnlan300.exe: [Debugger] svchost.exe IFEO\vnpc3000.exe: [Debugger] svchost.exe IFEO\vpc32.exe: [Debugger] svchost.exe IFEO\vpc42.exe: [Debugger] svchost.exe IFEO\vpfw30s.exe: [Debugger] svchost.exe IFEO\vptray.exe: [Debugger] svchost.exe IFEO\vscan40.exe: [Debugger] svchost.exe IFEO\vscenu6.02d30.exe: [Debugger] svchost.exe IFEO\vsched.exe: [Debugger] svchost.exe IFEO\vsecomr.exe: [Debugger] svchost.exe IFEO\vshwin32.exe: [Debugger] svchost.exe IFEO\vsisetup.exe: [Debugger] svchost.exe IFEO\vsmain.exe: [Debugger] svchost.exe IFEO\vsmon.exe: [Debugger] svchost.exe IFEO\vsserv.exe: [Debugger] svchost.exe IFEO\vsstat.exe: [Debugger] svchost.exe IFEO\vswin9xe.exe: [Debugger] svchost.exe IFEO\vswinntse.exe: [Debugger] svchost.exe IFEO\vswinperse.exe: [Debugger] svchost.exe IFEO\w32dsm89.exe: [Debugger] svchost.exe IFEO\W3asbas.exe: [Debugger] svchost.exe IFEO\w9x.exe: [Debugger] svchost.exe IFEO\watchdog.exe: [Debugger] svchost.exe IFEO\webdav.exe: [Debugger] svchost.exe IFEO\WebProxy.exe: [Debugger] svchost.exe IFEO\webscanx.exe: [Debugger] svchost.exe IFEO\webtrap.exe: [Debugger] svchost.exe IFEO\wfindv32.exe: [Debugger] svchost.exe IFEO\whoswatchingme.exe: [Debugger] svchost.exe IFEO\wimmun32.exe: [Debugger] svchost.exe IFEO\win-bugsfix.exe: [Debugger] svchost.exe IFEO\win32.exe: [Debugger] svchost.exe IFEO\win32us.exe: [Debugger] svchost.exe IFEO\winactive.exe: [Debugger] svchost.exe IFEO\winav.exe: [Debugger] svchost.exe IFEO\windll32.exe: [Debugger] svchost.exe IFEO\window.exe: [Debugger] svchost.exe IFEO\windows Police Pro.exe: [Debugger] svchost.exe IFEO\windows.exe: [Debugger] svchost.exe IFEO\wininetd.exe: [Debugger] svchost.exe IFEO\wininitx.exe: [Debugger] svchost.exe IFEO\winlogin.exe: [Debugger] svchost.exe IFEO\winmain.exe: [Debugger] svchost.exe IFEO\winppr32.exe: [Debugger] svchost.exe IFEO\winrecon.exe: [Debugger] svchost.exe IFEO\winservn.exe: [Debugger] svchost.exe IFEO\winssk32.exe: [Debugger] svchost.exe IFEO\winstart.exe: [Debugger] svchost.exe IFEO\winstart001.exe: [Debugger] svchost.exe IFEO\wintsk32.exe: [Debugger] svchost.exe IFEO\winupdate.exe: [Debugger] svchost.exe IFEO\wkufind.exe: [Debugger] svchost.exe IFEO\wnad.exe: [Debugger] svchost.exe IFEO\wnt.exe: [Debugger] svchost.exe IFEO\wradmin.exe: [Debugger] svchost.exe IFEO\wrctrl.exe: [Debugger] svchost.exe IFEO\wsbgate.exe: [Debugger] svchost.exe IFEO\wscfxas.exe: [Debugger] svchost.exe IFEO\wscfxav.exe: [Debugger] svchost.exe IFEO\wscfxfw.exe: [Debugger] svchost.exe IFEO\wsctool.exe: [Debugger] svchost.exe IFEO\wupdater.exe: [Debugger] svchost.exe IFEO\wupdt.exe: [Debugger] svchost.exe IFEO\wyvernworksfirewall.exe: [Debugger] svchost.exe IFEO\xpdeluxe.exe: [Debugger] svchost.exe IFEO\xpf202en.exe: [Debugger] svchost.exe IFEO\xp_antispyware.exe: [Debugger] svchost.exe IFEO\zapro.exe: [Debugger] svchost.exe IFEO\zapsetup3001.exe: [Debugger] svchost.exe IFEO\zatutor.exe: [Debugger] svchost.exe IFEO\zonalm2601.exe: [Debugger] svchost.exe IFEO\zonealarm.exe: [Debugger] svchost.exe IFEO\_avp32.exe: [Debugger] svchost.exe IFEO\_avpcc.exe: [Debugger] svchost.exe IFEO\_avpm.exe: [Debugger] svchost.exe IFEO\~1.exe: [Debugger] svchost.exe IFEO\~2.exe: [Debugger] svchost.exe Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG10\avgchsva.exe /syncC:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1 SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://findgala.com/?&uid=2300&q={searchTerms} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://findgala.com/?&uid=2300&q={searchTerms} SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=WBG&o=15136&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=RS&apn_dtid=YYYYYYYYUS&apn_uid=5B3ED350-33F2-48DC-A5F6-B4B166F2D289&apn_sauid=02902701-9A59-415B-B03B-39724D057FDD SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://findgala.com/?&uid=2300&q={searchTerms} BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files (x86)\McAfee\MSK\mskapbho64.dll () BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files (x86)\McAfee\MSK\mskapbho.dll () BHO-x32: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.) BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.) BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll () BHO-x32: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll () Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll () Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 204.255.24.106 FireFox: ======== FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) ==================== Services (Whitelisted) ================= R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe [89600 2010-03-17] (Andrea Electronics Corporation) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [4433248 2011-10-12] (AVG Technologies CZ, s.r.o.) R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed] S2 mcmscsvc; C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe [865832 2010-06-10] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [696848 2010-02-24] (McAfee, Inc.) S2 McProxy; C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe [359952 2009-07-08] (McAfee, Inc.) S2 McShield; C:\Program Files\McAfee\VirusScan\Mcshield.exe [155456 2010-02-17] (McAfee, Inc.) S3 McSysmon; C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe [606736 2010-02-17] (McAfee, Inc.) S2 MpfService; C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe [895696 2009-10-27] (McAfee, Inc.) R2 MSK80Service; C:\Program Files (x86)\McAfee\MSK\MskSrver.exe [26640 2009-10-02] (McAfee, Inc.) R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe [244736 2010-03-17] (IDT, Inc.) S2 McNASvc; %CommonProgramFiles(x86)%\mcafee\mna\mcnasvc.exe [X] ==================== Drivers (Whitelisted) ==================== S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [102472 2010-02-17] (McAfee, Inc.) S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [41032 2009-06-18] (McAfee, Inc.) R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [308296 2010-02-17] (McAfee, Inc.) S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [40904 2010-02-17] (McAfee, Inc.) S3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [49480 2010-02-17] (McAfee, Inc.) R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [176144 2010-07-15] (McAfee, Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-25 21:50 - 2014-06-25 21:50 - 00044713 _____ () C:\Users\marian\Desktop\FRST.txt 2014-06-25 21:50 - 2014-06-25 21:50 - 00000000 ____D () C:\FRST 2014-06-25 21:49 - 2014-10-26 15:00 - 02082816 _____ (Farbar) C:\Users\marian\Desktop\FRST64.exe 2014-06-25 21:49 - 2014-10-26 15:00 - 00380416 _____ () C:\Users\marian\Desktop\su2wfrhd.exe 2014-06-25 21:49 - 2014-10-26 14:59 - 00602112 _____ (OldTimer Tools) C:\Users\marian\Desktop\OTL.exe 2014-06-25 20:22 - 2014-06-25 20:22 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-06-25 19:29 - 2014-06-25 19:29 - 00000000 __SHD () C:\Users\marian\AppData\Local\EmieUserList 2014-06-25 19:29 - 2014-06-25 19:29 - 00000000 __SHD () C:\Users\marian\AppData\Local\EmieSiteList 2014-06-25 18:54 - 2014-06-25 18:54 - 00098766 _____ () C:\windows\PFRO.log 2014-06-25 18:53 - 2014-06-25 18:53 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-06-25 18:22 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys 2014-06-25 18:22 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-06-25 18:22 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-06-25 18:22 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll 2014-06-25 18:22 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll 2014-06-25 18:22 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll 2014-06-25 18:22 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll 2014-06-25 18:22 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll 2014-06-25 18:22 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll 2014-06-25 18:22 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll 2014-06-25 18:22 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe 2014-06-25 18:22 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe 2014-06-25 18:22 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll 2014-06-25 18:22 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe 2014-06-25 18:22 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll 2014-06-25 18:22 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe 2014-06-25 18:22 - 2013-10-01 15:57 - 06578176 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll 2014-06-25 18:22 - 2013-10-01 15:55 - 05698048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll 2014-06-25 18:05 - 2012-08-23 09:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll 2014-06-25 18:05 - 2012-08-23 09:10 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys 2014-06-25 18:05 - 2012-08-23 08:24 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll 2014-06-25 18:05 - 2012-08-23 06:12 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll 2014-06-25 18:05 - 2012-08-23 05:51 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll 2014-06-25 18:05 - 2012-08-23 04:51 - 03174912 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll 2014-06-25 17:53 - 2014-06-25 17:53 - 00000000 ____D () C:\Users\marian\AppData\Roaming\Roxio Log Files 2014-06-25 17:52 - 2014-06-25 17:53 - 00000353 _____ () C:\windows\SynInst.log 2014-06-25 17:44 - 2014-06-08 04:13 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-06-25 17:44 - 2014-06-08 04:08 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-06-25 17:44 - 2014-05-30 05:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-06-25 17:44 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-06-25 17:44 - 2014-05-30 05:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2014-06-25 17:44 - 2014-05-30 04:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-06-25 17:44 - 2014-05-30 04:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2014-06-25 17:44 - 2014-05-30 04:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-06-25 17:44 - 2014-05-30 04:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2014-06-25 17:44 - 2014-05-30 04:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-06-25 17:44 - 2014-05-30 04:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-06-25 17:44 - 2014-05-30 04:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2014-06-25 17:44 - 2014-05-30 04:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2014-06-25 17:44 - 2014-05-30 04:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2014-06-25 17:44 - 2014-05-30 04:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2014-06-25 