Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slow laptop - %100 CPU usage [Solved]


  • This topic is locked This topic is locked

#1
KOTARE33

KOTARE33

    Member

  • Member
  • PipPip
  • 26 posts
I've uploaded an OTL report - if any one can help me, it'd be greatly appreciated.

Jesse.

OTL logfile created on: 4/04/2013 3:03:28 a.m. - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\KOTARE\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

5.87 Gb Total Physical Memory | 3.19 Gb Available Physical Memory | 54.38% Memory free
11.74 Gb Paging File | 8.02 Gb Available in Paging File | 68.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596.07 Gb Total Space | 73.80 Gb Free Space | 12.38% Space Free | Partition Type: NTFS
Drive F: | 2.86 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 203.85 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: KINGFISHER | User Name: KOTARE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\KOTARE\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\ProgramData\2degrees Mobile Broadband\OnlineUpdate\ouc.exe ()
PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Program Files (x86)\Digidesign\Pro Tools\MMERefresh.exe (Avid Technology, Inc.)
PRC - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe (PACE Anti-Piracy, Inc.)
PRC - C:\Program Files (x86)\Avid\Mbox Pro\AudioDevMon.exe (Avid)
PRC - C:\Program Files (x86)\Avid\Mbox\AudioDevMon.exe (Avid)
PRC - C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe (TOSHIBA Corporation)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)


========== Modules (No Company Name) ==========

MOD - C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll ()
MOD - C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\libglesv2.dll ()
MOD - C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\libegl.dll ()
MOD - C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy\sqlite3.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Fennel.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Chai.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Mate.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (MacDrive8ServiceD) -- C:\Program Files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe (Mediafour Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (O2FLASH) -- C:\Windows\SysNative\drivers\o2flash.exe (O2Micro International)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (2degrees Mobile Broadband. RunOuc) -- C:\Program Files (x86)\2degrees Mobile Broadband\UpdateDog\ouc.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe ()
SRV - (DigiRefresh) -- C:\Program Files (x86)\Digidesign\Pro Tools\MMERefresh.exe (Avid Technology, Inc.)
SRV - (digiSPTIService) -- C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe (Avid Technology, Inc.)
SRV - (PaceLicenseDServices) -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe (PACE Anti-Piracy, Inc.)
SRV - (MboxProAudioDevMon) -- C:\Program Files (x86)\Avid\Mbox Pro\AudioDevMon.exe (Avid)
SRV - (MboxAudioDevMon) -- C:\Program Files (x86)\Avid\Mbox\AudioDevMon.exe (Avid)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (cfWiMAXService) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ConfigFree Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)


========== Driver Services (SafeList) ==========

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (huawei_cdcacm) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (Tpkd) -- C:\Windows\SysNative\drivers\Tpkd.sys (PACE Anti-Piracy, Inc.)
DRV:64bit: - (DigiNet) -- C:\Windows\SysNative\drivers\diginet.sys (Avid Technology, Inc.)
DRV:64bit: - (MBOXPRO) -- C:\Windows\SysNative\drivers\AvidMboxPro.sys (Avid)
DRV:64bit: - (O2MDGRDR) -- C:\Windows\SysNative\drivers\o2mdgx64.sys (O2Micro )
DRV:64bit: - (rtl8192se) -- C:\Windows\SysNative\drivers\rtl8192se.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (MDFSYSNT) -- C:\Windows\SysNative\drivers\MDFSYSNT.SYS (Mediafour Corporation)
DRV:64bit: - (MDPMGRNT) -- C:\Windows\SysNative\drivers\MDPMGRNT.SYS (Mediafour Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (hidshim) -- C:\Windows\SysNative\drivers\hidshim.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (nuvotonhidcir) -- C:\Windows\SysNative\drivers\nuvotonhidcir.sys (Nuvoton Technology Corporation)
DRV:64bit: - (nuvotoncir) -- C:\Windows\SysNative\drivers\nuvotoncir.sys (Nuvoton Technology Corporation)
DRV:64bit: - (O2SDGRDR) -- C:\Windows\SysNative\drivers\o2sdgx64.sys (O2Micro )
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Thpevm) -- C:\Windows\SysNative\drivers\Thpevm.sys (TOSHIBA Corporation)
DRV:64bit: - (QIOMem) -- C:\Windows\SysNative\drivers\QIOMem.sys (TOSHIBA)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (Null) -- C:\Windows\SysWow64\null ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-sea...000000000000000
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://msn.co.nz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-nz
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 16 25 A7 5D 11 E7 CB 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-sea...000000000000000
IE - HKCU\..\SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}: "URL" = http://search.hotspo...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: {5384767E-00D9-40E9-B72F-9CC39D655D6F}:1.4.1.1
FF - prefs.js..extensions.enabledAddons: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.4.0.8
FF - prefs.js..extensions.enabledAddons: [email protected]:1.6
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.startup.homepage: "http://www.delta-sea...00000000000000"


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\KOTARE\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\KOTARE\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/23 12:37:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/23 12:37:32 | 000,000,000 | ---D | M]

[2011/05/05 14:56:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KOTARE\AppData\Roaming\Mozilla\Extensions
[2013/02/08 21:38:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KOTARE\AppData\Roaming\Mozilla\Firefox\Profiles\16l6k7q3.default\extensions
[2012/07/06 18:45:30 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\KOTARE\AppData\Roaming\Mozilla\Firefox\Profiles\16l6k7q3.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2012/07/06 18:45:31 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\KOTARE\AppData\Roaming\Mozilla\Firefox\Profiles\16l6k7q3.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2013/02/07 11:19:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KOTARE\AppData\Roaming\Mozilla\Firefox\Profiles\16l6k7q3.default\extensions\[email protected]
[2012/07/06 18:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KOTARE\AppData\Roaming\Mozilla\Firefox\Profiles\16l6k7q3.default\extensions\staged
[2012/04/14 01:14:34 | 000,102,481 | ---- | M] () (No name found) -- C:\Users\KOTARE\AppData\Roaming\Mozilla\Firefox\Profiles\16l6k7q3.default\extensions\[email protected]
[2012/05/18 23:01:58 | 000,102,488 | ---- | M] () (No name found) -- C:\Users\KOTARE\AppData\Roaming\Mozilla\Firefox\Profiles\16l6k7q3.default\extensions\staged\[email protected]
[2013/02/07 11:19:41 | 000,001,294 | ---- | M] () -- C:\Users\KOTARE\AppData\Roaming\Mozilla\Firefox\Profiles\16l6k7q3.default\searchplugins\delta.xml
[2012/07/06 18:18:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/30 22:48:38 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/29 04:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2013/02/07 11:19:24 | 000,006,526 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/03/30 22:48:35 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/30 22:48:35 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Java™ Platform SE 7 U15 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Space International - EasyKeytec-plugin (Enabled) = C:\Program Files (x86)\Space International\Easykeytec v2.0\npEZKeytecPlugin.dll
CHR - plugin: Space International - EasyKeytec-plugins (Enabled) = C:\Program Files (x86)\Space International\Easykeytec v2.0\npEZKeytecPlugins.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\KOTARE\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
CHR - plugin: Java Deployment Toolkit 7.0.150.3 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\KOTARE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\KOTARE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\KOTARE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: SoundCloud Downloader - Technowise = C:\Users\KOTARE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdbkpkilkooakdpmknhgjlepdnjgnadc\0.71_0\
CHR - Extension: Google Search = C:\Users\KOTARE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Tampermonkey = C:\Users\KOTARE\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\2.12.3124.133_0\
CHR - Extension: FBPHOTOZOOM = C:\Users\KOTARE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\2.2_0\
CHR - Extension: Gmail = C:\Users\KOTARE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011/04/10 21:25:55 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [MacDrive 8 application for Digidesign] C:\Program Files\Mediafour\MacDrive 8\MacDriveD.exe (Mediafour Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Pro Tools\MMERefresh.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.15.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C2FF611-9BF1-4FFC-A07D-CE48924C3700}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E0E735C-4C00-49C7-9D38-3E57306404A5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94476319-02EE-40C6-B7A5-BC18487E63C0}: DhcpNameServer = 202.27.158.40 202.27.156.72
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/30 06:34:26 | 000,231,823 | R--- | M] () - F:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2011/10/28 19:20:41 | 000,000,080 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{8ae5e0cc-841a-11e0-83dc-c80aa995c126}\Shell - "" = AutoRun
O33 - MountPoints2\{8ae5e0cc-841a-11e0-83dc-c80aa995c126}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2012/02/21 02:05:04 | 001,145,907 | R--- | M] (Firaxis )
O33 - MountPoints2\{9ad69342-3e33-11e2-a811-c80aa995c126}\Shell - "" = AutoRun
O33 - MountPoints2\{9ad69342-3e33-11e2-a811-c80aa995c126}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{a4d077bf-138a-11e2-8932-c80aa995c126}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d077bf-138a-11e2-8932-c80aa995c126}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a4d077d1-138a-11e2-8932-c80aa995c126}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d077d1-138a-11e2-8932-c80aa995c126}\Shell\AutoRun\command - "" = Z:\AutoRun.exe
O33 - MountPoints2\Z\Shell - "" = AutoRun
O33 - MountPoints2\Z\Shell\AutoRun\command - "" = Z:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/04 03:03:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\KOTARE\Desktop\OTL.exe
[2013/04/04 02:59:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2013/04/04 02:56:48 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\KOTARE\Desktop\spybotsd162.exe
[2013/04/04 02:47:27 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\Desktop\tdsskiller
[2013/04/04 02:28:02 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013/04/04 02:28:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013/04/04 02:27:37 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/04/04 02:27:36 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/04/04 02:27:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/04/04 02:27:35 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/04/04 02:27:35 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013/04/04 02:27:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/04/04 02:27:34 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/04/04 02:27:34 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/04/04 02:27:34 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/04/04 02:27:34 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/04/04 02:27:34 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/04/04 02:27:34 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/04/04 02:27:34 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/04/04 02:27:34 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/04/04 02:27:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/04/04 02:27:34 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/04/04 02:27:34 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/04/04 02:27:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/04/04 02:27:34 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/04/04 02:27:33 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/04/04 02:27:33 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/04/04 02:27:33 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/04/04 02:27:33 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/04/04 02:27:32 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/04/04 02:27:32 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/04/04 02:26:06 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2013/04/04 02:26:05 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2013/04/04 02:26:05 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2013/04/04 02:26:05 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2013/04/04 01:26:11 | 002,406,064 | ---- | C] (Trend Micro Inc.) -- C:\Users\KOTARE\Desktop\HousecallLauncher64.exe
[2013/04/03 15:01:35 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\Desktop\attachments (1)
[2013/04/02 21:13:27 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\Desktop\attachments
[2013/04/02 14:57:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VST3
[2013/04/02 14:57:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Propellerhead Software
[2013/04/02 14:57:23 | 000,007,744 | ---- | C] (Altiris) -- C:\Windows\SysWow64\HookDll.dll
[2013/04/02 14:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves
[2013/04/02 14:57:23 | 000,000,000 | ---D | C] -- C:\Program Files\VSTPlugIns
[2013/04/02 14:14:37 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/04/02 14:14:37 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/04/02 14:14:36 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/04/02 14:14:36 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/04/02 14:14:29 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/04/02 14:14:29 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/04/02 14:14:25 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/04/02 14:14:25 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/02 14:14:25 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/02 14:14:25 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/02 14:14:25 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/02 14:14:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/02 14:14:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/02 14:14:25 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/02 14:14:25 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/02 14:14:24 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/04/02 14:14:24 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/04/02 14:14:24 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/04/02 14:14:24 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/04/02 14:14:24 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/02 14:14:24 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/02 14:14:24 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/02 14:14:24 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/02 14:14:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/02 14:14:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/02 14:14:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/02 14:14:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/02 14:14:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/02 14:14:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/02 14:14:23 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/04/02 14:14:23 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/04/02 14:14:23 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/04/02 14:14:23 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/04/02 14:14:23 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/04/02 14:14:22 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/04/02 14:14:22 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/04/02 14:14:22 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/04/02 14:14:21 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/04/02 14:14:21 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/04/02 14:14:20 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/04/02 14:14:20 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/04/02 14:13:18 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/04/02 14:13:18 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/04/02 14:13:18 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/04/02 14:13:18 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/04/02 14:13:18 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/04/02 14:13:18 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/04/02 14:13:18 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/04/02 14:13:18 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/04/02 14:13:18 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/04/02 14:13:18 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/04/02 14:13:18 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/04/02 14:13:18 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/04/02 14:13:18 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/04/02 14:13:18 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/04/02 14:13:18 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/04/02 14:13:18 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/04/02 14:13:18 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/04/02 14:13:18 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/04/02 14:13:17 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/04/02 14:13:17 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/04/02 14:13:17 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/04/02 14:13:17 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/04/02 14:13:17 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/04/02 14:13:17 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/04/02 14:13:16 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/04/02 14:13:16 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/04/02 14:13:16 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/04/02 14:13:16 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/04/02 14:13:16 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/04/02 14:13:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/04/02 14:13:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/04/02 14:13:15 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/04/02 14:12:15 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/04/02 14:12:14 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/04/02 14:12:14 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/04/02 14:12:12 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/04/02 14:12:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/04/02 14:12:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/04/02 14:12:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/04/02 14:12:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/04/02 14:12:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/04/02 14:12:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/04/02 14:12:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/04/02 14:12:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/04/02 14:12:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/04/02 14:12:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/04/02 14:12:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/04/02 14:12:11 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/04/02 14:12:11 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/04/02 14:12:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/04/02 14:12:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/04/02 14:12:11 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/04/02 14:12:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/04/02 14:12:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/04/02 14:12:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/04/02 14:12:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/04/02 14:12:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/04/02 14:12:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/04/02 14:12:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/04/02 14:12:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/04/02 14:12:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/04/02 14:12:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/04/02 14:12:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/04/02 14:12:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/04/02 14:12:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/04/02 14:12:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/04/02 14:12:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/04/02 14:12:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/04/02 14:12:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/04/02 14:12:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/04/02 14:12:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/04/02 14:12:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/04/02 14:12:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/04/02 14:12:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/04/02 14:12:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/04/02 14:12:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/04/02 14:12:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/04/02 14:12:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/04/02 14:12:09 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/04/02 14:12:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/04/02 14:12:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/04/02 14:12:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/04/02 14:12:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/04/02 14:12:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/04/02 14:12:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/04/02 14:12:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/04/02 14:12:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/04/02 14:12:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/04/02 14:12:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/04/02 14:12:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/04/02 14:12:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/04/02 14:12:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/04/02 14:12:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/04/02 14:12:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/04/02 14:12:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/04/02 14:10:40 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2013/04/02 14:10:40 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2013/04/02 14:10:39 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2013/04/02 14:10:37 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2013/04/02 14:10:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2013/04/02 14:10:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2013/04/02 14:09:57 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2013/04/02 14:09:56 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2013/04/02 14:09:56 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2013/04/02 14:09:46 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/04/02 14:08:55 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/04/02 14:08:45 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2013/04/02 14:08:41 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/04/02 13:57:44 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013/04/02 13:57:44 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013/04/02 13:57:44 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013/04/01 15:37:50 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\Desktop\COLD AIR DESKTOP FILES
[2013/04/01 15:33:11 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\Desktop\Other people's beats
[2013/03/30 15:27:08 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\Desktop\ttaplugin-foobar-3.2
[2013/03/30 15:01:30 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\Desktop\ttaplugin-foobar-2.4.2
[2013/03/26 11:23:55 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\Desktop\__MACOSX
[2013/03/26 10:36:17 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\Desktop\Yamaha CS-50 Service Manual
[2013/03/23 12:42:51 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\AppData\Roaming\MPEG Streamclip
[2013/03/23 12:37:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/03/23 12:36:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013/03/23 12:29:00 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\AppData\Local\Xilisoft
[2013/03/23 12:28:59 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\AppData\Roaming\Xilisoft
[2013/03/23 12:13:19 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\AppData\Roaming\ImgBurn
[2013/03/23 12:06:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2013/03/23 12:06:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2013/03/23 11:28:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/03/23 11:11:10 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\AppData\Roaming\HandBrake
[2013/03/23 11:10:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
[2013/03/23 11:06:04 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\ssubtmr6.dll
[2013/03/23 11:06:04 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\Windows\SysWow64\trayicon_handler.ocx
[2013/03/23 10:41:06 | 000,000,000 | ---D | C] -- C:\OutputFolder
[2013/03/23 10:35:41 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\AppData\Local\{DCFE4D2A-BC23-4203-BE4C-48D388E2E389}
[2013/03/22 16:56:08 | 000,000,000 | ---D | C] -- C:\my dvd
[2013/03/22 16:54:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy WMV ASF ASX to DVD Burner
[2013/03/22 16:42:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2013/03/22 16:36:15 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\Desktop\BCA FINAL VIDEOS
[2013/03/22 16:23:17 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\AppData\Roaming\Ashampoo
[2013/03/22 16:23:10 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\AppData\Local\ashampoo
[2013/03/22 16:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Ashampoo
[2013/03/22 14:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SP-404SX Wave Converter
[2013/03/18 06:45:31 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\AppData\Local\{6D2C944F-B47D-49DB-B5E8-03480422931C}
[2013/03/18 06:34:31 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\Desktop\Burrs
[2013/03/16 17:48:30 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\Desktop\KOTARE files for Riki
[2013/03/15 21:45:08 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/15 21:45:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/15 21:45:07 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/15 21:45:06 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/15 21:45:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/15 21:45:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/15 21:45:06 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/15 21:45:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/15 21:45:05 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/15 21:45:04 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/15 21:45:04 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/15 21:45:03 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/15 21:45:01 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/15 21:45:01 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/15 21:45:00 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/15 21:44:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/15 21:42:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/15 21:42:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/03/15 19:35:38 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\Documents\REAPER Media
[2013/03/15 19:16:55 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\AppData\Roaming\REAPER
[2013/03/15 15:20:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
[2013/03/15 15:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\REAPER (x64)
[2013/03/14 18:39:59 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\AppData\Local\{DB9EA733-0750-46E0-9D31-820A1C45E44C}
[2013/03/11 21:42:24 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\Desktop\iphone pics
[2013/03/07 20:31:26 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\AppData\Local\{8E910EC5-C92B-4B35-9ABA-0A85AA7C30A0}
[2013/03/05 21:12:24 | 000,000,000 | ---D | C] -- C:\Users\KOTARE\AppData\Local\{56AFC176-9642-4004-9794-1F56006ED356}
[2012/03/19 04:00:00 | 001,961,984 | ---- | C] (Waves Audio Ltd.) -- C:\Program Files\WaveShell-VST 9.0_x64.dll
[2012/03/19 04:00:00 | 001,482,752 | ---- | C] (Waves Audio Ltd.) -- C:\Program Files (x86)\WaveShell-VST 9.0.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\KOTARE\Desktop\*.tmp files -> C:\Users\KOTARE\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/04/04 03:05:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-162548572-3568678463-845937623-1000UA.job
[2013/04/04 03:03:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KOTARE\Desktop\OTL.exe
[2013/04/04 02:59:44 | 000,001,280 | ---- | M] () -- C:\Users\KOTARE\Desktop\Spybot - Search & Destroy (for blind users).lnk
[2013/04/04 02:59:44 | 000,001,258 | ---- | M] () -- C:\Users\KOTARE\Desktop\Spybot - Search & Destroy.lnk
[2013/04/04 02:57:34 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\KOTARE\Desktop\spybotsd162.exe
[2013/04/04 02:43:24 | 002,218,636 | ---- | M] () -- C:\Users\KOTARE\Desktop\tdsskiller.zip
[2013/04/04 02:40:07 | 000,015,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/04 02:40:07 | 000,015,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/04 02:32:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/04 02:31:32 | 433,438,719 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/04 01:58:55 | 000,849,039 | ---- | M] () -- C:\Users\KOTARE\AppData\Local\census.cache
[2013/04/04 01:58:04 | 000,118,660 | ---- | M] () -- C:\Users\KOTARE\AppData\Local\ars.cache
[2013/04/04 01:27:04 | 000,000,036 | ---- | M] () -- C:\Users\KOTARE\AppData\Local\housecall.guid.cache
[2013/04/04 01:26:47 | 002,406,064 | ---- | M] (Trend Micro Inc.) -- C:\Users\KOTARE\Desktop\HousecallLauncher64.exe
[2013/04/03 14:05:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-162548572-3568678463-845937623-1000Core.job
[2013/04/03 06:00:12 | 004,256,984 | ---- | M] () -- C:\Users\KOTARE\Desktop\constantine ccc.mp3
[2013/04/02 14:58:17 | 000,001,782 | ---- | M] () -- C:\Users\Public\Desktop\GTR 3.5.lnk
[2013/04/02 14:57:25 | 000,001,782 | ---- | M] () -- C:\Users\Public\Desktop\Waves License Center.lnk
[2013/04/02 14:31:33 | 000,000,282 | ---- | M] () -- C:\Windows\SysWow64\null
[2013/04/02 14:25:40 | 000,308,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/02 13:57:29 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013/04/02 13:57:29 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013/04/02 13:57:29 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013/04/01 18:41:24 | 003,854,474 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/01 18:41:24 | 001,745,246 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/01 18:41:24 | 000,005,152 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/30 22:54:31 | 1095,159,226 | ---- | M] () -- C:\Users\KOTARE\Desktop\FULL SET 1.wav
[2013/03/30 22:44:01 | 000,126,163 | ---- | M] () -- C:\Users\KOTARE\Desktop\CATLINS FINAL 404 SET.flp
[2013/03/25 16:26:39 | 000,003,352 | ---- | M] () -- C:\bootsqm.dat
[2013/03/23 14:47:03 | 043,114,029 | ---- | M] () -- C:\Users\KOTARE\Desktop\SM100.mp4
[2013/03/23 11:28:59 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/03/22 16:55:04 | 000,000,066 | ---- | M] () -- C:\Windows\Easy WMV ASF ASX to DVD Burner.INI
[2013/03/22 14:56:27 | 000,000,876 | ---- | M] () -- C:\Users\KOTARE\Desktop\SP-404SX Wave Converter.lnk
[2013/03/15 15:20:24 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\REAPER (x64).lnk
[2013/03/15 15:18:28 | 008,353,368 | ---- | M] () -- C:\Users\KOTARE\Desktop\reaper432_x64-install.exe
[2013/03/12 13:49:57 | 000,599,940 | ---- | M] () -- C:\Users\KOTARE\Desktop\2200 Stereo Power Amplifier - English Manual (1).pdf
[2013/03/07 23:38:38 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/07 02:07:07 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2013/03/05 20:44:27 | 456,105,556 | ---- | M] () -- C:\Users\KOTARE\Desktop\pro one 1b.flp
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\KOTARE\Desktop\*.tmp files -> C:\Users\KOTARE\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/04/04 02:59:44 | 000,001,280 | ---- | C] () -- C:\Users\KOTARE\Desktop\Spybot - Search & Destroy (for blind users).lnk
[2013/04/04 02:59:44 | 000,001,258 | ---- | C] () -- C:\Users\KOTARE\Desktop\Spybot - Search & Destroy.lnk
[2013/04/04 02:43:03 | 002,218,636 | ---- | C] () -- C:\Users\KOTARE\Desktop\tdsskiller.zip
[2013/04/04 02:28:04 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/04/04 02:26:05 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/04/04 01:58:55 | 000,849,039 | ---- | C] () -- C:\Users\KOTARE\AppData\Local\census.cache
[2013/04/04 01:58:04 | 000,118,660 | ---- | C] () -- C:\Users\KOTARE\AppData\Local\ars.cache
[2013/04/04 01:27:04 | 000,000,036 | ---- | C] () -- C:\Users\KOTARE\AppData\Local\housecall.guid.cache
[2013/04/03 05:59:56 | 004,256,984 | ---- | C] () -- C:\Users\KOTARE\Desktop\constantine ccc.mp3
[2013/04/02 14:58:17 | 000,001,782 | ---- | C] () -- C:\Users\Public\Desktop\GTR 3.5.lnk
[2013/04/02 14:57:25 | 000,001,782 | ---- | C] () -- C:\Users\Public\Desktop\Waves License Center.lnk
[2013/04/02 14:31:33 | 000,000,282 | ---- | C] () -- C:\Windows\SysWow64\null
[2013/03/30 22:53:05 | 1095,159,226 | ---- | C] () -- C:\Users\KOTARE\Desktop\FULL SET 1.wav
[2013/03/30 18:49:45 | 000,126,163 | ---- | C] () -- C:\Users\KOTARE\Desktop\CATLINS FINAL 404 SET.flp
[2013/03/25 19:23:58 | 027,307,408 | ---- | C] () -- C:\Users\KOTARE\Desktop\Black Ash 2.wav
[2013/03/25 16:26:39 | 000,003,352 | ---- | C] () -- C:\bootsqm.dat
[2013/03/23 14:45:49 | 043,114,029 | ---- | C] () -- C:\Users\KOTARE\Desktop\SM100.mp4
[2013/03/23 12:06:17 | 000,001,877 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2013/03/23 11:28:59 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/03/22 16:55:01 | 000,000,066 | ---- | C] () -- C:\Windows\Easy WMV ASF ASX to DVD Burner.INI
[2013/03/22 14:56:27 | 000,000,876 | ---- | C] () -- C:\Users\KOTARE\Desktop\SP-404SX Wave Converter.lnk
[2013/03/15 19:52:42 | 000,000,869 | ---- | C] () -- C:\Users\KOTARE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Suite.lnk
[2013/03/15 15:20:24 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\REAPER (x64).lnk
[2013/03/15 15:18:03 | 008,353,368 | ---- | C] () -- C:\Users\KOTARE\Desktop\reaper432_x64-install.exe
[2013/03/12 13:49:57 | 000,599,940 | ---- | C] () -- C:\Users\KOTARE\Desktop\2200 Stereo Power Amplifier - English Manual (1).pdf
[2013/03/05 19:42:54 | 456,105,556 | ---- | C] () -- C:\Users\KOTARE\Desktop\pro one 1b.flp
[2012/12/15 20:17:34 | 000,017,408 | ---- | C] () -- C:\Windows\SysWow64\minimp3.exe
[2012/09/27 20:24:23 | 000,007,633 | ---- | C] () -- C:\Users\KOTARE\AppData\Local\Resmon.ResmonCfg
[2012/04/13 20:18:37 | 000,000,222 | ---- | C] () -- C:\Users\KOTARE\.swfinfo
[2012/02/21 03:09:31 | 000,000,055 | ---- | C] () -- C:\Windows\SQ.INI
[2011/12/03 14:54:20 | 000,002,830 | ---- | C] () -- C:\Users\KOTARE\.recently-used.xbel