17:44 - 2014-05-30 04:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2014-06-25 17:44 - 2014-05-30 04:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2014-06-25 17:44 - 2014-05-30 04:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-06-25 17:44 - 2014-05-30 04:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-06-25 17:44 - 2014-05-30 04:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2014-06-25 17:44 - 2014-05-30 03:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2014-06-25 17:44 - 2014-05-30 03:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-06-25 17:44 - 2014-05-30 03:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-06-25 17:44 - 2014-05-30 03:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2014-06-25 17:44 - 2014-05-30 03:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-06-25 17:44 - 2014-05-30 03:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2014-06-25 17:44 - 2014-05-30 03:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2014-06-25 17:44 - 2014-05-30 03:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2014-06-25 17:44 - 2014-05-30 03:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-06-25 17:44 - 2014-05-30 03:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2014-06-25 17:44 - 2014-05-30 03:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2014-06-25 17:44 - 2014-05-30 03:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2014-06-25 17:44 - 2014-05-30 03:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-06-25 17:44 - 2014-05-30 03:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2014-06-25 17:44 - 2014-05-30 03:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2014-06-25 17:44 - 2014-05-30 03:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2014-06-25 17:44 - 2014-05-30 03:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-06-25 17:44 - 2014-05-30 03:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2014-06-25 17:44 - 2014-05-30 03:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-25 17:44 - 2014-05-30 03:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2014-06-25 17:44 - 2014-05-30 03:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2014-06-25 17:44 - 2014-05-30 03:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2014-06-25 17:44 - 2014-05-30 02:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2014-06-25 17:44 - 2014-05-30 02:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-06-25 17:44 - 2014-05-30 02:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2014-06-25 17:44 - 2014-05-30 02:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2014-06-25 17:44 - 2014-05-30 02:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2014-06-25 17:44 - 2014-05-30 02:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-06-25 17:44 - 2014-05-30 02:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2014-06-25 17:44 - 2014-05-30 02:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-06-25 17:44 - 2014-05-30 02:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2014-06-25 17:44 - 2014-05-30 02:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2014-06-25 17:44 - 2014-05-30 02:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2014-06-25 17:44 - 2014-05-30 02:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2014-06-25 17:44 - 2014-04-04 21:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2014-06-25 17:44 - 2014-04-04 21:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS 2014-06-25 17:44 - 2012-05-04 06:00 - 00366592 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll 2014-06-25 17:44 - 2012-05-04 04:59 - 00514560 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll 2014-06-25 17:43 - 2014-04-11 21:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2014-06-25 17:43 - 2014-04-11 21:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2014-06-25 17:43 - 2014-04-11 21:19 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2014-06-25 17:43 - 2014-04-11 21:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2014-06-25 17:43 - 2014-04-11 21:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2014-06-25 17:43 - 2014-04-11 21:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2014-06-25 17:43 - 2014-04-11 21:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2014-06-25 17:43 - 2014-04-11 21:12 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2014-06-25 17:43 - 2014-04-11 21:10 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2014-06-25 17:43 - 2014-03-04 04:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2014-06-25 17:43 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll 2014-06-25 17:43 - 2014-03-04 04:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe 2014-06-25 17:43 - 2014-03-04 04:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll 2014-06-25 17:43 - 2014-03-04 04:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll 2014-06-25 17:43 - 2014-03-04 04:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll 2014-06-25 17:43 - 2014-03-04 04:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll 2014-06-25 17:43 - 2014-03-04 04:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll 2014-06-25 17:43 - 2014-03-04 04:43 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2014-06-25 17:43 - 