========== ZeroAccess Check ==========

[2009/07/14 17:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 18:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 17:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 14:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 16:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 14:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

Attached Files

  • Attached File  OTL.Txt   132.07KB   26 downloads

  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello KOTARE33

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#3
KOTARE33

KOTARE33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Many thanks

Security Check txt:

Results of screen317's Security Check version 0.99.61
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.70.0.1100
Java™ 6 Update 22
Java™ 6 Update 27
Java 7 Update 15
Java version out of Date!
Adobe Flash Player 11.6.602.171
Adobe Reader 10.1.6 Adobe Reader out of Date!
Mozilla Firefox 11.0 Firefox out of Date!
Google Chrome 25.0.1364.172
Google Chrome 26.0.1410.43
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbam.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
2degrees Mobile Broadband OnlineUpdate ouc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 15% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
  • 0

#4
KOTARE33

KOTARE33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
# AdwCleaner v2.200 - Logfile created 04/04/2013 at 10:35:58
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : KOTARE - KINGFISHER
# Boot Mode : Normal
# Running from : C:\Users\KOTARE\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\KOTARE\AppData\Roaming\Mozilla\Firefox\Profiles\16l6k7q3.default\searchplugins\delta.xml
Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\fbphotozoom
Folder Deleted : C:\Users\KOTARE\AppData\Local\OpenCandy
Folder Deleted : C:\Users\KOTARE\AppData\Roaming\Mozilla\Firefox\Profiles\16l6k7q3.default\extensions\[email protected]
Folder Deleted : C:\Users\KOTARE\AppData\Roaming\Mozilla\Firefox\Profiles\16l6k7q3.default\extensions\staged
Folder Deleted : C:\Users\KOTARE\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119753&tt=060213_noccp&babsrc=HP_ss&mntrId=02976f69000000000000000000000000 --> hxxp://www.google.com

-\\ Mozilla Firefox v11.0 (en-US)

File : C:\Users\KOTARE\AppData\Roaming\Mozilla\Firefox\Profiles\16l6k7q3.default\prefs.js

C:\Users\KOTARE\AppData\Roaming\Mozilla\Firefox\Profiles\16l6k7q3.default\user.js ... Deleted !

Deleted : user_pref("browser.search.selectedEngine", "Delta Search");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119753&tt=060[...]
Deleted : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?affID=119753&tt=060213_noccp&bab[...]

-\\ Google Chrome v26.0.1410.43

File : C:\Users\KOTARE\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3366 octets] - [04/04/2013 10:35:11]
AdwCleaner[S1].txt - [3189 octets] - [04/04/2013 10:35:58]

########## EOF - C:\AdwCleaner[S1].txt - [3249 octets] ##########
  • 0

#5
KOTARE33

KOTARE33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : KOTARE [Admin rights]
Mode : Remove -- Date : 04/04/2013 10:47:23
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] ouc.exe -- C:\ProgramData\2degrees Mobile Broadband\OnlineUpdate\ouc.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 3 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK6465GSX +++++
--- User ---
[MBR] c4a7161b6a04617324ada1e8e6e99a35
[BSP] f22a1020c3ae33691ec4576bb324c392 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 610378 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_04042013_02d1047.txt >>
RKreport[1]_S_04042013_02d1045.txt ; RKreport[2]_D_04042013_02d1047.txt
  • 0

#6
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello KOTARE33

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#7
KOTARE33

KOTARE33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Here is the logfile from Combofix.

The CPU is running %100 at the moment (the original problem). Symptom is that it won't do that until after a while and then it'll run at %100 until I restart. explorer is using up %85 - I can't see where the other %15 is coming from.








ComboFix 13-04-02.01 - KOTARE 04/04/2013 20:05:44.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.6012.4277 [GMT 13:00]
Running from: c:\users\KOTARE\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-03-04 to 2013-04-04 )))))))))))))))))))))))))))))))
.
.
2013-04-04 07:16 . 2013-04-04 07:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-03 13:28 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-04-03 13:28 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-04-03 13:28 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-04-03 13:28 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-04-03 13:26 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-04-03 13:26 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-04-03 13:26 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-04-03 13:26 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-04-03 13:26 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-04-03 13:26 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-04-03 13:26 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-04-03 13:25 . 2013-03-15 06:28 9311288 -c--a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{32391188-4334-46E5-97EF-22A0E977C825}\mpengine.dll
2013-04-02 01:57 . 2013-04-02 01:57 -------- dc----w- c:\program files (x86)\Common Files\VST3
2013-04-02 01:57 . 2013-04-02 01:57 -------- dc----w- c:\program files (x86)\Common Files\Propellerhead Software
2013-04-02 01:57 . 2013-04-02 01:57 -------- dc----w- c:\program files\VSTPlugIns
2013-04-02 01:13 . 2012-12-07 11:20 30720 ----a-w- c:\windows\system32\usk.rs
2013-04-02 01:12 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-04-02 01:10 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll
2013-04-02 01:10 . 2012-10-03 16:42 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2013-04-02 01:10 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll
2013-04-02 01:10 . 2012-10-03 17:44 303104 ----a-w- c:\windows\system32\nlasvc.dll
2013-04-02 01:10 . 2012-10-03 17:42 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2013-04-02 01:10 . 2012-10-03 16:42 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2013-04-02 01:10 . 2012-10-03 16:07 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-04-02 01:10 . 2012-01-13 07:12 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2013-04-02 01:10 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll
2013-04-02 01:10 . 2012-10-03 17:44 18944 ----a-w- c:\windows\system32\netevent.dll
2013-04-02 01:10 . 2012-10-03 16:42 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2013-04-02 01:09 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-04-02 01:09 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-04-02 01:09 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2013-04-02 01:09 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2013-04-02 01:09 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll
2013-04-02 01:09 . 2012-11-22 04:45 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2013-04-02 01:08 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
2013-04-02 01:08 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-04-02 01:08 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-04-02 01:08 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-04-02 01:08 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-04-02 01:08 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-04-02 01:08 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-04-02 01:08 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2013-04-02 01:08 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-04-02 01:08 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-02 00:57 . 2013-04-02 00:57 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-04-02 00:57 . 2013-04-02 00:57 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-04-02 00:57 . 2013-04-02 00:57 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-03-22 23:42 . 2013-03-22 23:42 -------- dc----w- c:\users\KOTARE\AppData\Roaming\MPEG Streamclip
2013-03-22 23:29 . 2013-03-22 23:29 -------- d-----w- c:\users\KOTARE\AppData\Local\Xilisoft
2013-03-22 23:28 . 2013-03-22 23:28 -------- dc----w- c:\users\KOTARE\AppData\Roaming\Xilisoft
2013-03-22 23:13 . 2013-03-22 23:14 -------- dc----w- c:\users\KOTARE\AppData\Roaming\ImgBurn
2013-03-22 23:06 . 2013-03-22 23:06 -------- dc----w- c:\program files (x86)\ImgBurn
2013-03-22 22:11 . 2013-03-22 23:50 -------- dc----w- c:\users\KOTARE\AppData\Roaming\HandBrake
2013-03-22 22:06 . 2007-08-31 05:36 36864 ----a-w- c:\windows\SysWow64\trayicon_handler.ocx
2013-03-22 22:06 . 2003-01-26 00:41 40960 ----a-w- c:\windows\SysWow64\ssubtmr6.dll
2013-03-22 21:41 . 2013-03-22 21:41 -------- d-----w- C:\OutputFolder
2013-03-22 03:56 . 2013-03-22 03:56 -------- d-----w- C:\my dvd
2013-03-22 03:54 . 2013-04-02 01:29 -------- dc----w- c:\program files (x86)\Easy WMV ASF ASX to DVD Burner
2013-03-22 03:23 . 2013-03-22 03:23 -------- dc----w- c:\users\KOTARE\AppData\Roaming\Ashampoo
2013-03-22 03:23 . 2013-03-22 03:23 -------- d-----w- c:\users\KOTARE\AppData\Local\ashampoo
2013-03-22 03:23 . 2013-03-22 03:23 -------- d-----w- c:\programdata\Ashampoo
2013-03-15 08:44 . 2013-02-02 06:51 887808 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2013-03-15 08:44 . 2013-02-02 06:50 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2013-03-15 08:44 . 2013-02-02 03:32 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll
2013-03-15 08:44 . 2013-02-02 03:31 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll
2013-03-15 08:44 . 2013-02-02 07:31 17815040 ----a-w- c:\windows\system32\mshtml.dll
2013-03-15 08:44 . 2013-02-02 06:58 10925568 ----a-w- c:\windows\system32\ieframe.dll
2013-03-15 08:42 . 2013-03-15 08:42 -------- dc----w- c:\program files\Microsoft Silverlight
2013-03-15 08:42 . 2013-03-15 08:42 -------- dc----w- c:\program files (x86)\Microsoft Silverlight
2013-03-15 06:16 . 2013-03-15 06:36 -------- dc----w- c:\users\KOTARE\AppData\Roaming\REAPER
2013-03-15 02:20 . 2013-03-15 02:20 -------- dc----w- c:\program files\REAPER (x64)
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-15 08:46 . 2012-07-28 07:35 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-02-27 01:42 . 2013-02-27 01:42 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-27 01:42 . 2011-05-26 07:11 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-24 04:59 . 2013-02-24 05:00 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-24 04:59 . 2013-01-13 10:07 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-02-24 04:59 . 2011-05-07 20:05 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-17 20:22 . 2013-02-17 20:22 31080 ----a-w- c:\windows\system32\nvhdap64.dll
2013-02-17 20:22 . 2013-02-17 20:22 1472360 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2013-02-17 20:22 . 2013-02-17 20:22 189288 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2013-02-12 05:45 . 2013-04-02 01:12 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-04-02 01:12 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-04-02 01:12 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-04-02 01:12 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-04-02 01:12 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-04-02 01:12 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-16 12:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:53 . 2013-02-24 04:38 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-24 04:38 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-24 04:38 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-18 15:00 . 2012-03-18 15:00 1961984 -c--a-w- c:\program files\WaveShell-VST 9.0_x64.dll
2012-03-18 15:00 . 2012-03-18 15:00 1482752 -c--a-w- c:\program files (x86)\WaveShell-VST 9.0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 -c--a-w- c:\users\KOTARE\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 -c--a-w- c:\users\KOTARE\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 -c--a-w- c:\users\KOTARE\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 -c--a-w- c:\users\KOTARE\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DigidesignMMERefresh"="c:\program files (x86)\Digidesign\Pro Tools\MMERefresh.exe" [2011-03-02 81920]
"TRCMan"="c:\program files (x86)\TOSHIBA\TRCMan\TRCMan.exe" [2010-06-02 714104]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-02 252848]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-04-02 345312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 DIRECTIO;DIRECTIO;c:\program files (x86)\PerformanceTest\DirectIo.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-09 22528]
R3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.SYS [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-06 1255736]
S0 MDFSYSNT;MacDrive file system driver; [x]
S0 MDPMGRNT;MacDrive Partition Driver;c:\windows\system32\DRIVERS\MDPMGRNT.SYS [2010-05-05 32352]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-04-02 28600]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-06 283200]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2013-04-02 86752]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
S2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\DRIVERS\diginet.sys [2010-10-23 21520]
S2 MacDrive8ServiceD;MacDrive 8 service for Digidesign;c:\program files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe [2010-06-07 167424]
S2 MboxAudioDevMon;Mbox Audio Device Monitor;c:\program files (x86)\Avid\Mbox\AudioDevMon.exe [2010-10-07 1919504]
S2 MboxProAudioDevMon;Mbox Pro Audio Device Monitor;c:\program files (x86)\Avid\Mbox Pro\AudioDevMon.exe [2010-10-07 1919504]
S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2010-09-15 517632]
S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2010-11-08 2647552]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 hidshim;Service for HID-KMDF Shim layer;c:\windows\system32\DRIVERS\hidshim.sys [2009-08-31 6656]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 MBOXPRO;Service for Avid Mbox Pro;c:\windows\system32\DRIVERS\AvidMboxPro.sys [2010-10-08 433168]
S3 nuvotoncir;Nuvoton IR Transceiver;c:\windows\system32\DRIVERS\nuvotoncir.sys [2009-08-31 48128]
S3 nuvotonhidcir;Nuvoton HID CIR Receiver;c:\windows\system32\DRIVERS\nuvotonhidcir.sys [2009-08-31 26624]
S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys [2010-08-16 76136]
S3 O2SDGRDR;O2SDGRDR;c:\windows\system32\DRIVERS\o2sdgx64.sys [2009-08-19 49568]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2009-06-15 12800]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-07-02 1111144]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-162548572-3568678463-845937623-1000Core.job
- c:\users\KOTARE\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-17 03:52]
.
2013-04-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-162548572-3568678463-845937623-1000UA.job
- c:\users\KOTARE\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-17 03:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 -c--a-w- c:\users\KOTARE\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 -c--a-w- c:\users\KOTARE\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 -c--a-w- c:\users\KOTARE\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 -c--a-w- c:\users\KOTARE\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2010-05-10 915320]
"MacDrive 8 application for Digidesign"="c:\program files\Mediafour\MacDrive 8\MacDriveD.exe" [2010-06-02 228864]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\KOTARE\AppData\Roaming\Mozilla\Firefox\Profiles\16l6k7q3.default\
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-MacDrive volume icons - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11a_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11a_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-04 20:21:17
ComboFix-quarantined-files.txt 2013-04-04 07:21
.
Pre-Run: 90,953,199,616 bytes free
Post-Run: 90,849,570,816 bytes free
.
- - End Of File - - 5A0651980B8852FE94B969021FE007F7
  • 0

#8
KOTARE33

KOTARE33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Also, I have had some trouble lately where I get the eternal blue circle icon when using explorer. It's not happening right now, it is intermittent until I restart. Also icons won't show properly, photos and videos won't display their images on the thumb-prints.
  • 0

#9
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello KOTARE33


I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo
  • 0

#10
KOTARE33

KOTARE33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hi there - there were some suspicious files. I checked skip on all of them and the program closed of it's own accord - no reboot.