2014-03-04 04:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2014-06-25 17:43 - 2014-03-04 04:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2014-06-25 17:43 - 2014-03-04 04:17 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll 2014-06-25 17:43 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll 2014-06-25 17:43 - 2014-03-04 04:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll 2014-06-25 17:43 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe 2014-06-25 17:43 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll 2014-06-25 17:43 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe 2014-06-25 17:43 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe 2014-06-25 17:42 - 2014-03-26 09:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll 2014-06-25 17:42 - 2014-03-26 09:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll 2014-06-25 17:42 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll 2014-06-25 17:42 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll 2014-06-25 17:42 - 2014-03-26 09:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll 2014-06-25 17:42 - 2014-03-26 09:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll 2014-06-25 17:42 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll 2014-06-25 17:42 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll 2014-06-25 17:42 - 2014-03-24 21:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2014-06-25 17:42 - 2013-09-24 21:23 - 01030144 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll 2014-06-25 17:42 - 2013-09-24 20:57 - 00792576 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll 2014-06-25 17:41 - 2014-04-24 21:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll 2014-06-25 17:41 - 2014-04-24 21:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll 2014-06-25 17:41 - 2014-03-24 21:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll 2014-06-25 17:41 - 2014-02-03 21:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys 2014-06-25 17:41 - 2014-02-03 21:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys 2014-06-25 17:41 - 2014-02-03 21:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys 2014-06-25 17:41 - 2014-02-03 21:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll 2014-06-25 17:41 - 2014-02-03 21:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll 2014-06-25 17:30 - 2014-01-23 21:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys ==================== One Month Modified Files and Folders ======= 2014-10-26 15:00 - 2014-06-25 21:49 - 02082816 _____ (Farbar) C:\Users\marian\Desktop\FRST64.exe 2014-10-26 15:00 - 2014-06-25 21:49 - 00380416 _____ () C:\Users\marian\Desktop\su2wfrhd.exe 2014-10-26 14:59 - 2014-06-25 21:49 - 00602112 _____ (OldTimer Tools) C:\Users\marian\Desktop\OTL.exe 2014-06-25 21:50 - 2014-06-25 21:50 - 00044713 _____ () C:\Users\marian\Desktop\FRST.txt 2014-06-25 21:50 - 2014-06-25 21:50 - 00000000 ____D () C:\FRST 2014-06-25 21:50 - 2009-07-14 00:13 - 00006222 _____ () C:\windows\system32\PerfStringBackup.INI 2014-06-25 20:48 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache 2014-06-25 20:22 - 2014-06-25 20:22 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-06-25 20:22 - 2010-04-30 17:14 - 01526921 _____ () C:\windows\WindowsUpdate.log 2014-06-25 20:18 - 2009-07-13 23:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-25 20:18 - 2009-07-13 23:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-25 20:11 - 2013-10-31 14:59 - 00002932 _____ () C:\windows\setupact.log 2014-06-25 20:11 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-06-25 19:29 - 2014-06-25 19:29 - 00000000 __SHD () C:\Users\marian\AppData\Local\EmieUserList 2014-06-25 19:29 - 2014-06-25 19:29 - 00000000 __SHD () C:\Users\marian\AppData\Local\EmieSiteList 2014-06-25 18:59 - 2010-06-27 11:40 - 00076312 _____ () C:\Users\marian\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-25 18:57 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-06-25 18:55 - 2009-07-13 23:45 - 00324368 _____ () C:\windows\system32\FNTCACHE.DAT 2014-06-25 18:54 - 2014-06-25 18:54 - 00098766 _____ () C:\windows\PFRO.log 2014-06-25 18:53 - 2014-06-25 18:53 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-06-25 18:53 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\PolicyDefinitions 2014-06-25 18:03 - 2010-04-30 17:35 - 00000000 ____D () C:\ProgramData\WildTangent 2014-06-25 18:03 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-06-25 17:56 - 2011-02-19 15:23 - 00000000 ____D () C:\Users\marian\AppData\Roaming\Philipp Winterberg 2014-06-25 17:53 - 2014-06-25 17:53 - 00000000 ____D () C:\Users\marian\AppData\Roaming\Roxio Log Files 2014-06-25 17:53 - 2014-06-25 17:52 - 00000353 _____ () C:\windows\SynInst.log 2014-06-25 17:49 - 2010-04-30 17:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-06-25 17:48 - 2010-11-27 13:49 - 00000000 ____D () C:\ProgramData\CyberLink 2014-06-25 17:44 - 2010-07-05 14:04 - 00000000 ____D () C:\ProgramData\Leapfrog 2014-06-25 17:44 - 2010-07-05 14:04 - 00000000 ____D () C:\Program Files (x86)\LeapFrog 2014-06-25 17:38 - 2010-04-30 17:46 - 00000000 ____D () C:\Program Files (x86)\Creative 2014-06-25 17:31 - 2011-02-03 20:43 - 00000000 ____D () C:\Users\marian\AppData\Local\Downloaded