I not now that the CPU is low but that is not neccessarily a sign of something fixed as it usually restarts at a low amount (%6 at the moment) then rises later to %100.

I'll do Malware now.



21:33:42.0262 3108 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:33:43.0276 3108 ============================================================
21:33:43.0276 3108 Current date / time: 2013/04/04 21:33:43.0276
21:33:43.0276 3108 SystemInfo:
21:33:43.0276 3108
21:33:43.0276 3108 OS Version: 6.1.7601 ServicePack: 1.0
21:33:43.0276 3108 Product type: Workstation
21:33:43.0276 3108 ComputerName: KINGFISHER
21:33:43.0276 3108 UserName: KOTARE
21:33:43.0276 3108 Windows directory: C:\Windows
21:33:43.0276 3108 System windows directory: C:\Windows
21:33:43.0276 3108 Running under WOW64
21:33:43.0276 3108 Processor architecture: Intel x64
21:33:43.0276 3108 Number of processors: 8
21:33:43.0276 3108 Page size: 0x1000
21:33:43.0276 3108 Boot type: Normal boot
21:33:43.0276 3108 ============================================================
21:33:47.0924 3108 BG loaded
21:33:50.0654 3108 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:33:50.0670 3108 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:33:50.0701 3108 ============================================================
21:33:50.0701 3108 \Device\Harddisk0\DR0:
21:33:50.0701 3108 MBR partitions:
21:33:50.0701 3108 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:33:50.0701 3108 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4A825000
21:33:50.0701 3108 \Device\Harddisk1\DR1:
21:33:50.0701 3108 MBR partitions:
21:33:50.0701 3108 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705DB0
21:33:50.0701 3108 ============================================================
21:33:50.0779 3108 C: <-> \Device\Harddisk0\DR0\Partition2
21:33:50.0810 3108 E: <-> \Device\Harddisk1\DR1\Partition1
21:33:50.0810 3108 ============================================================
21:33:50.0810 3108 Initialize success
21:33:50.0810 3108 ============================================================
21:35:22.0436 5608 ============================================================
21:35:22.0436 5608 Scan started
21:35:22.0436 5608 Mode: Manual; SigCheck; TDLFS;
21:35:22.0436 5608 ============================================================
21:35:25.0782 5608 ================ Scan system memory ========================
21:35:25.0782 5608 System memory - ok
21:35:25.0782 5608 ================ Scan services =============================
21:35:26.0149 5608 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
21:35:26.0279 5608 1394ohci - ok
21:35:26.0316 5608 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:35:26.0370 5608 ACPI - ok
21:35:26.0657 5608 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:35:26.0780 5608 AcpiPmi - ok
21:35:27.0000 5608 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:35:27.0013 5608 AdobeARMservice - ok
21:35:27.0088 5608 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:35:27.0141 5608 adp94xx - ok
21:35:27.0248 5608 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:35:27.0274 5608 adpahci - ok
21:35:27.0318 5608 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:35:27.0338 5608 adpu320 - ok
21:35:27.0437 5608 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:35:27.0686 5608 AeLookupSvc - ok
21:35:27.0728 5608 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:35:27.0835 5608 AFD - ok
21:35:27.0905 5608 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:35:27.0922 5608 agp440 - ok
21:35:28.0015 5608 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:35:28.0098 5608 ALG - ok
21:35:28.0198 5608 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:35:28.0213 5608 aliide - ok
21:35:28.0249 5608 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:35:28.0265 5608 amdide - ok
21:35:28.0291 5608 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:35:28.0405 5608 AmdK8 - ok
21:35:28.0429 5608 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:35:28.0477 5608 AmdPPM - ok
21:35:28.0524 5608 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:35:28.0543 5608 amdsata - ok
21:35:28.0631 5608 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:35:28.0654 5608 amdsbs - ok
21:35:28.0728 5608 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:35:28.0745 5608 amdxata - ok
21:35:28.0867 5608 [ C2170E010C9B6739A136211FC0427527 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:35:28.0878 5608 AntiVirSchedulerService - ok
21:35:28.0996 5608 [ 47EB3F0EF84E0AF8AE75DB98EEF34255 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:35:29.0005 5608 AntiVirService - ok
21:35:29.0096 5608 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:35:29.0396 5608 AppID - ok
21:35:29.0467 5608 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:35:29.0556 5608 AppIDSvc - ok
21:35:29.0651 5608 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:35:29.0726 5608 Appinfo - ok
21:35:29.0837 5608 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:35:29.0849 5608 Apple Mobile Device - ok
21:35:29.0945 5608 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
21:35:29.0967 5608 arc - ok
21:35:30.0003 5608 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:35:30.0024 5608 arcsas - ok
21:35:30.0062 5608 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:35:30.0142 5608 AsyncMac - ok
21:35:30.0180 5608 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:35:30.0199 5608 atapi - ok
21:35:30.0311 5608 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:35:30.0387 5608 AudioEndpointBuilder - ok
21:35:30.0420 5608 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:35:30.0468 5608 AudioSrv - ok
21:35:30.0774 5608 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:35:30.0825 5608 avgntflt - ok
21:35:30.0916 5608 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:35:30.0938 5608 avipbb - ok
21:35:31.0034 5608 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:35:31.0052 5608 avkmgr - ok
21:35:31.0129 5608 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:35:31.0191 5608 AxInstSV - ok
21:35:31.0289 5608 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:35:31.0360 5608 b06bdrv - ok
21:35:31.0408 5608 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:35:31.0472 5608 b57nd60a - ok
21:35:31.0580 5608 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:35:31.0669 5608 BDESVC - ok
21:35:31.0731 5608 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:35:31.0802 5608 Beep - ok
21:35:31.0902 5608 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:35:31.0982 5608 BFE - ok
21:35:32.0078 5608 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
21:35:32.0157 5608 BITS - ok
21:35:32.0254 5608 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:35:32.0297 5608 blbdrive - ok
21:35:32.0515 5608 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:35:32.0534 5608 Bonjour Service - ok
21:35:32.0573 5608 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:35:32.0645 5608 bowser - ok
21:35:32.0673 5608 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:35:32.0725 5608 BrFiltLo - ok
21:35:32.0798 5608 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:35:32.0822 5608 BrFiltUp - ok
21:35:32.0859 5608 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:35:32.0940 5608 BridgeMP - ok
21:35:32.0988 5608 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:35:33.0011 5608 Browser - ok
21:35:33.0217 5608 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:35:33.0289 5608 Brserid - ok
21:35:33.0325 5608 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:35:33.0382 5608 BrSerWdm - ok
21:35:33.0436 5608 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:35:33.0483 5608 BrUsbMdm - ok
21:35:33.0529 5608 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:35:33.0593 5608 BrUsbSer - ok
21:35:33.0611 5608 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:35:33.0665 5608 BTHMODEM - ok
21:35:33.0774 5608 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:35:33.0871 5608 bthserv - ok
21:35:33.0891 5608 catchme - ok
21:35:33.0982 5608 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:35:34.0066 5608 cdfs - ok
21:35:34.0133 5608 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:35:34.0189 5608 cdrom - ok
21:35:34.0273 5608 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:35:34.0342 5608 CertPropSvc - ok
21:35:34.0489 5608 [ 41E7C4FA6491747402CFCA77CC1C7AAB ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
21:35:34.0502 5608 cfWiMAXService - ok
21:35:34.0568 5608 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:35:34.0616 5608 circlass - ok
21:35:34.0702 5608 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:35:34.0726 5608 CLFS - ok
21:35:34.0956 5608 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:35:35.0028 5608 clr_optimization_v2.0.50727_32 - ok
21:35:35.0234 5608 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:35:35.0251 5608 clr_optimization_v2.0.50727_64 - ok
21:35:35.0425 5608 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:35:35.0436 5608 clr_optimization_v4.0.30319_32 - ok
21:35:35.0596 5608 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:35:35.0690 5608 clr_optimization_v4.0.30319_64 - ok
21:35:35.0762 5608 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:35:35.0815 5608 CmBatt - ok
21:35:35.0832 5608 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:35:35.0849 5608 cmdide - ok
21:35:35.0948 5608 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
21:35:35.0988 5608 CNG - ok
21:35:36.0086 5608 [ A7D943BCFB70F1F053C274B348267B55 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
21:35:36.0110 5608 CnxtHdAudService - ok
21:35:36.0225 5608 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:35:36.0241 5608 Compbatt - ok
21:35:36.0266 5608 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:35:36.0312 5608 CompositeBus - ok
21:35:36.0341 5608 COMSysApp - ok
21:35:36.0396 5608 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
21:35:36.0409 5608 ConfigFree Service - ok
21:35:36.0432 5608 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:35:36.0448 5608 crcdisk - ok
21:35:36.0528 5608 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:35:36.0587 5608 CryptSvc - ok
21:35:36.0699 5608 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:35:36.0783 5608 DcomLaunch - ok
21:35:36.0883 5608 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:35:36.0966 5608 defragsvc - ok
21:35:37.0066 5608 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:35:37.0148 5608 DfsC - ok
21:35:37.0217 5608 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:35:37.0295 5608 Dhcp - ok
21:35:37.0382 5608 [ 3F1FF4B1EC288033DA5F6BAAA86482AD ] DigiNet C:\Windows\system32\DRIVERS\diginet.sys
21:35:37.0399 5608 DigiNet - ok
21:35:37.0487 5608 DigiRefresh - ok
21:35:37.0563 5608 [ 8EBB4EDCBB9A9839D9967B599D82B35C ] digiSPTIService C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe
21:35:37.0665 5608 digiSPTIService ( UnsignedFile.Multi.Generic ) - warning
21:35:37.0665 5608 digiSPTIService - detected UnsignedFile.Multi.Generic (1)
21:35:37.0692 5608 DIRECTIO - ok
21:35:37.0725 5608 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:35:37.0811 5608 discache - ok
21:35:37.0940 5608 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
21:35:37.0956 5608 Disk - ok
21:35:38.0033 5608 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:35:38.0270 5608 Dnscache - ok
21:35:38.0354 5608 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:35:38.0422 5608 dot3svc - ok
21:35:38.0439 5608 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:35:38.0501 5608 DPS - ok
21:35:38.0594 5608 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:35:38.0660 5608 drmkaud - ok
21:35:38.0697 5608 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:35:38.0714 5608 dtsoftbus01 - ok
21:35:38.0867 5608 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:35:38.0910 5608 DXGKrnl - ok
21:35:38.0983 5608 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:35:39.0043 5608 EapHost - ok
21:35:39.0368 5608 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:35:39.0512 5608 ebdrv - ok
21:35:39.0531 5608 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:35:39.0566 5608 EFS - ok
21:35:39.0683 5608 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:35:39.0738 5608 ehRecvr - ok
21:35:39.0768 5608 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:35:39.0788 5608 ehSched - ok
21:35:39.0886 5608 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:35:39.0912 5608 elxstor - ok
21:35:39.0929 5608 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:35:39.0972 5608 ErrDev - ok
21:35:40.0107 5608 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:35:40.0177 5608 EventSystem - ok
21:35:40.0205 5608 ew_hwusbdev - ok
21:35:40.0239 5608 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:35:40.0276 5608 exfat - ok
21:35:40.0368 5608 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:35:40.0434 5608 fastfat - ok
21:35:40.0521 5608 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:35:40.0559 5608 Fax - ok
21:35:40.0598 5608 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
21:35:40.0635 5608 fdc - ok
21:35:40.0711 5608 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:35:40.0746 5608 fdPHost - ok
21:35:40.0765 5608 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:35:40.0808 5608 FDResPub - ok
21:35:40.0910 5608 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:35:40.0927 5608 FileInfo - ok
21:35:40.0939 5608 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:35:40.0999 5608 Filetrace - ok
21:35:41.0074 5608 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:35:41.0092 5608 flpydisk - ok
21:35:41.0193 5608 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:35:41.0214 5608 FltMgr - ok
21:35:41.0330 5608 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
21:35:41.0358 5608 FontCache - ok
21:35:41.0466 5608 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:35:41.0485 5608 FontCache3.0.0.0 - ok
21:35:41.0495 5608 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:35:41.0516 5608 FsDepends - ok
21:35:41.0550 5608 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:35:41.0568 5608 Fs_Rec - ok
21:35:41.0636 5608 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:35:41.0668 5608 fvevol - ok
21:35:41.0693 5608 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:35:41.0739 5608 gagp30kx - ok
21:35:41.0779 5608 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:35:41.0790 5608 GEARAspiWDM - ok
21:35:41.0887 5608 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:35:41.0935 5608 gpsvc - ok
21:35:42.0006 5608 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:35:42.0050 5608 hcw85cir - ok
21:35:42.0084 5608 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:35:42.0121 5608 HDAudBus - ok
21:35:42.0182 5608 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:35:42.0197 5608 HECIx64 - ok
21:35:42.0282 5608 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:35:42.0320 5608 HidBatt - ok
21:35:42.0351 5608 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:35:42.0395 5608 HidBth - ok
21:35:42.0474 5608 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:35:42.0497 5608 HidIr - ok
21:35:42.0548 5608 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
21:35:42.0610 5608 hidserv - ok
21:35:42.0692 5608 [ F44381F466CFCEE8E850DE6BBFA43FE2 ] hidshim C:\Windows\system32\DRIVERS\hidshim.sys
21:35:42.0751 5608 hidshim - ok
21:35:42.0820 5608 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:35:42.0839 5608 HidUsb - ok
21:35:42.0892 5608 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:35:42.0964 5608 hkmsvc - ok
21:35:42.0986 5608 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:35:43.0027 5608 HomeGroupListener - ok
21:35:43.0076 5608 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:35:43.0113 5608 HomeGroupProvider - ok
21:35:43.0197 5608 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:35:43.0214 5608 HpSAMD - ok
21:35:43.0241 5608 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:35:43.0312 5608 HTTP - ok
21:35:43.0336 5608 huawei_cdcacm - ok
21:35:43.0339 5608 huawei_enumerator - ok
21:35:43.0356 5608 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:35:43.0373 5608 hwpolicy - ok
21:35:43.0492 5608 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:35:43.0511 5608 i8042prt - ok
21:35:43.0780 5608 [ 5E60DD5F090AB4A563C7204C289C4650 ] iaStor C:\Windows\system32\drivers\iaStor.sys
21:35:43.0800 5608 iaStor - ok
21:35:43.0855 5608 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:35:43.0884 5608 iaStorV - ok
21:35:44.0048 5608 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:35:44.0099 5608 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:35:44.0099 5608 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:35:44.0199 5608 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:35:44.0247 5608 idsvc - ok
21:35:44.0318 5608 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:35:44.0336 5608 iirsp - ok
21:35:44.0424 5608 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:35:44.0509 5608 IKEEXT - ok
21:35:44.0527 5608 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:35:44.0546 5608 intelide - ok
21:35:44.0654 5608 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:35:44.0704 5608 intelppm - ok
21:35:44.0795 5608 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:35:44.0874 5608 IPBusEnum - ok
21:35:44.0897 5608 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:35:44.0935 5608 IpFilterDriver - ok
21:35:45.0003 5608 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:35:45.0092 5608 iphlpsvc - ok
21:35:45.0161 5608 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:35:45.0211 5608 IPMIDRV - ok
21:35:45.0235 5608 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:35:45.0303 5608 IPNAT - ok
21:35:45.0397 5608 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:35:45.0450 5608 iPod Service - ok
21:35:45.0517 5608 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:35:45.0538 5608 IRENUM - ok
21:35:45.0553 5608 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:35:45.0569 5608 isapnp - ok
21:35:45.0588 5608 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:35:45.0638 5608 iScsiPrt - ok
21:35:45.0716 5608 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:35:45.0731 5608 kbdclass - ok
21:35:45.0754 5608 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:35:45.0807 5608 kbdhid - ok
21:35:45.0842 5608 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:35:45.0854 5608 KeyIso - ok
21:35:45.0889 5608 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:35:45.0907 5608 KSecDD - ok
21:35:46.0250 5608 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:35:46.0271 5608 KSecPkg - ok
21:35:46.0339 5608 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:35:46.0398 5608 ksthunk - ok
21:35:46.0493 5608 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:35:46.0571 5608 KtmRm - ok
21:35:46.0662 5608 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
21:35:46.0679 5608 L1C - ok
21:35:46.0822 5608 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:35:46.0886 5608 LanmanServer - ok
21:35:47.0010 5608 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:35:47.0104 5608 LanmanWorkstation - ok
21:35:47.0223 5608 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:35:47.0291 5608 lltdio - ok
21:35:47.0392 5608 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:35:47.0464 5608 lltdsvc - ok
21:35:47.0489 5608 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:35:47.0526 5608 lmhosts - ok
21:35:47.0643 5608 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:35:47.0657 5608 LMS - ok
21:35:47.0726 5608 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:35:47.0746 5608 LSI_FC - ok
21:35:47.0778 5608 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:35:47.0796 5608 LSI_SAS - ok
21:35:47.0824 5608 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:35:47.0843 5608 LSI_SAS2 - ok
21:35:47.0859 5608 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:35:47.0878 5608 LSI_SCSI - ok
21:35:47.0943 5608 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:35:48.0009 5608 luafv - ok
21:35:48.0136 5608 [ 0633546736E7816165ADFA5009251CFA ] MacDrive8ServiceD C:\Program Files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe
21:35:48.0166 5608 MacDrive8ServiceD ( UnsignedFile.Multi.Generic ) - warning
21:35:48.0166 5608 MacDrive8ServiceD - detected UnsignedFile.Multi.Generic (1)
21:35:48.0170 5608 massfilter - ok
21:35:48.0290 5608 [ 61E67854128C13FBEA71C7FAC3B822C9 ] MboxAudioDevMon C:\Program Files (x86)\Avid\Mbox\AudioDevMon.exe
21:35:48.0328 5608 MboxAudioDevMon - ok
21:35:48.0384 5608 [ C2336519253BDF92C091BEEF8FEC532C ] MBOXPRO C:\Windows\system32\DRIVERS\AvidMboxPro.sys
21:35:48.0405 5608 MBOXPRO - ok
21:35:48.0473 5608 [ B4A6BCEC84AC9C1AADEDB24E2FE531D8 ] MboxProAudioDevMon C:\Program Files (x86)\Avid\Mbox Pro\AudioDevMon.exe