Installations 2014-06-25 17:31 - 2011-02-03 20:09 - 00000000 ____D () C:\ProgramData\Fisher-Price 2014-06-25 17:27 - 2010-04-30 17:44 - 00000000 ____D () C:\ProgramData\Cozi 2014-06-25 17:13 - 2010-06-27 13:39 - 00000000 ____D () C:\Users\marian\Tracing 2014-06-08 04:13 - 2014-06-25 17:44 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-06-08 04:08 - 2014-06-25 17:44 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-06-01 17:17 - 2012-07-18 18:23 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-05-30 05:21 - 2014-06-25 17:44 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-05-30 05:02 - 2014-06-25 17:44 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-05-30 05:02 - 2014-06-25 17:44 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2014-05-30 04:45 - 2014-06-25 17:44 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-05-30 04:39 - 2014-06-25 17:44 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2014-05-30 04:39 - 2014-06-25 17:44 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-05-30 04:38 - 2014-06-25 17:44 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2014-05-30 04:28 - 2014-06-25 17:44 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-05-30 04:27 - 2014-06-25 17:44 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-05-30 04:24 - 2014-06-25 17:44 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2014-05-30 04:21 - 2014-06-25 17:44 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2014-05-30 04:21 - 2014-06-25 17:44 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2014-05-30 04:20 - 2014-06-25 17:44 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2014-05-30 04:18 - 2014-06-25 17:44 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2014-05-30 04:11 - 2014-06-25 17:44 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2014-05-30 04:08 - 2014-06-25 17:44 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-05-30 04:06 - 2014-06-25 17:44 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-05-30 04:02 - 2014-06-25 17:44 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2014-05-30 03:55 - 2014-06-25 17:44 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2014-05-30 03:49 - 2014-06-25 17:44 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-05-30 03:46 - 2014-06-25 17:44 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-05-30 03:44 - 2014-06-25 17:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2014-05-30 03:44 - 2014-06-25 17:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-05-30 03:43 - 2014-06-25 17:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2014-05-30 03:42 - 2014-06-25 17:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2014-05-30 03:38 - 2014-06-25 17:44 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2014-05-30 03:35 - 2014-06-25 17:44 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-05-30 03:34 - 2014-06-25 17:44 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2014-05-30 03:33 - 2014-06-25 17:44 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2014-05-30 03:30 - 2014-06-25 17:44 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2014-05-30 03:29 - 2014-06-25 17:44 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-05-30 03:28 - 2014-06-25 17:44 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2014-05-30 03:27 - 2014-06-25 17:44 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2014-05-30 03:24 - 2014-06-25 17:44 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2014-05-30 03:23 - 2014-06-25 17:44 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-05-30 03:16 - 2014-06-25 17:44 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2014-05-30 03:10 - 2014-06-25 17:44 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-30 03:06 - 2014-06-25 17:44 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2014-05-30 03:04 - 2014-06-25 17:44 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2014-05-30 03:02 - 2014-06-25 17:44 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2014-05-30 02:56 - 2014-06-25 17:44 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2014-05-30 02:56 - 2014-06-25 17:44 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-05-30 02:54 - 2014-06-25 17:44 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2014-05-30 02:50 - 2014-06-25 17:44 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2014-05-30 02:49 - 2014-06-25 17:44 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2014-05-30 02:43 - 2014-06-25 17:44 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-05-30 02:40 - 2014-06-25 17:44 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2014-05-30 02:30 - 2014-06-25 17:44 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-05-30 02:21 - 2014-06-25 17:44 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2014-05-30 02:15 - 2014-06-25 17:44 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2014-05-30 02:13 - 2014-06-25 17:44 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2014-05-30 02:13 - 2014-06-25 17:44 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll Some content of TEMP: ==================== C:\Users\marian\AppData\Local\Temp\setup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-25 20:41 ==================== End Of Log ============================