21:35:48.0506 5608 MboxProAudioDevMon - ok
21:35:48.0644 5608 [ E6CB119EF2E148EAA1A247343550756E ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
21:35:48.0672 5608 McciCMService ( UnsignedFile.Multi.Generic ) - warning
21:35:48.0672 5608 McciCMService - detected UnsignedFile.Multi.Generic (1)
21:35:48.0778 5608 [ BE3D584D7C021EB7D89166EECB83C341 ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
21:35:48.0806 5608 McciCMService64 ( UnsignedFile.Multi.Generic ) - warning
21:35:48.0806 5608 McciCMService64 - detected UnsignedFile.Multi.Generic (1)
21:35:48.0866 5608 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:35:48.0884 5608 Mcx2Svc - ok
21:35:48.0957 5608 [ 1F2A22E735646F72BEA9D6E454DE2F57 ] MDFSYSNT C:\Windows\system32\drivers\MDFSYSNT.sys
21:35:48.0979 5608 MDFSYSNT - ok
21:35:49.0040 5608 [ E742557A08EABCCC897D79717DB2D5FE ] MDPMGRNT C:\Windows\system32\DRIVERS\MDPMGRNT.SYS
21:35:49.0055 5608 MDPMGRNT - ok
21:35:49.0074 5608 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
21:35:49.0088 5608 megasas - ok
21:35:49.0149 5608 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:35:49.0171 5608 MegaSR - ok
21:35:49.0228 5608 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:35:49.0287 5608 MMCSS - ok
21:35:49.0315 5608 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:35:49.0377 5608 Modem - ok
21:35:49.0439 5608 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:35:49.0491 5608 monitor - ok
21:35:49.0541 5608 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:35:49.0555 5608 mouclass - ok
21:35:49.0653 5608 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:35:49.0698 5608 mouhid - ok
21:35:49.0730 5608 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:35:49.0746 5608 mountmgr - ok
21:35:49.0810 5608 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:35:49.0828 5608 mpio - ok
21:35:49.0855 5608 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:35:49.0889 5608 mpsdrv - ok
21:35:49.0961 5608 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:35:50.0030 5608 MpsSvc - ok
21:35:50.0072 5608 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:35:50.0120 5608 MRxDAV - ok
21:35:50.0162 5608 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:35:50.0229 5608 mrxsmb - ok
21:35:50.0248 5608 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:35:50.0267 5608 mrxsmb10 - ok
21:35:50.0296 5608 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:35:50.0314 5608 mrxsmb20 - ok
21:35:50.0377 5608 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:35:50.0394 5608 msahci - ok
21:35:50.0411 5608 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:35:50.0429 5608 msdsm - ok
21:35:50.0492 5608 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:35:50.0539 5608 MSDTC - ok
21:35:50.0563 5608 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:35:50.0600 5608 Msfs - ok
21:35:50.0667 5608 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:35:50.0723 5608 mshidkmdf - ok
21:35:50.0738 5608 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:35:50.0752 5608 msisadrv - ok
21:35:50.0800 5608 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:35:50.0872 5608 MSiSCSI - ok
21:35:50.0875 5608 msiserver - ok
21:35:50.0909 5608 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:35:50.0967 5608 MSKSSRV - ok
21:35:51.0010 5608 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:35:51.0068 5608 MSPCLOCK - ok
21:35:51.0098 5608 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:35:51.0152 5608 MSPQM - ok
21:35:51.0205 5608 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:35:51.0226 5608 MsRPC - ok
21:35:51.0242 5608 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:35:51.0255 5608 mssmbios - ok
21:35:51.0321 5608 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:35:51.0382 5608 MSTEE - ok
21:35:51.0407 5608 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:35:51.0421 5608 MTConfig - ok
21:35:51.0480 5608 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:35:51.0496 5608 Mup - ok
21:35:51.0565 5608 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:35:51.0619 5608 napagent - ok
21:35:51.0718 5608 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:35:51.0759 5608 NativeWifiP - ok
21:35:51.0824 5608 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:35:51.0850 5608 NDIS - ok
21:35:51.0883 5608 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:35:51.0935 5608 NdisCap - ok
21:35:52.0019 5608 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:35:52.0054 5608 NdisTapi - ok
21:35:52.0099 5608 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:35:52.0162 5608 Ndisuio - ok
21:35:52.0237 5608 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:35:52.0297 5608 NdisWan - ok
21:35:52.0320 5608 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:35:52.0352 5608 NDProxy - ok
21:35:52.0388 5608 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
21:35:52.0435 5608 Netaapl - ok
21:35:52.0508 5608 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:35:52.0563 5608 NetBIOS - ok
21:35:52.0587 5608 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:35:52.0627 5608 NetBT - ok
21:35:52.0654 5608 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:35:52.0666 5608 Netlogon - ok
21:35:52.0735 5608 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:35:52.0808 5608 Netman - ok
21:35:52.0884 5608 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:35:52.0942 5608 netprofm - ok
21:35:53.0016 5608 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:35:53.0033 5608 NetTcpPortSharing - ok
21:35:53.0114 5608 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:35:53.0129 5608 nfrd960 - ok
21:35:53.0219 5608 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:35:53.0254 5608 NlaSvc - ok
21:35:53.0347 5608 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:35:53.0379 5608 Npfs - ok
21:35:53.0442 5608 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:35:53.0495 5608 nsi - ok
21:35:53.0518 5608 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:35:53.0568 5608 nsiproxy - ok
21:35:53.0638 5608 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:35:53.0687 5608 Ntfs - ok
21:35:53.0745 5608 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:35:53.0775 5608 Null - ok
21:35:53.0842 5608 [ 4F990BD111CF94891104193F8787788F ] nuvotoncir C:\Windows\system32\DRIVERS\nuvotoncir.sys
21:35:53.0918 5608 nuvotoncir - ok
21:35:53.0944 5608 [ 05416052F584E7488DCE7F6BCE4E75A1 ] nuvotonhidcir C:\Windows\system32\DRIVERS\nuvotonhidcir.sys
21:35:53.0957 5608 nuvotonhidcir - ok
21:35:54.0017 5608 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
21:35:54.0036 5608 NVHDA - ok
21:35:54.0409 5608 [ 6850D89C7ABDD8B4FB0B3659DA961379 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:35:54.0585 5608 nvlddmkm - ok
21:35:54.0626 5608 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:35:54.0643 5608 nvraid - ok
21:35:54.0657 5608 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:35:54.0684 5608 nvstor - ok
21:35:54.0704 5608 [ 2CBAF74C49C472160EBD73ADAB8DAB50 ] nvsvc C:\Windows\system32\nvvsvc.exe
21:35:54.0722 5608 nvsvc - ok
21:35:54.0742 5608 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:35:54.0760 5608 nv_agp - ok
21:35:54.0784 5608 [ D955D5DE998DB2476BF0892BE3A96C26 ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe
21:35:54.0821 5608 O2FLASH - ok
21:35:54.0868 5608 [ 74C90D2A1CF5E49A2F8D64B7245372DD ] O2MDGRDR C:\Windows\system32\DRIVERS\o2mdgx64.sys
21:35:54.0883 5608 O2MDGRDR - ok
21:35:54.0955 5608 [ FA1EED3A10992EBA9A39172B50346434 ] O2SDGRDR C:\Windows\system32\DRIVERS\o2sdgx64.sys
21:35:54.0969 5608 O2SDGRDR - ok
21:35:54.0979 5608 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:35:54.0998 5608 ohci1394 - ok
21:35:55.0060 5608 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:35:55.0106 5608 p2pimsvc - ok
21:35:55.0144 5608 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:35:55.0168 5608 p2psvc - ok
21:35:55.0284 5608 [ 05E4E87619D25370EEA0D368B58AA1F0 ] PaceLicenseDServices C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
21:35:55.0330 5608 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - warning
21:35:55.0330 5608 PaceLicenseDServices - detected UnsignedFile.Multi.Generic (1)
21:35:55.0379 5608 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
21:35:55.0398 5608 Parport - ok
21:35:55.0476 5608 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:35:55.0493 5608 partmgr - ok
21:35:55.0557 5608 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:35:55.0607 5608 PcaSvc - ok
21:35:55.0657 5608 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:35:55.0676 5608 pci - ok
21:35:55.0691 5608 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:35:55.0707 5608 pciide - ok
21:35:55.0724 5608 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:35:55.0745 5608 pcmcia - ok
21:35:55.0761 5608 PCTINDIS5X64 - ok
21:35:55.0772 5608 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:35:55.0790 5608 pcw - ok
21:35:55.0849 5608 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:35:55.0914 5608 PEAUTH - ok
21:35:56.0078 5608 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:35:56.0121 5608 PerfHost - ok
21:35:56.0252 5608 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:35:56.0328 5608 pla - ok
21:35:56.0393 5608 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:35:56.0456 5608 PlugPlay - ok
21:35:56.0494 5608 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:35:56.0540 5608 PNRPAutoReg - ok
21:35:56.0571 5608 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:35:56.0585 5608 PNRPsvc - ok
21:35:56.0648 5608 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:35:56.0723 5608 PolicyAgent - ok
21:35:56.0785 5608 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:35:56.0858 5608 Power - ok
21:35:56.0929 5608 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:35:57.0000 5608 PptpMiniport - ok
21:35:57.0026 5608 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
21:35:57.0067 5608 Processor - ok
21:35:57.0106 5608 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:35:57.0127 5608 ProfSvc - ok
21:35:57.0165 5608 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:35:57.0177 5608 ProtectedStorage - ok
21:35:57.0202 5608 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:35:57.0259 5608 Psched - ok
21:35:57.0349 5608 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\Windows\system32\DRIVERS\QIOMem.sys
21:35:57.0376 5608 QIOMem - ok
21:35:57.0539 5608 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:35:57.0593 5608 ql2300 - ok
21:35:57.0622 5608 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:35:57.0639 5608 ql40xx - ok
21:35:57.0697 5608 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:35:57.0727 5608 QWAVE - ok
21:35:57.0739 5608 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:35:57.0784 5608 QWAVEdrv - ok
21:35:57.0834 5608 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:35:57.0891 5608 RasAcd - ok
21:35:57.0977 5608 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:35:58.0024 5608 RasAgileVpn - ok
21:35:58.0083 5608 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:35:58.0151 5608 RasAuto - ok
21:35:58.0183 5608 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:35:58.0257 5608 Rasl2tp - ok
21:35:58.0337 5608 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:35:58.0391 5608 RasMan - ok
21:35:58.0410 5608 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:35:58.0484 5608 RasPppoe - ok
21:35:58.0559 5608 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:35:58.0627 5608 RasSstp - ok
21:35:58.0656 5608 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:35:58.0733 5608 rdbss - ok
21:35:58.0782 5608 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:35:58.0824 5608 rdpbus - ok
21:35:58.0845 5608 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:35:58.0898 5608 RDPCDD - ok
21:35:58.0936 5608 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:35:59.0002 5608 RDPENCDD - ok
21:35:59.0030 5608 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:35:59.0071 5608 RDPREFMP - ok
21:35:59.0175 5608 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:35:59.0217 5608 RdpVideoMiniport - ok
21:35:59.0254 5608 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:35:59.0279 5608 RDPWD - ok
21:35:59.0357 5608 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:35:59.0384 5608 rdyboost - ok
21:35:59.0445 5608 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:35:59.0527 5608 RemoteAccess - ok
21:35:59.0660 5608 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:35:59.0764 5608 RemoteRegistry - ok
21:35:59.0832 5608 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:35:59.0874 5608 RpcEptMapper - ok
21:35:59.0924 5608 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:35:59.0942 5608 RpcLocator - ok
21:36:00.0011 5608 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
21:36:00.0053 5608 RpcSs - ok
21:36:00.0156 5608 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:36:00.0202 5608 rspndr - ok
21:36:00.0295 5608 [ ADBF667488AFD6EF9341CEEA3C9AD5A1 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
21:36:00.0330 5608 rtl8192se - ok
21:36:00.0343 5608 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:36:00.0358 5608 SamSs - ok
21:36:00.0408 5608 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:36:00.0430 5608 sbp2port - ok
21:36:00.0631 5608 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
21:36:00.0658 5608 SBSDWSCService - ok
21:36:00.0717 5608 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:36:00.0762 5608 SCardSvr - ok
21:36:00.0774 5608 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:36:00.0839 5608 scfilter - ok
21:36:00.0907 5608 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:36:00.0981 5608 Schedule - ok
21:36:01.0029 5608 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:36:01.0061 5608 SCPolicySvc - ok
21:36:01.0118 5608 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:36:01.0168 5608 SDRSVC - ok
21:36:01.0266 5608 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:36:01.0338 5608 secdrv - ok
21:36:01.0398 5608 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:36:01.0441 5608 seclogon - ok
21:36:01.0500 5608 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
21:36:01.0556 5608 SENS - ok
21:36:01.0619 5608 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:36:01.0663 5608 SensrSvc - ok
21:36:01.0748 5608 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
21:36:01.0790 5608 Serenum - ok
21:36:01.0816 5608 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
21:36:01.0853 5608 Serial - ok
21:36:01.0948 5608 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:36:01.0993 5608 sermouse - ok
21:36:02.0047 5608 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:36:02.0104 5608 SessionEnv - ok
21:36:02.0129 5608 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:36:02.0145 5608 sffdisk - ok
21:36:02.0205 5608 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:36:02.0240 5608 sffp_mmc - ok
21:36:02.0262 5608 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:36:02.0327 5608 sffp_sd - ok
21:36:02.0407 5608 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:36:02.0423 5608 sfloppy - ok
21:36:02.0497 5608 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:36:02.0537 5608 SharedAccess - ok
21:36:02.0631 5608 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:36:02.0693 5608 ShellHWDetection - ok
21:36:02.0732 5608 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:36:02.0747 5608 SiSRaid2 - ok
21:36:02.0805 5608 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:36:02.0823 5608 SiSRaid4 - ok
21:36:02.0893 5608 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:36:02.0939 5608 SkypeUpdate - ok
21:36:02.0969 5608 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:36:03.0027 5608 Smb - ok
21:36:03.0075 5608 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:36:03.0123 5608 SNMPTRAP - ok
21:36:03.0184 5608 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:36:03.0198 5608 spldr - ok
21:36:03.0256 5608 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:36:03.0281 5608 Spooler - ok
21:36:03.0505 5608 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:36:03.0607 5608 sppsvc - ok
21:36:03.0703 5608 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:36:03.0744 5608 sppuinotify - ok
21:36:03.0785 5608 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:36:03.0882 5608 srv - ok
21:36:03.0917 5608 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:36:03.0967 5608 srv2 - ok
21:36:03.0993 5608 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:36:04.0010 5608 srvnet - ok
21:36:04.0104 5608 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:36:04.0165 5608 SSDPSRV - ok
21:36:04.0189 5608 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:36:04.0223 5608 SstpSvc - ok
21:36:04.0289 5608 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:36:04.0306 5608 stexstor - ok
21:36:04.0382 5608 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:36:04.0410 5608 stisvc - ok
21:36:04.0468 5608 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:36:04.0481 5608 swenum - ok
21:36:04.0552 5608 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:36:04.0636 5608 swprv - ok
21:36:04.0739 5608 [ 56F16A398AFFE40AFAB04BA0081CDC27 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:36:04.0758 5608 SynTP - ok
21:36:04.0847 5608 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:36:04.0904 5608 SysMain - ok
21:36:04.0957 5608 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:36:04.0983 5608 TabletInputService - ok
21:36:05.0002 5608 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
21:36:05.0017 5608 taphss - ok
21:36:05.0147 5608 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:36:05.0209 5608 TapiSrv - ok
21:36:05.0328 5608 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:36:05.0363 5608 TBS - ok
21:36:05.0675 5608 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:36:05.0877 5608 Tcpip - ok
21:36:05.0940 5608 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:36:05.0976 5608 TCPIP6 - ok
21:36:06.0100 5608 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:36:06.0118 5608 tcpipreg - ok
21:36:06.0197 5608 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:36:06.0266 5608 TDPIPE - ok
21:36:06.0333 5608 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:36:06.0373 5608 TDTCP - ok
21:36:06.0441 5608 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:36:06.0479 5608 tdx - ok
21:36:06.0548 5608 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:36:06.0564 5608 TermDD - ok
21:36:06.0677 5608 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:36:06.0729 5608 TermService - ok
21:36:06.0802 5608 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:36:06.0878 5608 Themes - ok
21:36:06.0996 5608 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\Windows\system32\DRIVERS\Thpevm.SYS
21:36:07.0012 5608 Thpevm - ok
21:36:07.0030 5608 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:36:07.0073 5608 THREADORDER - ok
21:36:07.0405 5608 [ DB9719688C08F42705FEB3F6A0C98B91 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
21:36:07.0434 5608 TosCoSrv - ok
21:36:07.0473 5608 [ BD672184765A3E3EE117105632472920 ] Tpkd C:\Windows\system32\drivers\Tpkd.sys
21:36:07.0493 5608 Tpkd - ok
21:36:07.0660 5608 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:36:07.0726 5608 TrkWks - ok
21:36:07.0890 5608 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:36:07.0932 5608 TrustedInstaller - ok
21:36:07.0998 5608 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:36:08.0062 5608 tssecsrv - ok
21:36:08.0172 5608 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:36:08.0217 5608 TsUsbFlt - ok
21:36:08.0283 5608 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:36:08.0300 5608 TsUsbGD - ok
21:36:08.0418 5608 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:36:08.0495 5608 tunnel - ok
21:36:08.0615 5608 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
21:36:08.0629 5608 TVALZ - ok
21:36:08.0701 5608 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:36:08.0718 5608 uagp35 - ok
21:36:08.0782 5608 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:36:08.0839 5608 udfs - ok
21:36:08.0932 5608 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:36:08.0952 5608 UI0Detect - ok
21:36:08.0988 5608 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:36:09.0006 5608 uliagpkx - ok
21:36:09.0109 5608 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:36:09.0166 5608 umbus - ok
21:36:09.0194 5608 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
21:36:09.0236 5608 UmPass - ok
21:36:09.0596 5608 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:36:09.0637 5608 UNS - ok
21:36:09.0720 5608 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:36:09.0783 5608 upnphost - ok
21:36:09.0896 5608 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
21:36:09.0936 5608 USBAAPL64 - ok
21:36:10.0032 5608 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:36:10.0080 5608 usbaudio - ok
21:36:10.0153 5608 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:36:10.0169 5608 usbccgp - ok
21:36:10.0250 5608 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:36:10.0274 5608 usbcir - ok
21:36:10.0305 5608 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:36:10.0349 5608 usbehci - ok
21:36:10.0379 5608 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:36:10.0417 5608 usbhub - ok
21:36:10.0471 5608 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:36:10.0510 5608 usbohci - ok
21:36:10.0606 5608 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:36:10.0650 5608 usbprint - ok
21:36:10.0705 5608 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:36:10.0746 5608 USBSTOR - ok
21:36:10.0796 5608 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:36:10.0845 5608 usbuhci - ok
21:36:10.0950 5608 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:36:10.0970 5608 usbvideo - ok
21:36:11.0075 5608 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:36:11.0156 5608 UxSms - ok
21:36:11.0177 5608 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:36:11.0189 5608 VaultSvc - ok
21:36:11.0312 5608 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:36:11.0329 5608 vdrvroot - ok
21:36:11.0395 5608 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:36:11.0455 5608 vds - ok
21:36:11.0544 5608 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:36:11.0571 5608 vga - ok
21:36:11.0590 5608 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:36:11.0658 5608 VgaSave - ok
21:36:11.0677 5608 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:36:11.0703 5608 vhdmp - ok
21:36:11.0782 5608 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:36:11.0799 5608 viaide - ok
21:36:11.0822 5608 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:36:11.0842 5608 volmgr - ok
21:36:11.0872 5608 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:36:11.0902 5608 volmgrx - ok
21:36:11.0993 5608 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:36:12.0017 5608 volsnap - ok
21:36:12.0089 5608 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:36:12.0107 5608 vsmraid - ok
21:36:12.0311 5608 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:36:12.0503 5608 VSS - ok
21:36:12.0523 5608 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:36:12.0580 5608 vwifibus - ok
21:36:12.0706 5608 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:36:12.0769 5608 vwififlt - ok
21:36:12.0912 5608 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:36:12.0965 5608 W32Time - ok
21:36:12.0987 5608 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:36:13.0032 5608 WacomPen - ok
21:36:13.0163 5608 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:36:13.0222 5608 WANARP - ok
21:36:13.0250 5608 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:36:13.0291 5608 Wanarpv6 - ok
21:36:13.0463 5608 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:36:13.0653 5608 WatAdminSvc - ok
21:36:13.0829 5608 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:36:13.0965 5608 wbengine - ok
21:36:14.0006 5608 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:36:14.0039 5608 WbioSrvc - ok
21:36:14.0176 5608 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:36:14.0225 5608 wcncsvc - ok
21:36:14.0294 5608 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:36:14.0313 5608 WcsPlugInService - ok
21:36:14.0401 5608 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
21:36:14.0417 5608 Wd - ok
21:36:14.0524 5608 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:36:14.0565 5608 Wdf01000 - ok
21:36:14.0586 5608 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:36:14.0653 5608 WdiServiceHost - ok
21:36:14.0656 5608 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:36:14.0674 5608 WdiSystemHost - ok
21:36:14.0736 5608 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:36:14.0789 5608 WebClient - ok
21:36:14.0897 5608 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:36:14.0976 5608 Wecsvc - ok
21:36:15.0033 5608 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:36:15.0076 5608 wercplsupport - ok
21:36:15.0684 5608 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:36:15.0723 5608 WerSvc - ok
21:36:15.0844 5608 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:36:15.0884 5608 WfpLwf - ok
21:36:15.0926 5608 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:36:15.0944 5608 WIMMount - ok
21:36:15.0970 5608 WinDefend - ok
21:36:15.0975 5608 WinHttpAutoProxySvc - ok
21:36:16.0108 5608 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:36:16.0160 5608 Winmgmt - ok
21:36:16.0403 5608 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:36:16.0539 5608 WinRM - ok
21:36:16.0628 5608 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:36:16.0647 5608 WinUsb - ok
21:36:16.0773 5608 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:36:16.0848 5608 Wlansvc - ok
21:36:17.0227 5608 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:36:17.0264 5608 wlidsvc - ok
21:36:17.0299 5608 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:36:17.0352 5608 WmiAcpi - ok
21:36:17.0468 5608 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:36:17.0518 5608 wmiApSrv - ok
21:36:17.0669 5608 WMPNetworkSvc - ok
21:36:17.0784 5608 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:36:17.0802 5608 WPCSvc - ok
21:36:17.0826 5608 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:36:17.0850 5608 WPDBusEnum - ok
21:36:18.0096 5608 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:36:18.0130 5608 ws2ifsl - ok
21:36:18.0213 5608 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
21:36:18.0258 5608 wscsvc - ok
21:36:18.0261 5608 WSearch - ok
21:36:18.0437 5608 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:36:18.0482 5608 wuauserv - ok
21:36:18.0540 5608 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:36:18.0656 5608 WudfPf - ok
21:36:18.0834 5608 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:36:18.0914 5608 WUDFRd - ok
21:36:18.0980 5608 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:36:19.0025 5608 wudfsvc - ok
21:36:19.0124 5608 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:36:19.0170 5608 WwanSvc - ok
21:36:19.0216 5608 ZTEusbmdm6k - ok
21:36:19.0220 5608 ZTEusbnmea - ok
21:36:19.0248 5608 ZTEusbser6k - ok
21:36:19.0304 5608 ================ Scan global ===============================
21:36:19.0379 5608 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:36:19.0453 5608 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:36:19.0465 5608 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:36:19.0578 5608 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:36:19.0692 5608 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:36:19.0702 5608 [Global] - ok
21:36:19.0702 5608 ================ Scan MBR ==================================
21:36:19.0726 5608 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:36:20.0685 5608 \Device\Harddisk0\DR0 - ok
21:36:21.0058 5608 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
21:36:21.0223 5608 \Device\Harddisk1\DR1 - ok
21:36:21.0224 5608 ================ Scan VBR ==================================
21:36:21.0290 5608 [ D7E902798130B0105006A3C2684AB46E ] \Device\Harddisk0\DR0\Partition1
21:36:21.0293 5608 \Device\Harddisk0\DR0\Partition1 - ok
21:36:21.0313 5608 [ AD8DB2A4FB9E8B76EBF848096C118D45 ] \Device\Harddisk0\DR0\Partition2
21:36:21.0315 5608 \Device\Harddisk0\DR0\Partition2 - ok
21:36:21.0345 5608 [ 2B78975B71DE02D2B5738215BAA93957 ] \Device\Harddisk1\DR1\Partition1
21:36:21.0348 5608 \Device\Harddisk1\DR1\Partition1 - ok
21:36:21.0348 5608 ================ Scan active images ========================
21:36:21.0351 5608 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
21:36:21.0351 5608 C:\Windows\System32\drivers\crashdmp.sys - ok
21:36:21.0354 5608 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
21:36:21.0354 5608 C:\Windows\System32\drivers\dumpfve.sys - ok
21:36:21.0358 5608 [ 5E60DD5F090AB4A563C7204C289C4650 ] C:\Windows\System32\drivers\iaStor.sys
21:36:21.0358 5608 C:\Windows\System32\drivers\iaStor.sys - ok
21:36:21.0362 5608 [ 46571ED73AE84469DCA53081D33CF3C8 ] C:\Windows\System32\drivers\dtsoftbus01.sys
21:36:21.0362 5608 C:\Windows\System32\drivers\dtsoftbus01.sys - ok
21:36:21.0366 5608 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
21:36:21.0366 5608 C:\Windows\System32\drivers\beep.sys - ok
21:36:21.0370 5608 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
21:36:21.0370 5608 C:\Windows\System32\drivers\cdrom.sys - ok
21:36:21.0374 5608 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
21:36:21.0374 5608 C:\Windows\System32\drivers\null.sys - ok
21:36:21.0378 5608 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
21:36:21.0379 5608 C:\Windows\System32\drivers\watchdog.sys - ok
21:36:21.0382 5608 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
21:36:21.0382 5608 C:\Windows\System32\drivers\vga.sys - ok
21:36:21.0386 5608 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
21:36:21.0386 5608 C:\Windows\System32\drivers\videoprt.sys - ok
21:36:21.0390 5608 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
21:36:21.0390 5608 C:\Windows\System32\drivers\RDPCDD.sys - ok
21:36:21.0395 5608 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
21:36:21.0395 5608 C:\Windows\System32\drivers\RDPENCDD.sys - ok
21:36:21.0399 5608 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
21:36:21.0399 5608 C:\Windows\System32\drivers\RDPREFMP.sys - ok
21:36:21.0404 5608 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
21:36:21.0404 5608 C:\Windows\System32\drivers\msfs.sys - ok
21:36:21.0408 5608 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
21:36:21.0408 5608 C:\Windows\System32\drivers\npfs.sys - ok
21:36:21.0413 5608 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
21:36:21.0413 5608 C:\Windows\System32\drivers\tdi.sys - ok
21:36:21.0418 5608 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
21:36:21.0418 5608 C:\Windows\System32\drivers\tdx.sys - ok
21:36:21.0422 5608 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
21:36:21.0422 5608 C:\Windows\System32\drivers\afd.sys - ok
21:36:21.0427 5608 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
21:36:21.0427 5608 C:\Windows\System32\drivers\netbt.sys - ok
21:36:21.0431 5608 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
21:36:21.0431 5608 C:\Windows\System32\drivers\netbios.sys - ok
21:36:21.0437 5608 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
21:36:21.0437 5608 C:\Windows\System32\drivers\pacer.sys - ok
21:36:21.0442 5608 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
21:36:21.0442 5608 C:\Windows\System32\drivers\termdd.sys - ok
21:36:21.0447 5608 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
21:36:21.0447 5608 C:\Windows\System32\drivers\vwififlt.sys - ok
21:36:21.0452 5608 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
21:36:21.0452 5608 C:\Windows\System32\drivers\wanarp.sys - ok
21:36:21.0456 5608 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
21:36:21.0456 5608 C:\Windows\System32\drivers\wfplwf.sys - ok
21:36:21.0461 5608 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
21:36:21.0461 5608 C:\Windows\System32\drivers\ws2ifsl.sys - ok
21:36:21.0466 5608 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
21:36:21.0466 5608 C:\Windows\System32\drivers\blbdrive.sys - ok
21:36:21.0470 5608 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
21:36:21.0470 5608 C:\Windows\System32\drivers\dfsc.sys - ok
21:36:21.0474 5608 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
21:36:21.0474 5608 C:\Windows\System32\drivers\discache.sys - ok
21:36:21.0479 5608 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
21:36:21.0479 5608 C:\Windows\System32\drivers\mssmbios.sys - ok
21:36:21.0483 5608 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
21:36:21.0483 5608 C:\Windows\System32\drivers\nsiproxy.sys - ok
21:36:21.0487 5608 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
21:36:21.0487 5608 C:\Windows\System32\drivers\rdbss.sys - ok
21:36:21.0491 5608 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] C:\Windows\System32\drivers\avipbb.sys
21:36:21.0491 5608 C:\Windows\System32\drivers\avipbb.sys - ok
21:36:21.0495 5608 [ 490FA25161BF3E51993EB724ECF0ACEB ] C:\Windows\System32\drivers\avkmgr.sys
21:36:21.0495 5608 C:\Windows\System32\drivers\avkmgr.sys - ok
21:36:21.0499 5608 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
21:36:21.0499 5608 C:\Windows\System32\drivers\tunnel.sys - ok
21:36:21.0502 5608 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
21:36:21.0503 5608 C:\Windows\System32\drivers\wmiacpi.sys - ok
21:36:21.0506 5608 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
21:36:21.0506 5608 C:\Windows\System32\ntdll.dll - ok
21:36:21.0509 5608 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
21:36:21.0509 5608 C:\Windows\System32\smss.exe - ok
21:36:21.0513 5608 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
21:36:21.0513 5608 C:\Windows\System32\autochk.exe - ok
21:36:21.0517 5608 [ A0CC60C167B3486FB5614C95BA7749FC ] C:\Windows\System32\drivers\nvBridge.kmd
21:36:21.0517 5608 C:\Windows\System32\drivers\nvBridge.kmd - ok
21:36:21.0521 5608 [ 6850D89C7ABDD8B4FB0B3659DA961379 ] C:\Windows\System32\drivers\nvlddmkm.sys
21:36:21.0521 5608 C:\Windows\System32\drivers\nvlddmkm.sys - ok
21:36:21.0525 5608 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
21:36:21.0525 5608 C:\Windows\System32\drivers\dxgkrnl.sys - ok
21:36:21.0531 5608 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
21:36:21.0531 5608 C:\Windows\System32\drivers\dxgmms1.sys - ok
21:36:21.0536 5608 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
21:36:21.0536 5608 C:\Windows\System32\drivers\hdaudbus.sys - ok
21:36:21.0540 5608 [ B6AC71AAA2B10848F57FC49D55A651AF ] C:\Windows\System32\drivers\HECIx64.sys
21:36:21.0540 5608 C:\Windows\System32\drivers\HECIx64.sys - ok
21:36:21.0546 5608 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
21:36:21.0546 5608 C:\Windows\System32\drivers\usbport.sys - ok
21:36:21.0553 5608 [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
21:36:21.0553 5608 C:\Windows\System32\drivers\1394ohci.sys - ok
21:36:21.0557 5608 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
21:36:21.0557 5608 C:\Windows\System32\drivers\usbehci.sys - ok
21:36:21.0561 5608 [ FA1EED3A10992EBA9A39172B50346434 ] C:\Windows\System32\drivers\o2sdgx64.sys
21:36:21.0562 5608 C:\Windows\System32\drivers\o2sdgx64.sys - ok
21:36:21.0566 5608 [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
21:36:21.0566 5608 C:\Windows\System32\drivers\scsiport.sys - ok
21:36:21.0570 5608 [ 74C90D2A1CF5E49A2F8D64B7245372DD ] C:\Windows\System32\drivers\o2mdgx64.sys
21:36:21.0570 5608 C:\Windows\System32\drivers\o2mdgx64.sys - ok
21:36:21.0574 5608 [ ADBF667488AFD6EF9341CEEA3C9AD5A1 ] C:\Windows\System32\drivers\rtl8192se.sys
21:36:21.0574 5608 C:\Windows\System32\drivers\rtl8192se.sys - ok
21:36:21.0578 5608 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
21:36:21.0578 5608 C:\Windows\System32\drivers\hidparse.sys - ok
21:36:21.0581 5608 [ 033B4AED2C5519072C0D81E00804D003 ] C:\Windows\System32\drivers\L1C62x64.sys
21:36:21.0581 5608 C:\Windows\System32\drivers\L1C62x64.sys - ok
21:36:21.0586 5608 [ 4F990BD111CF94891104193F8787788F ] C:\Windows\System32\drivers\nuvotoncir.sys
21:36:21.0586 5608 C:\Windows\System32\drivers\nuvotoncir.sys - ok
21:36:21.0590 5608 [ 05416052F584E7488DCE7F6BCE4E75A1 ] C:\Windows\System32\drivers\nuvotonhidcir.sys
21:36:21.0590 5608 C:\Windows\System32\drivers\nuvotonhidcir.sys - ok
21:36:21.0594 5608 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
21:36:21.0594 5608 C:\Windows\System32\drivers\vwifibus.sys - ok
21:36:21.0599 5608 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
21:36:21.0599 5608 C:\Windows\System32\drivers\hidclass.sys - ok
21:36:21.0603 5608 [ F44381F466CFCEE8E850DE6BBFA43FE2 ] C:\Windows\System32\drivers\hidshim.sys
21:36:21.0603 5608 C:\Windows\System32\drivers\hidshim.sys - ok
21:36:21.0607 5608 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
21:36:21.0607 5608 C:\Windows\System32\drivers\i8042prt.sys - ok
21:36:21.0611 5608 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
21:36:21.0611 5608 C:\Windows\System32\drivers\kbdclass.sys - ok
21:36:21.0615 5608 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
21:36:21.0615 5608 C:\Windows\System32\drivers\usbd.sys - ok
21:36:21.0619 5608 [ 56F16A398AFFE40AFAB04BA0081CDC27 ] C:\Windows\System32\drivers\SynTP.sys
21:36:21.0619 5608 C:\Windows\System32\drivers\SynTP.sys - ok
21:36:21.0623 5608 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
21:36:21.0623 5608 C:\Windows\System32\drivers\mouclass.sys - ok
21:36:21.0627 5608 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
21:36:21.0627 5608 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
21:36:21.0631 5608 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
21:36:21.0631 5608 C:\Windows\System32\drivers\agilevpn.sys - ok
21:36:21.0635 5608 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
21:36:21.0635 5608 C:\Windows\System32\drivers\CmBatt.sys - ok
21:36:21.0639 5608 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
21:36:21.0639 5608 C:\Windows\System32\drivers\CompositeBus.sys - ok
21:36:21.0642 5608 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
21:36:21.0643 5608 C:\Windows\System32\drivers\intelppm.sys - ok
21:36:21.0647 5608 [ C8FCB4899F8B70CC34E0D9876A80963C ] C:\Windows\System32\drivers\QIOMem.sys
21:36:21.0647 5608 C:\Windows\System32\drivers\QIOMem.sys - ok
21:36:21.0651 5608 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
21:36:21.0651 5608 C:\Windows\System32\drivers\rasl2tp.sys - ok
21:36:21.0656 5608 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
21:36:21.0656 5608 C:\Windows\System32\drivers\ndistapi.sys - ok
21:36:21.0660 5608 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
21:36:21.0660 5608 C:\Windows\System32\drivers\ndiswan.sys - ok
21:36:21.0664 5608 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
21:36:21.0664 5608 C:\Windows\System32\drivers\raspppoe.sys - ok
21:36:21.0668 5608 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
21:36:21.0668 5608 C:\Windows\System32\drivers\raspptp.sys - ok
21:36:21.0672 5608 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
21:36:21.0672 5608 C:\Windows\System32\drivers\rassstp.sys - ok
21:36:21.0676 5608 [ D7CD5C4E1B71FA62050515314CFB52CF ] C:\Windows\System32\drivers\circlass.sys
21:36:21.0676 5608 C:\Windows\System32\drivers\circlass.sys - ok
21:36:21.0681 5608 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
21:36:21.0681 5608 C:\Windows\System32\drivers\ks.sys - ok
21:36:21.0685 5608 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
21:36:21.0685 5608 C:\Windows\System32\drivers\swenum.sys - ok
21:36:21.0690 5608 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
21:36:21.0690 5608 C:\Windows\System32\drivers\umbus.sys - ok
21:36:21.0694 5608 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
21:36:21.0694 5608 C:\Windows\System32\drivers\usbhub.sys - ok
21:36:21.0698 5608 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
21:36:21.0698 5608 C:\Windows\System32\drivers\kbdhid.sys - ok
21:36:21.0701 5608 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
21:36:21.0701 5608 C:\Windows\System32\drivers\ndproxy.sys - ok
21:36:21.0706 5608 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
21:36:21.0706 5608 C:\Windows\System32\msvcrt.dll - ok
21:36:21.0711 5608 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
21:36:21.0712 5608 C:\Windows\System32\clbcatq.dll - ok
21:36:21.0715 5608 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
21:36:21.0715 5608 C:\Windows\System32\gdi32.dll - ok
21:36:21.0719 5608 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
21:36:21.0719 5608 C:\Windows\System32\drivers\drmk.sys - ok
21:36:21.0724 5608 [ A54A16DAE7497CDCB8C5A021C0F6FEB8 ] C:\Windows\System32\iertutil.dll
21:36:21.0724 5608 C:\Windows\System32\iertutil.dll - ok
21:36:21.0729 5608 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
21:36:21.0730 5608 C:\Windows\System32\drivers\ksthunk.sys - ok
21:36:21.0734 5608 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] C:\Windows\System32\drivers\nvhda64v.sys
21:36:21.0734 5608 C:\Windows\System32\drivers\nvhda64v.sys - ok
21:36:21.0739 5608 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
21:36:21.0739 5608 C:\Windows\System32\drivers\portcls.sys - ok
21:36:21.0744 5608 [ A7D943BCFB70F1F053C274B348267B55 ] C:\Windows\System32\drivers\CHDRT64.sys
21:36:21.0744 5608 C:\Windows\System32\drivers\CHDRT64.sys - ok
21:36:21.0748 5608 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
21:36:21.0748 5608 C:\Windows\System32\difxapi.dll - ok
21:36:21.0752 5608 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
21:36:21.0752 5608 C:\Windows\System32\normaliz.dll - ok
21:36:21.0756 5608 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
21:36:21.0756 5608 C:\Windows\System32\ole32.dll - ok
21:36:21.0758 5608 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
21:36:21.0758 5608 C:\Windows\System32\setupapi.dll - ok
21:36:21.0762 5608 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
21:36:21.0762 5608 C:\Windows\System32\imm32.dll - ok
21:36:21.0767 5608 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
21:36:21.0767 5608 C:\Windows\System32\psapi.dll - ok
21:36:21.0771 5608 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
21:36:21.0771 5608 C:\Windows\System32\sechost.dll - ok
21:36:21.0774 5608 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
21:36:21.0774 5608 C:\Windows\System32\shell32.dll - ok
21:36:21.0778 5608 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
21:36:21.0778 5608 C:\Windows\System32\lpk.dll - ok
21:36:21.0782 5608 [ FA274190682AA41A46B285208ED46A74 ] C:\Windows\System32\wininet.dll
21:36:21.0782 5608 C:\Windows\System32\wininet.dll - ok
21:36:21.0785 5608 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
21:36:21.0786 5608 C:\Windows\System32\oleaut32.dll - ok
21:36:21.0789 5608 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
21:36:21.0789 5608 C:\Windows\System32\usp10.dll - ok
21:36:21.0793 5608 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
21:36:21.0793 5608 C:\Windows\System32\shlwapi.dll - ok
21:36:21.0797 5608 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
21:36:21.0797 5608 C:\Windows\System32\nsi.dll - ok
21:36:21.0802 5608 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
21:36:21.0802 5608 C:\Windows\System32\comdlg32.dll - ok
21:36:21.0807 5608 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
21:36:21.0807 5608 C:\Windows\System32\advapi32.dll - ok
21:36:21.0811 5608 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
21:36:21.0811 5608 C:\Windows\System32\imagehlp.dll - ok
21:36:21.0815 5608 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
21:36:21.0815 5608 C:\Windows\System32\ws2_32.dll - ok
21:36:21.0818 5608 [ FF1AAEDD4A1A0FC3C5ED66B4EE0B254A ] C:\Windows\System32\urlmon.dll
21:36:21.0818 5608 C:\Windows\System32\urlmon.dll - ok
21:36:21.0822 5608 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
21:36:21.0822 5608 C:\Windows\System32\kernel32.dll - ok
21:36:21.0827 5608 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
21:36:21.0827 5608 C:\Windows\System32\user32.dll - ok
21:36:21.0832 5608 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
21:36:21.0832 5608 C:\Windows\System32\rpcrt4.dll - ok
21:36:21.0836 5608 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] C:\Windows\System32\drivers\hidir.sys
21:36:21.0836 5608 C:\Windows\System32\drivers\hidir.sys - ok
21:36:21.0839 5608 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
21:36:21.0839 5608 C:\Windows\System32\drivers\mouhid.sys - ok
21:36:21.0843 5608 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
21:36:21.0843 5608 C:\Windows\System32\Wldap32.dll - ok
21:36:21.0848 5608 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
21:36:21.0848 5608 C:\Windows\System32\msctf.dll - ok
21:36:21.0854 5608 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
21:36:21.0854 5608 C:\Windows\System32\comctl32.dll - ok
21:36:21.0859 5608 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
21:36:21.0859 5608 C:\Windows\System32\KernelBase.dll - ok
21:36:21.0863 5608 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
21:36:21.0863 5608 C:\Windows\System32\devobj.dll - ok
21:36:21.0867 5608 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
21:36:21.0867 5608 C:\Windows\System32\wintrust.dll - ok
21:36:21.0872 5608 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
21:36:21.0872 5608 C:\Windows\System32\crypt32.dll - ok
21:36:21.0876 5608 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
21:36:21.0876 5608 C:\Windows\System32\cfgmgr32.dll - ok
21:36:21.0880 5608 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
21:36:21.0880 5608 C:\Windows\System32\msasn1.dll - ok
21:36:21.0884 5608 [ C2336519253BDF92C091BEEF8FEC532C ] C:\Windows\System32\drivers\AvidMboxPro.sys
21:36:21.0884 5608 C:\Windows\System32\drivers\AvidMboxPro.sys - ok
21:36:21.0888 5608 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
21:36:21.0888 5608 C:\Windows\SysWOW64\normaliz.dll - ok
21:36:21.0892 5608 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
21:36:21.0892 5608 C:\Windows\System32\drivers\dxapi.sys - ok
21:36:21.0896 5608 [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\Windows\System32\win32k.sys
21:36:21.0896 5608 C:\Windows\System32\win32k.sys - ok
21:36:21.0900 5608 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
21:36:21.0900 5608 C:\Windows\System32\csrsrv.dll - ok
21:36:21.0904 5608 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
21:36:21.0904 5608 C:\Windows\System32\csrss.exe - ok
21:36:21.0907 5608 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
21:36:21.0907 5608 C:\Windows\System32\basesrv.dll - ok
21:36:21.0911 5608 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
21:36:21.0911 5608 C:\Windows\System32\winsrv.dll - ok
21:36:21.0915 5608 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] C:\Windows\System32\drivers\usbaapl64.sys
21:36:21.0915 5608 C:\Windows\System32\drivers\usbaapl64.sys - ok
21:36:21.0919 5608 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
21:36:21.0919 5608 C:\Windows\System32\drivers\monitor.sys - ok
21:36:21.0923 5608 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
21:36:21.0923 5608 C:\Windows\System32\drivers\usbccgp.sys - ok
21:36:21.0927 5608 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
21:36:21.0927 5608 C:\Windows\System32\drivers\USBSTOR.SYS - ok
21:36:21.0932 5608 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
21:36:21.0932 5608 C:\Windows\System32\drivers\usbvideo.sys - ok
21:36:21.0936 5608 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
21:36:21.0936 5608 C:\Windows\System32\tsddd.dll - ok
21:36:21.0940 5608 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
21:36:21.0941 5608 C:\Windows\System32\profapi.dll - ok
21:36:21.0945 5608 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
21:36:21.0945 5608 C:\Windows\System32\sxssrv.dll - ok
21:36:21.0949 5608 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
21:36:21.0949 5608 C:\Windows\System32\wininit.exe - ok
21:36:21.0953 5608 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
21:36:21.0953 5608 C:\Windows\System32\KBDUS.DLL - ok
21:36:21.0957 5608 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
21:36:21.0957 5608 C:\Windows\System32\RpcRtRemote.dll - ok
21:36:21.0961 5608 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
21:36:21.0961 5608 C:\Windows\System32\cdd.dll - ok
21:36:21.0965 5608 [ 1A83FACA2135AF076E8EA73A30B3B26C ] C:\Windows\System32\KBDUK.DLL
21:36:21.0965 5608 C:\Windows\System32\KBDUK.DLL - ok
21:36:21.0969 5608 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
21:36:21.0969 5608 C:\Windows\System32\WlS0WndH.dll - ok
21:36:21.0973 5608 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
21:36:21.0973 5608 C:\Windows\System32\sxs.dll - ok
21:36:21.0977 5608 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
21:36:21.0977 5608 C:\Windows\System32\cryptbase.dll - ok
21:36:21.0981 5608 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
21:36:21.0981 5608 C:\Windows\System32\apphelp.dll - ok
21:36:21.0985 5608 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
21:36:21.0985 5608 C:\Windows\System32\lsass.exe - ok
21:36:21.0989 5608 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
21:36:21.0989 5608 C:\Windows\System32\lsm.exe - ok
21:36:21.0993 5608 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
21:36:21.0993 5608 C:\Windows\System32\services.exe - ok
21:36:21.0998 5608 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
21:36:21.0998 5608 C:\Windows\System32\sspicli.dll - ok
21:36:22.0003 5608 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
21:36:22.0003 5608 C:\Windows\System32\sspisrv.dll - ok
21:36:22.0008 5608 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
21:36:22.0008 5608 C:\Windows\System32\lsasrv.dll - ok
21:36:22.0011 5608 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
21:36:22.0011 5608 C:\Windows\System32\scesrv.dll - ok
21:36:22.0015 5608 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
21:36:22.0015 5608 C:\Windows\System32\scext.dll - ok
21:36:22.0020 5608 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
21:36:22.0020 5608 C:\Windows\System32\secur32.dll - ok
21:36:22.0027 5608 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
21:36:22.0027 5608 C:\Windows\System32\sysntfy.dll - ok
21:36:22.0032 5608 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
21:36:22.0032 5608 C:\Windows\System32\wmsgapi.dll - ok
21:36:22.0039 5608 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
21:36:22.0039 5608 C:\Windows\System32\samsrv.dll - ok
21:36:22.0043 5608 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
21:36:22.0043 5608 C:\Windows\System32\cryptdll.dll - ok
21:36:22.0048 5608 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
21:36:22.0048 5608 C:\Windows\System32\srvcli.dll - ok
21:36:22.0052 5608 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
21:36:22.0052 5608 C:\Windows\System32\wevtapi.dll - ok
21:36:22.0056 5608 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
21:36:22.0056 5608 C:\Windows\System32\authz.dll - ok
21:36:22.0060 5608 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
21:36:22.0060 5608 C:\Windows\System32\cngaudit.dll - ok
21:36:22.0066 5608 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
21:36:22.0066 5608 C:\Windows\System32\bcrypt.dll - ok
21:36:22.0071 5608 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
21:36:22.0071 5608 C:\Windows\System32\ncrypt.dll - ok
21:36:22.0077 5608 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
21:36:22.0077 5608 C:\Windows\System32\msprivs.dll - ok
21:36:22.0082 5608 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
21:36:22.0082 5608 C:\Windows\System32\netjoin.dll - ok
21:36:22.0087 5608 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
21:36:22.0087 5608 C:\Windows\System32\negoexts.dll - ok
21:36:22.0092 5608 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
21:36:22.0092 5608 C:\Windows\System32\kerberos.dll - ok
21:36:22.0097 5608 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
21:36:22.0097 5608 C:\Windows\System32\version.dll - ok
21:36:22.0102 5608 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
21:36:22.0102 5608 C:\Windows\System32\cryptsp.dll - ok
21:36:22.0106 5608 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
21:36:22.0106 5608 C:\Windows\System32\mswsock.dll - ok
21:36:22.0110 5608 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
21:36:22.0110 5608 C:\Windows\System32\msv1_0.dll - ok
21:36:22.0114 5608 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
21:36:22.0114 5608 C:\Windows\System32\wship6.dll - ok
21:36:22.0118 5608 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
21:36:22.0118 5608 C:\Windows\System32\netlogon.dll - ok
21:36:22.0122 5608 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
21:36:22.0122 5608 C:\Windows\System32\dnsapi.dll - ok
21:36:22.0125 5608 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
21:36:22.0125 5608 C:\Windows\System32\logoncli.dll - ok
21:36:22.0129 5608 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
21:36:22.0129 5608 C:\Windows\System32\schannel.dll - ok
21:36:22.0133 5608 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
21:36:22.0133 5608 C:\Windows\System32\wdigest.dll - ok
21:36:22.0137 5608 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
21:36:22.0137 5608 C:\Windows\System32\rsaenh.dll - ok
21:36:22.0141 5608 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
21:36:22.0142 5608 C:\Windows\System32\TSpkg.dll - ok
21:36:22.0147 5608 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
21:36:22.0147 5608 C:\Windows\System32\pku2u.dll - ok
21:36:22.0151 5608 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
21:36:22.0151 5608 C:\Windows\System32\LIVESSP.DLL - ok
21:36:22.0155 5608 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
21:36:22.0155 5608 C:\Windows\System32\bcryptprimitives.dll - ok
21:36:22.0159 5608 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
21:36:22.0159 5608 C:\Windows\System32\credssp.dll - ok
21:36:22.0164 5608 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
21:36:22.0164 5608 C:\Windows\System32\efslsaext.dll - ok
21:36:22.0168 5608 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
21:36:22.0168 5608 C:\Windows\System32\scecli.dll - ok
21:36:22.0172 5608 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
21:36:22.0172 5608 C:\Windows\System32\ubpm.dll - ok
21:36:22.0176 5608 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
21:36:22.0176 5608 C:\Windows\System32\winsta.dll - ok
21:36:22.0181 5608 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
21:36:22.0181 5608 C:\Windows\System32\svchost.exe - ok
21:36:22.0185 5608 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
21:36:22.0185 5608 C:\Windows\System32\umpnpmgr.dll - ok
21:36:22.0188 5608 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
21:36:22.0188 5608 C:\Windows\System32\SPInf.dll - ok
21:36:22.0192 5608 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
21:36:22.0192 5608 C:\Windows\System32\devrtl.dll - ok
21:36:22.0197 5608 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
21:36:22.0197 5608 C:\Windows\System32\gpapi.dll - ok
21:36:22.0200 5608 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
21:36:22.0200 5608 C:\Windows\System32\userenv.dll - ok
21:36:22.0204 5608 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
21:36:22.0204 5608 C:\Windows\System32\umpo.dll - ok
21:36:22.0208 5608 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
21:36:22.0208 5608 C:\Windows\System32\pcwum.dll - ok
21:36:22.0213 5608 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
21:36:22.0213 5608 C:\Windows\System32\powrprof.dll - ok
21:36:22.0218 5608 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
21:36:22.0218 5608 C:\Windows\System32\drivers\luafv.sys - ok
21:36:22.0222 5608 [ 09E6069EF94B345061B4BD3CEBD974C8 ] C:\Windows\System32\drivers\avgntflt.sys
21:36:22.0222 5608 C:\Windows\System32\drivers\avgntflt.sys - ok
21:36:22.0226 5608 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
21:36:22.0226 5608 C:\Windows\System32\drivers\WUDFPf.sys - ok
21:36:22.0230 5608 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
21:36:22.0230 5608 C:\Windows\System32\rpcss.dll - ok
21:36:22.0233 5608 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
21:36:22.0234 5608 C:\Windows\System32\RpcEpMap.dll - ok
21:36:22.0237 5608 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
21:36:22.0237 5608 C:\Windows\System32\wshqos.dll - ok
21:36:22.0241 5608 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
21:36:22.0241 5608 C:\Windows\System32\WSHTCPIP.DLL - ok
21:36:22.0245 5608 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
21:36:22.0245 5608 C:\Windows\System32\FirewallAPI.dll - ok
21:36:22.0249 5608 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
21:36:22.0249 5608 C:\Windows\System32\wevtsvc.dll - ok
21:36:22.0252 5608 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
21:36:22.0252 5608 C:\Windows\System32\audiosrv.dll - ok
21:36:22.0256 5608 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
21:36:22.0256 5608 C:\Windows\System32\wlansvc.dll - ok
21:36:22.0259 5608 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
21:36:22.0259 5608 C:\Windows\System32\FntCache.dll - ok
21:36:22.0263 5608 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
21:36:22.0263 5608 C:\Windows\System32\adtschema.dll - ok
21:36:22.0266 5608 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
21:36:22.0266 5608 C:\Windows\System32\avrt.dll - ok
21:36:22.0270 5608 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
21:36:22.0270 5608 C:\Windows\System32\mmcss.dll - ok
21:36:22.0273 5608 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
21:36:22.0273 5608 C:\Windows\System32\MMDevAPI.dll - ok
21:36:22.0277 5608 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
21:36:22.0277 5608 C:\Windows\System32\MPSSVC.dll - ok
21:36:22.0280 5608 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
21:36:22.0280 5608 C:\Windows\System32\propsys.dll - ok
21:36:22.0284 5608 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
21:36:22.0284 5608 C:\Windows\System32\winlogon.exe - ok
21:36:22.0288 5608 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
21:36:22.0289 5608 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
21:36:22.0292 5608 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
21:36:22.0292 5608 C:\Windows\System32\drivers\fltMgr.sys - ok
21:36:22.0297 5608 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
21:36:22.0297 5608 C:\Windows\System32\PSHED.DLL - ok
21:36:22.0300 5608 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
21:36:22.0300 5608 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
21:36:22.0304 5608 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
21:36:22.0304 5608 C:\Windows\System32\authui.dll - ok
21:36:22.0307 5608 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
21:36:22.0307 5608 C:\Windows\System32\LogonUI.exe - ok
21:36:22.0311 5608 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
21:36:22.0311 5608 C:\Windows\System32\cryptui.dll - ok
21:36:22.0315 5608 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
21:36:22.0315 5608 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
21:36:22.0319 5608 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
21:36:22.0319 5608 C:\Windows\System32\samlib.dll - ok
21:36:22.0323 5608 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
21:36:22.0323 5608 C:\Windows\System32\shacct.dll - ok
21:36:22.0327 5608 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
21:36:22.0327 5608 C:\Windows\System32\uxtheme.dll - ok
21:36:22.0331 5608 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
21:36:22.0331 5608 C:\Windows\System32\audiodg.exe - ok
21:36:22.0335 5608 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
21:36:22.0335 5608 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
21:36:22.0339 5608 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
21:36:22.0339 5608 C:\Windows\System32\ntmarta.dll - ok
21:36:22.0343 5608 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
21:36:22.0343 5608 C:\Windows\System32\dui70.dll - ok
21:36:22.0347 5608 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
21:36:22.0347 5608 C:\Windows\System32\atl.dll - ok
21:36:22.0351 5608 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
21:36:22.0351 5608 C:\Windows\System32\duser.dll - ok
21:36:22.0355 5608 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
21:36:22.0355 5608 C:\Windows\System32\gpsvc.dll - ok
21:36:22.0359 5608 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
21:36:22.0359 5608 C:\Windows\System32\profsvc.dll - ok
21:36:22.0363 5608 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
21:36:22.0363 5608 C:\Windows\System32\themeservice.dll - ok
21:36:22.0367 5608 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
21:36:22.0367 5608 C:\Windows\System32\es.dll - ok
21:36:22.0371 5608 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
21:36:22.0371 5608 C:\Windows\System32\dsrole.dll - ok
21:36:22.0375 5608 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
21:36:22.0375 5608 C:\Windows\System32\nlaapi.dll - ok
21:36:22.0379 5608 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
21:36:22.0379 5608 C:\Windows\System32\slc.dll - ok
21:36:22.0383 5608 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
21:36:22.0383 5608 C:\Windows\System32\winmm.dll - ok
21:36:22.0387 5608 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
21:36:22.0388 5608 C:\Windows\System32\comres.dll - ok
21:36:22.0391 5608 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
21:36:22.0391 5608 C:\Windows\System32\Sens.dll - ok
21:36:22.0396 5608 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
21:36:22.0396 5608 C:\Windows\System32\SndVolSSO.dll - ok
21:36:22.0400 5608 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
21:36:22.0400 5608 C:\Windows\System32\uxsms.dll - ok
21:36:22.0404 5608 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
21:36:22.0404 5608 C:\Windows\System32\wtsapi32.dll - ok
21:36:22.0409 5608 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
21:36:22.0410 5608 C:\Windows\System32\WUDFPlatform.dll - ok
21:36:22.0414 5608 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
21:36:22.0414 5608 C:\Windows\System32\WUDFSvc.dll - ok
21:36:22.0420 5608 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
21:36:22.0420 5608 C:\Windows\System32\hid.dll - ok
21:36:22.0424 5608 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
21:36:22.0425 5608 C:\Windows\System32\ksuser.dll - ok
21:36:22.0428 5608 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
21:36:22.0428 5608 C:\Windows\System32\wdmaud.drv - ok
21:36:22.0432 5608 [ 3F1FF4B1EC288033DA5F6BAAA86482AD ] C:\Windows\System32\drivers\diginet.sys
21:36:22.0432 5608 C:\Windows\System32\drivers\diginet.sys - ok
21:36:22.0436 5608 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
21:36:22.0436 5608 C:\Windows\System32\drivers\lltdio.sys - ok
21:36:22.0439 5608 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
21:36:22.0440 5608 C:\Windows\System32\drivers\nwifi.sys - ok
21:36:22.0443 5608 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
21:36:22.0443 5608 C:\Windows\System32\dhcpcore.dll - ok
21:36:22.0447 5608 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
21:36:22.0447 5608 C:\Windows\System32\drivers\ndisuio.sys - ok
21:36:22.0451 5608 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
21:36:22.0451 5608 C:\Windows\System32\drivers\rspndr.sys - ok
21:36:22.0455 5608 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
21:36:22.0455 5608 C:\Windows\System32\IPHLPAPI.DLL - ok
21:36:22.0459 5608 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
21:36:22.0459 5608 C:\Windows\System32\lmhsvc.dll - ok
21:36:22.0462 5608 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
21:36:22.0462 5608 C:\Windows\System32\nrpsrv.dll - ok
21:36:22.0466 5608 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
21:36:22.0466 5608 C:\Windows\System32\nsisvc.dll - ok
21:36:22.0471 5608 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
21:36:22.0471 5608 C:\Windows\System32\winnsi.dll - ok
21:36:22.0476 5608 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
21:36:22.0476 5608 C:\Windows\System32\dhcpcore6.dll - ok
21:36:22.0479 5608 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
21:36:22.0479 5608 C:\Windows\System32\dwmapi.dll - ok
21:36:22.0483 5608 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
21:36:22.0483 5608 C:\Windows\System32\xmllite.dll - ok
21:36:22.0487 5608 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
21:36:22.0487 5608 C:\Windows\System32\dnsrslvr.dll - ok
21:36:22.0491 5608 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
21:36:22.0491 5608 C:\Windows\System32\eapphost.dll - ok
21:36:22.0495 5608 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
21:36:22.0495 5608 C:\Windows\System32\eapsvc.dll - ok
21:36:22.0498 5608 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
21:36:22.0498 5608 C:\Windows\System32\keyiso.dll - ok
21:36:22.0501 5608 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
21:36:22.0501 5608 C:\Windows\System32\FWPUCLNT.DLL - ok
21:36:22.0504 5608 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
21:36:22.0504 5608 C:\Windows\System32\AudioSes.dll - ok
21:36:22.0507 5608 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
21:36:22.0507 5608 C:\Windows\System32\dnsext.dll - ok
21:36:22.0509 5608 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
21:36:22.0509 5608 C:\Windows\System32\umb.dll - ok
21:36:22.0513 5608 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
21:36:22.0513 5608 C:\Windows\System32\wlanmsm.dll - ok
21:36:22.0516 5608 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
21:36:22.0517 5608 C:\Windows\System32\dhcpcsvc.dll - ok
21:36:22.0520 5608 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
21:36:22.0520 5608 C:\Windows\System32\dhcpcsvc6.dll - ok
21:36:22.0524 5608 [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
21:36:22.0524 5608 C:\Windows\System32\WindowsCodecs.dll - ok
21:36:22.0528 5608 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
21:36:22.0528 5608 C:\Windows\System32\wlansec.dll - ok
21:36:22.0535 5608 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
21:36:22.0535 5608 C:\Windows\System32\onex.dll - ok
21:36:22.0540 5608 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
21:36:22.0540 5608 C:\Windows\System32\eappcfg.dll - ok
21:36:22.0543 5608 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
21:36:22.0543 5608 C:\Windows\System32\eappprxy.dll - ok
21:36:22.0546 5608 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
21:36:22.0546 5608 C:\Windows\System32\l2gpstore.dll - ok
21:36:22.0549 5608 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
21:36:22.0549 5608 C:\Windows\System32\WinSCard.dll - ok
21:36:22.0552 5608 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
21:36:22.0552 5608 C:\Windows\System32\wlanutil.dll - ok
21:36:22.0556 5608 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
21:36:22.0556 5608 C:\Windows\System32\wlgpclnt.dll - ok
21:36:22.0558 5608 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
21:36:22.0559 5608 C:\Windows\System32\msacm32.dll - ok
21:36:22.0562 5608 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
21:36:22.0562 5608 C:\Windows\System32\msacm32.drv - ok
21:36:22.0565 5608 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
21:36:22.0565 5608 C:\Windows\System32\msxml6.dll - ok
21:36:22.0568 5608 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
21:36:22.0568 5608 C:\Windows\System32\midimap.dll - ok
21:36:22.0571 5608 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
21:36:22.0571 5608 C:\Windows\System32\AudioEng.dll - ok
21:36:22.0574 5608 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
21:36:22.0574 5608 C:\Windows\System32\AUDIOKSE.dll - ok
21:36:22.0577 5608 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
21:36:22.0578 5608 C:\Windows\System32\VaultCredProvider.dll - ok
21:36:22.0580 5608 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
21:36:22.0580 5608 C:\Windows\System32\winbrand.dll - ok
21:36:22.0584 5608 [ A5ABFEBBD2C086F5AF37D109E3A8982F ] C:\Windows\System32\CX64PP25.dll
21:36:22.0584 5608 C:\Windows\System32\CX64PP25.dll - ok
21:36:22.0587 5608 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
21:36:22.0587 5608 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
21:36:22.0590 5608 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
21:36:22.0590 5608 C:\Windows\System32\BioCredProv.dll - ok
21:36:22.0593 5608 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
21:36:22.0593 5608 C:\Windows\System32\shsvcs.dll - ok
21:36:22.0597 5608 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
21:36:22.0597 5608 C:\Windows\System32\winbio.dll - ok
21:36:22.0601 5608 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
21:36:22.0601 5608 C:\Windows\System32\credui.dll - ok
21:36:22.0605 5608 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
21:36:22.0605 5608 C:\Windows\System32\schedsvc.dll - ok
21:36:22.0607 5608 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
21:36:22.0607 5608 C:\Windows\System32\netapi32.dll - ok
21:36:22.0610 5608 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
21:36:22.0610 5608 C:\Windows\System32\netutils.dll - ok
21:36:22.0613 5608 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
21:36:22.0613 5608 C:\Windows\System32\samcli.dll - ok
21:36:22.0616 5608 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
21:36:22.0616 5608 C:\Windows\System32\vaultcli.dll - ok
21:36:22.0620 5608 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
21:36:22.0620 5608 C:\Windows\System32\wkscli.dll - ok
21:36:22.0623 5608 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
21:36:22.0623 5608 C:\Windows\System32\certCredProvider.dll - ok
21:36:22.0627 5608 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
21:36:22.0627 5608 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
21:36:22.0630 5608 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
21:36:22.0630 5608 C:\Windows\System32\ktmw32.dll - ok
21:36:22.0632 5608 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
21:36:22.0633 5608 C:\Windows\System32\rasplap.dll - ok
21:36:22.0636 5608 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
21:36:22.0636 5608 C:\Windows\System32\WMALFXGFXDSP.dll - ok
21:36:22.0639 5608 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
21:36:22.0639 5608 C:\Windows\System32\rasapi32.dll - ok
21:36:22.0642 5608 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
21:36:22.0642 5608 C:\Windows\System32\mfplat.dll - ok
21:36:22.0646 5608 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
21:36:22.0646 5608 C:\Windows\System32\rasman.dll - ok
21:36:22.0649 5608 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
21:36:22.0649 5608 C:\Windows\System32\rtutils.dll - ok
21:36:22.0652 5608 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
21:36:22.0652 5608 C:\Windows\System32\fveapi.dll - ok
21:36:22.0655 5608 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
21:36:22.0655 5608 C:\Windows\System32\UXInit.dll - ok
21:36:22.0658 5608 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
21:36:22.0658 5608 C:\Windows\System32\fvecerts.dll - ok
21:36:22.0661 5608 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
21:36:22.0662 5608 C:\Windows\System32\oleacc.dll - ok
21:36:22.0665 5608 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
21:36:22.0665 5608 C:\Windows\System32\tbs.dll - ok
21:36:22.0670 5608 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
21:36:22.0670 5608 C:\Windows\System32\taskcomp.dll - ok
21:36:22.0674 5608 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
21:36:22.0674 5608 C:\Windows\System32\wiarpc.dll - ok
21:36:22.0678 5608 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
21:36:22.0678 5608 C:\Windows\System32\UIAutomationCore.dll - ok
21:36:22.0682 5608 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
21:36:22.0682 5608 C:\Windows\System32\drivers\http.sys - ok
21:36:22.0687 5608 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
21:36:22.0687 5608 C:\Windows\System32\spoolsv.exe - ok
21:36:22.0693 5608 [ C2170E010C9B6739A136211FC0427527 ] C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:36:22.0693 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe - ok
21:36:22.0696 5608 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
21:36:22.0696 5608 C:\Windows\SysWOW64\ntdll.dll - ok
21:36:22.0701 5608 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
21:36:22.0701 5608 C:\Windows\System32\msimg32.dll - ok
21:36:22.0705 5608 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
21:36:22.0705 5608 C:\Windows\System32\imageres.dll - ok
21:36:22.0709 5608 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
21:36:22.0709 5608 C:\Windows\System32\wow64.dll - ok
21:36:22.0713 5608 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
21:36:22.0713 5608 C:\Windows\System32\wow64cpu.dll - ok
21:36:22.0717 5608 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
21:36:22.0717 5608 C:\Windows\System32\wow64win.dll - ok
21:36:22.0721 5608 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
21:36:22.0721 5608 C:\Windows\SysWOW64\kernel32.dll - ok
21:36:22.0725 5608 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
21:36:22.0725 5608 C:\Windows\SysWOW64\KernelBase.dll - ok
21:36:22.0730 5608 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
21:36:22.0730 5608 C:\Windows\SysWOW64\user32.dll - ok
21:36:22.0734 5608 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
21:36:22.0734 5608 C:\Windows\System32\netcfgx.dll - ok
21:36:22.0738 5608 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
21:36:22.0738 5608 C:\Windows\SysWOW64\gdi32.dll - ok
21:36:22.0741 5608 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
21:36:22.0742 5608 C:\Windows\SysWOW64\lpk.dll - ok
21:36:22.0745 5608 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
21:36:22.0745 5608 C:\Windows\SysWOW64\usp10.dll - ok
21:36:22.0749 5608 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
21:36:22.0749 5608 C:\Windows\SysWOW64\msvcrt.dll - ok
21:36:22.0752 5608 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
21:36:22.0752 5608 C:\Windows\SysWOW64\advapi32.dll - ok
21:36:22.0756 5608 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
21:36:22.0756 5608 C:\Windows\SysWOW64\rpcrt4.dll - ok
21:36:22.0760 5608 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
21:36:22.0760 5608 C:\Windows\SysWOW64\sechost.dll - ok
21:36:22.0763 5608 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
21:36:22.0763 5608 C:\Windows\SysWOW64\cryptbase.dll - ok
21:36:22.0767 5608 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
21:36:22.0767 5608 C:\Windows\SysWOW64\msvcp100.dll - ok
21:36:22.0771 5608 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
21:36:22.0771 5608 C:\Windows\SysWOW64\sspicli.dll - ok
21:36:22.0775 5608 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
21:36:22.0775 5608 C:\Windows\SysWOW64\msvcr100.dll - ok
21:36:22.0779 5608 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
21:36:22.0779 5608 C:\Windows\SysWOW64\imm32.dll - ok
21:36:22.0783 5608 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
21:36:22.0783 5608 C:\Windows\SysWOW64\msctf.dll - ok
21:36:22.0787 5608 [ 0A65AF40C482233D93F44B93EE5CE55D ] C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll
21:36:22.0787 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll - ok
21:36:22.0791 5608 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
21:36:22.0791 5608 C:\Windows\SysWOW64\shell32.dll - ok
21:36:22.0795 5608 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
21:36:22.0795 5608 C:\Windows\SysWOW64\shlwapi.dll - ok
21:36:22.0799 5608 [ A59938BBA7E4D6205B50435AEADDEDC4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll
21:36:22.0799 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll - ok
21:36:22.0804 5608 [ B8D1DC83AAB1D2434CC6A54519F2CA17 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll
21:36:22.0804 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll - ok
21:36:22.0808 5608 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
21:36:22.0808 5608 C:\Windows\System32\BFE.DLL - ok
21:36:22.0812 5608 [ 4A9BA87BD158A21C9D127B08481D9C04 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll
21:36:22.0812 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll - ok
21:36:22.0816 5608 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
21:36:22.0816 5608 C:\Windows\SysWOW64\mpr.dll - ok
21:36:22.0820 5608 [ C43536C2A2A7F775E5F43A5CD034DAB4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll
21:36:22.0820 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll - ok
21:36:22.0825 5608 [ 8277B882A7FBAA23702E41700EE885DE ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll
21:36:22.0825 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll - ok
21:36:22.0829 5608 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
21:36:22.0829 5608 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
21:36:22.0833 5608 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
21:36:22.0833 5608 C:\Windows\SysWOW64\nsi.dll - ok
21:36:22.0836 5608 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
21:36:22.0836 5608 C:\Windows\SysWOW64\winnsi.dll - ok
21:36:22.0840 5608 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
21:36:22.0840 5608 C:\Windows\SysWOW64\version.dll - ok
21:36:22.0843 5608 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
21:36:22.0843 5608 C:\Windows\SysWOW64\wtsapi32.dll - ok
21:36:22.0847 5608 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
21:36:22.0847 5608 C:\Windows\SysWOW64\rasapi32.dll - ok
21:36:22.0851 5608 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
21:36:22.0851 5608 C:\Windows\SysWOW64\rasman.dll - ok
21:36:22.0855 5608 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
21:36:22.0855 5608 C:\Windows\SysWOW64\ws2_32.dll - ok
21:36:22.0858 5608 [ 7DD5A961D76EDEA65C111BB87DD14F11 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll
21:36:22.0858 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll - ok
21:36:22.0861 5608 [ C725A69DB7E462FB0F2E84E3B7E83C4C ] C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll
21:36:22.0861 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll - ok
21:36:22.0865 5608 [ 7DC69D2B0A77BB365AE934AE2E06AB41 ] C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
21:36:22.0865 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll - ok
21:36:22.0869 5608 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
21:36:22.0869 5608 C:\Windows\System32\drivers\bowser.sys - ok
21:36:22.0873 5608 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
21:36:22.0873 5608 C:\Windows\System32\drivers\mpsdrv.sys - ok
21:36:22.0876 5608 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
21:36:22.0876 5608 C:\Windows\System32\drivers\mrxsmb.sys - ok
21:36:22.0880 5608 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
21:36:22.0880 5608 C:\Windows\System32\drivers\mrxsmb10.sys - ok
21:36:22.0885 5608 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
21:36:22.0885 5608 C:\Windows\System32\drivers\mrxsmb20.sys - ok
21:36:22.0888 5608 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
21:36:22.0888 5608 C:\Windows\System32\wkssvc.dll - ok
21:36:22.0891 5608 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
21:36:22.0891 5608 C:\Windows\System32\wfapigp.dll - ok
21:36:22.0895 5608 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
21:36:22.0895 5608 C:\Windows\SysWOW64\cfgmgr32.dll - ok
21:36:22.0899 5608 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
21:36:22.0899 5608 C:\Windows\System32\mscms.dll - ok
21:36:22.0902 5608 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
21:36:22.0902 5608 C:\Windows\SysWOW64\rtutils.dll - ok
21:36:22.0906 5608 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:36:22.0906 5608 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
21:36:22.0909 5608 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
21:36:22.0909 5608 C:\Windows\SysWOW64\ole32.dll - ok
21:36:22.0912 5608 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
21:36:22.0912 5608 C:\Windows\System32\pcasvc.dll - ok
21:36:22.0916 5608 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
21:36:22.0916 5608 C:\Windows\SysWOW64\oleaut32.dll - ok
21:36:22.0920 5608 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
21:36:22.0920 5608 C:\Windows\System32\snmptrap.exe - ok
21:36:22.0925 5608 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
21:36:22.0925 5608 C:\Windows\SysWOW64\crypt32.dll - ok
21:36:22.0929 5608 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
21:36:22.0929 5608 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
21:36:22.0932 5608 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
21:36:22.0932 5608 C:\Windows\SysWOW64\msasn1.dll - ok
21:36:22.0935 5608 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
21:36:22.0935 5608 C:\Windows\SysWOW64\wintrust.dll - ok
21:36:22.0939 5608 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
21:36:22.0939 5608 C:\Windows\System32\sstpsvc.dll - ok
21:36:22.0942 5608 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
21:36:22.0942 5608 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
21:36:22.0947 5608 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
21:36:22.0947 5608 C:\Windows\System32\provsvc.dll - ok
21:36:22.0951 5608 [ 47EB3F0EF84E0AF8AE75DB98EEF34255 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:36:22.0951 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe - ok
21:36:22.0954 5608 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:36:22.0954 5608 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
21:36:22.0958 5608 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
21:36:22.0958 5608 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
21:36:22.0962 5608 [ 83D32B88FA788BF2493F97368636705E ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll
21:36:22.0962 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll - ok
21:36:22.0967 5608 [ 2A12153090316A15CFDD4CD4DFB08442 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll
21:36:22.0967 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll - ok
21:36:22.0972 5608 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
21:36:22.0972 5608 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
21:36:22.0976 5608 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
21:36:22.0976 5608 C:\Windows\SysWOW64\logoncli.dll - ok
21:36:22.0980 5608 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
21:36:22.0980 5608 C:\Windows\SysWOW64\netapi32.dll - ok
21:36:22.0984 5608 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
21:36:22.0984 5608 C:\Windows\SysWOW64\netutils.dll - ok
21:36:22.0989 5608 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
21:36:22.0989 5608 C:\Windows\SysWOW64\srvcli.dll - ok
21:36:22.0992 5608 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
21:36:22.0992 5608 C:\Windows\SysWOW64\wkscli.dll - ok
21:36:22.0996 5608 [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
21:36:22.0996 5608 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
21:36:22.0999 5608 [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\SysWOW64\activeds.dll
21:36:22.0999 5608 C:\Windows\SysWOW64\activeds.dll - ok
21:36:23.0003 5608 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
21:36:23.0003 5608 C:\Windows\SysWOW64\browcli.dll - ok
21:36:23.0008 5608 [ 7290A6DD34862278DF9E26D96E5A95D8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
21:36:23.0008 5608 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
21:36:23.0011 5608 [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
21:36:23.0011 5608 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
21:36:23.0016 5608 [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\SysWOW64\adsldpc.dll
21:36:23.0016 5608 C:\Windows\SysWOW64\adsldpc.dll - ok
21:36:23.0021 5608 [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
21:36:23.0021 5608 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
21:36:23.0024 5608 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
21:36:23.0024 5608 C:\Windows\SysWOW64\Wldap32.dll - ok
21:36:23.0028 5608 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
21:36:23.0028 5608 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
21:36:23.0033 5608 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
21:36:23.0033 5608 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
21:36:23.0036 5608 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
21:36:23.0036 5608 C:\Windows\SysWOW64\wsock32.dll - ok
21:36:23.0040 5608 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
21:36:23.0040 5608 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
21:36:23.0044 5608 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
21:36:23.0044 5608 C:\Windows\SysWOW64\winmm.dll - ok
21:36:23.0047 5608 [ B6245EC07318D914446A50B7F2344372 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll
21:36:23.0047 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll - ok
21:36:23.0051 5608 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
21:36:23.0051 5608 C:\Windows\SysWOW64\atl.dll - ok
21:36:23.0055 5608 [ 86DEAE7B227CECD2C8B2C13EFB270E46 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll
21:36:23.0055 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll - ok
21:36:23.0059 5608 [ A0169D4C2BC08DC9D612FC26D1E4E3D6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll
21:36:23.0059 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll - ok
21:36:23.0062 5608 [ 8F9F50F3810672AC36503B72A0B1808A ] C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll
21:36:23.0062 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll - ok
21:36:23.0067 5608 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
21:36:23.0067 5608 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
21:36:23.0070 5608 [ 44CA607E50E64DF12E4FE7F4073B88C9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll
21:36:23.0070 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll - ok
21:36:23.0073 5608 [ 54FA7A496422A95EC333EF9C4821A32D ] C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll
21:36:23.0073 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll - ok
21:36:23.0078 5608 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
21:36:23.0078 5608 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
21:36:23.0081 5608 [ 29D717B151303045830E72B53FEFE73E ] C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll
21:36:23.0081 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll - ok
21:36:23.0085 5608 [ 1FC67435935CC1CC27040B0FB5D9631C ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll
21:36:23.0085 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll - ok
21:36:23.0088 5608 [ C0EE62DA3D7A9777DED048F4579FA3E9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll
21:36:23.0088 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll - ok
21:36:23.0091 5608 [ 88799EBEFF8BBDC9FDE37565C5066A7B ] C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll
21:36:23.0091 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll - ok
21:36:23.0094 5608 [ 4BDFBB3A85EA63F90B8EF17B7F515F46 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll
21:36:23.0094 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll - ok
21:36:23.0097 5608 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
21:36:23.0097 5608 C:\Windows\SysWOW64\fltLib.dll - ok
21:36:23.0100 5608 [ E75A782A8C218D03A0AF54325132BC70 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll
21:36:23.0100 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll - ok
21:36:23.0105 5608 [ 23149E7061687676BD75BBE52342E42E ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll
21:36:23.0105 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll - ok
21:36:23.0108 5608 [ 25419E7D1DED175B21113D819B3970DC ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll
21:36:23.0108 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll - ok
21:36:23.0112 5608 [ 64605B72B605DEDE66D38E3D7094E73B ] C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll
21:36:23.0112 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll - ok
21:36:23.0117 5608 [ 0D99DC04793237418386656339F4D79C ] C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll
21:36:23.0117 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll - ok
21:36:23.0120 5608 [ D4F6FB4AC69A46398C10DA4451743B0B ] C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll
21:36:23.0120 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll - ok
21:36:23.0124 5608 [ AF7766E30B580964E883FA4A39CD24AE ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll
21:36:23.0124 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll - ok
21:36:23.0128 5608 [ 463F8760E063CD35DC9F370FF3AF8D2B ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll
21:36:23.0128 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll - ok
21:36:23.0132 5608 [ 900ACDAD5D357BB26A571DCA1FD6AD36 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll
21:36:23.0132 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll - ok
21:36:23.0136 5608 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
21:36:23.0136 5608 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
21:36:23.0140 5608 [ 49DBEE1242982C96FB46E6638E1FF5FB ] C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll
21:36:23.0140 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll - ok
21:36:23.0143 5608 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
21:36:23.0143 5608 C:\Windows\SysWOW64\profapi.dll - ok
21:36:23.0147 5608 [ A1E4E006EFA3404151AE32EC0924E04C ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll
21:36:23.0147 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll - ok
21:36:23.0151 5608 [ 434049E557861645FA160F3035025F51 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll
21:36:23.0151 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll - ok
21:36:23.0155 5608 [ CD7B65E600B8EBC91B292C1AC9EC1215 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll
21:36:23.0155 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll - ok
21:36:23.0158 5608 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
21:36:23.0158 5608 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
21:36:23.0161 5608 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
21:36:23.0161 5608 C:\Windows\SysWOW64\setupapi.dll - ok
21:36:23.0164 5608 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
21:36:23.0164 5608 C:\Windows\SysWOW64\devobj.dll - ok
21:36:23.0167 5608 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
21:36:23.0167 5608 C:\Windows\SysWOW64\userenv.dll - ok
21:36:23.0170 5608 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
21:36:23.0170 5608 C:\Windows\SysWOW64\dnssd.dll - ok
21:36:23.0172 5608 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
21:36:23.0172 5608 C:\Windows\SysWOW64\ntmarta.dll - ok
21:36:23.0176 5608 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
21:36:23.0176 5608 C:\Program Files\Bonjour\mDNSResponder.exe - ok
21:36:23.0180 5608 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
21:36:23.0180 5608 C:\Windows\SysWOW64\mswsock.dll - ok
21:36:23.0185 5608 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
21:36:23.0185 5608 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
21:36:23.0189 5608 [ 70232CF581976E4E76CCABB8B31C5E4D ] C:\Program Files (x86)\Digidesign\Pro Tools\MMERefresh.exe
21:36:23.0189 5608 C:\Program Files (x86)\Digidesign\Pro Tools\MMERefresh.exe - ok
21:36:23.0193 5608 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
21:36:23.0193 5608 C:\Windows\System32\cryptsvc.dll - ok
21:36:23.0196 5608 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
21:36:23.0196 5608 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
21:36:23.0201 5608 [ DBC1136A62BD4DECC3632DF650284C2E ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:36:23.0201 5608 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
21:36:23.0205 5608 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
21:36:23.0205 5608 C:\Windows\System32\cryptnet.dll - ok
21:36:23.0208 5608 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
21:36:23.0208 5608 C:\Windows\System32\dps.dll - ok
21:36:23.0211 5608 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
21:36:23.0211 5608 C:\Windows\System32\taskschd.dll - ok
21:36:23.0215 5608 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
21:36:23.0215 5608 C:\Windows\System32\vssapi.dll - ok
21:36:23.0219 5608 [ 03728C624D05C2F157BBD46F6B7F6EA0 ] C:\Windows\SysWOW64\wininet.dll
21:36:23.0220 5608 C:\Windows\SysWOW64\wininet.dll - ok
21:36:23.0225 5608 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
21:36:23.0225 5608 C:\Windows\SysWOW64\dnsapi.dll - ok
21:36:23.0229 5608 [ 0633546736E7816165ADFA5009251CFA ] C:\Program Files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe
21:36:23.0229 5608 C:\Program Files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe - ok
21:36:23.0234 5608 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
21:36:23.0234 5608 C:\Windows\System32\conhost.exe - ok
21:36:23.0241 5608 [ FAEE5377E2B48FAAF3702E73DB8D6F58 ] C:\Windows\System32\diskpart.exe
21:36:23.0241 5608 C:\Windows\System32\diskpart.exe - ok
21:36:23.0245 5608 [ 61E67854128C13FBEA71C7FAC3B822C9 ] C:\Program Files (x86)\Avid\Mbox\AudioDevMon.exe
21:36:23.0245 5608 C:\Program Files (x86)\Avid\Mbox\AudioDevMon.exe - ok
21:36:23.0250 5608 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
21:36:23.0250 5608 C:\Windows\System32\vsstrace.dll - ok
21:36:23.0256 5608 [ 73BDB1C0801D44BEA5F6749FD340CC0F ] C:\Windows\SysWOW64\iertutil.dll
21:36:23.0256 5608 C:\Windows\SysWOW64\iertutil.dll - ok
21:36:23.0263 5608 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
21:36:23.0263 5608 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
21:36:23.0267 5608 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
21:36:23.0267 5608 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
21:36:23.0272 5608 [ 180D098704551DE37C6299AA888D6821 ] C:\Windows\SysWOW64\urlmon.dll
21:36:23.0272 5608 C:\Windows\SysWOW64\urlmon.dll - ok
21:36:23.0277 5608 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
21:36:23.0277 5608 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
21:36:23.0282 5608 [ E53B389AABC47A86A41884E94C9A3012 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
21:36:23.0282 5608 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
21:36:23.0288 5608 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
21:36:23.0288 5608 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
21:36:23.0293 5608 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
21:36:23.0293 5608 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
21:36:23.0297 5608 [ 5225207BDE8C090CE92A18C61180650C ] C:\Windows\System32\vdsldr.exe
21:36:23.0297 5608 C:\Windows\System32\vdsldr.exe - ok
21:36:23.0302 5608 [ B4A6BCEC84AC9C1AADEDB24E2FE531D8 ] C:\Program Files (x86)\Avid\Mbox Pro\AudioDevMon.exe
21:36:23.0302 5608 C:\Program Files (x86)\Avid\Mbox Pro\AudioDevMon.exe - ok
21:36:23.0309 5608 [ 5E33C164DC7FA74728D8A83036C438BB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
21:36:23.0309 5608 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
21:36:23.0315 5608 [ B6F9B45112E56992EF3EFA369FB7F047 ] C:\Windows\System32\vdsutil.dll
21:36:23.0315 5608 C:\Windows\System32\vdsutil.dll - ok
21:36:23.0322 5608 [ 94082E1E52D8BC63F4D6F57E8CD4E4F9 ] C:\Windows\System32\vds_ps.dll
21:36:23.0322 5608 C:\Windows\System32\vds_ps.dll - ok
21:36:23.0327 5608 [ E6CB119EF2E148EAA1A247343550756E ] C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
21:36:23.0327 5608 C:\Program Files (x86)\Common Files\Motive\McciCMService.exe - ok
21:36:23.0332 5608 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
21:36:23.0332 5608 C:\Windows\SysWOW64\imagehlp.dll - ok
21:36:23.0337 5608 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
21:36:23.0337 5608 C:\Windows\SysWOW64\cryptsp.dll - ok
21:36:23.0342 5608 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
21:36:23.0342 5608 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
21:36:23.0348 5608 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
21:36:23.0348 5608 C:\Windows\SysWOW64\rsaenh.dll - ok
21:36:23.0353 5608 [ BE3D584D7C021EB7D89166EECB83C341 ] C:\Program Files\Common Files\Motive\McciCMService.exe
21:36:23.0354 5608 C:\Program Files\Common Files\Motive\McciCMService.exe - ok
21:36:23.0358 5608 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
21:36:23.0358 5608 C:\Windows\SysWOW64\clbcatq.dll - ok
21:36:23.0362 5608 [ 05E4E87619D25370EEA0D368B58AA1F0 ] C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
21:36:23.0362 5608 C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe - ok
21:36:23.0366 5608 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
21:36:23.0366 5608 C:\Windows\System32\netman.dll - ok
21:36:23.0370 5608 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
21:36:23.0370 5608 C:\Windows\System32\nlasvc.dll - ok
21:36:23.0376 5608 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
21:36:23.0376 5608 C:\Windows\System32\ncsi.dll - ok
21:36:23.0382 5608 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
21:36:23.0382 5608 C:\Windows\System32\winhttp.dll - ok
21:36:23.0387 5608 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
21:36:23.0387 5608 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
21:36:23.0391 5608 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
21:36:23.0391 5608 C:\Windows\SysWOW64\ncrypt.dll - ok
21:36:23.0396 5608 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
21:36:23.0396 5608 C:\Windows\System32\webio.dll - ok
21:36:23.0402 5608 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
21:36:23.0402 5608 C:\Windows\System32\aepic.dll - ok
21:36:23.0406 5608 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
21:36:23.0406 5608 C:\Windows\System32\sfc.dll - ok
21:36:23.0410 5608 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
21:36:23.0410 5608 C:\Windows\System32\sfc_os.dll - ok
21:36:23.0414 5608 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
21:36:23.0414 5608 C:\Windows\System32\drivers\PEAuth.sys - ok
21:36:23.0418 5608 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
21:36:23.0418 5608 C:\Windows\System32\ssdpapi.dll - ok
21:36:23.0423 5608 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
21:36:23.0424 5608 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
21:36:23.0428 5608 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
21:36:23.0428 5608 C:\Windows\System32\drivers\secdrv.sys - ok
21:36:23.0432 5608 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
21:36:23.0432 5608 C:\Windows\System32\seclogon.dll - ok
21:36:23.0437 5608 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
21:36:23.0437 5608 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
21:36:23.0441 5608 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
21:36:23.0441 5608 C:\Windows\SysWOW64\psapi.dll - ok
21:36:23.0445 5608 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
21:36:23.0445 5608 C:\Windows\System32\drivers\srvnet.sys - ok
21:36:23.0449 5608 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
21:36:23.0449 5608 C:\Windows\SysWOW64\bcrypt.dll - ok
21:36:23.0454 5608 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
21:36:23.0454 5608 C:\Windows\System32\ssdpsrv.dll - ok
21:36:23.0459 5608 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
21:36:23.0459 5608 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
21:36:23.0463 5608 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
21:36:23.0463 5608 C:\Windows\System32\drivers\tcpipreg.sys - ok
21:36:23.0467 5608 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
21:36:23.0467 5608 C:\Windows\System32\sysmain.dll - ok
21:36:23.0471 5608 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
21:36:23.0471 5608 C:\Windows\System32\wiaservc.dll - ok
21:36:23.0475 5608 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
21:36:23.0475 5608 C:\Windows\System32\httpapi.dll - ok
21:36:23.0480 5608 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
21:36:23.0480 5608 C:\Windows\System32\tapisrv.dll - ok
21:36:23.0484 5608 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
21:36:23.0484 5608 C:\Windows\System32\wiatrace.dll - ok
21:36:23.0488 5608 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:36:23.0488 5608 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
21:36:23.0492 5608 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
21:36:23.0492 5608 C:\Program Files\Windows Defender\MpSvc.dll - ok
21:36:23.0496 5608 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
21:36:23.0496 5608 C:\Windows\System32\trkwks.dll - ok
21:36:23.0500 5608 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
21:36:23.0500 5608 C:\Windows\System32\wbem\WMIsvc.dll - ok
21:36:23.0503 5608 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
21:36:23.0504 5608 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
21:36:23.0507 5608 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
21:36:23.0507 5608 C:\Windows\System32\SensApi.dll - ok
21:36:23.0510 5608 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
21:36:23.0510 5608 C:\Windows\SysWOW64\gpapi.dll - ok
21:36:23.0515 5608 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
21:36:23.0515 5608 C:\Windows\System32\wbemcomn.dll - ok
21:36:23.0517 5608 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
21:36:23.0517 5608 C:\Windows\System32\wer.dll - ok
21:36:23.0521 5608 [ 66C5255881F6F37F5CB22B9C9C777662 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
21:36:23.0521 5608 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
21:36:23.0525 5608 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
21:36:23.0525 5608 C:\Windows\System32\drivers\srv2.sys - ok
21:36:23.0529 5608 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
21:36:23.0529 5608 C:\Program Files\Windows Defender\MpClient.dll - ok
21:36:23.0532 5608 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
21:36:23.0532 5608 C:\Windows\System32\msxml3.dll - ok
21:36:23.0535 5608 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
21:36:23.0535 5608 C:\Windows\System32\upnphost.dll - ok
21:36:23.0539 5608 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
21:36:23.0539 5608 C:\Windows\System32\drivers\srv.sys - ok
21:36:23.0542 5608 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
21:36:23.0543 5608 C:\Windows\System32\iphlpsvc.dll - ok
21:36:23.0546 5608 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
21:36:23.0546 5608 C:\Windows\System32\rasmans.dll - ok
21:36:23.0549 5608 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
21:36:23.0549 5608 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
21:36:23.0552 5608 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
21:36:23.0552 5608 C:\Windows\System32\wscsvc.dll - ok
21:36:23.0556 5608 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
21:36:23.0556 5608 C:\Windows\System32\wbem\fastprox.dll - ok
21:36:23.0559 5608 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
21:36:23.0559 5608 C:\Windows\System32\dbghelp.dll - ok
21:36:23.0563 5608 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
21:36:23.0563 5608 C:\Windows\System32\sqmapi.dll - ok
21:36:23.0565 5608 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
21:36:23.0565 5608 C:\Windows\System32\wdscore.dll - ok
21:36:23.0568 5608 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
21:36:23.0568 5608 C:\Windows\System32\srvsvc.dll - ok
21:36:23.0571 5608 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
21:36:23.0571 5608 C:\Windows\System32\browser.dll - ok
21:36:23.0574 5608 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
21:36:23.0574 5608 C:\Windows\System32\clusapi.dll - ok
21:36:23.0577 5608 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
21:36:23.0577 5608 C:\Windows\System32\netmsg.dll - ok
21:36:23.0580 5608 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
21:36:23.0580 5608 C:\Windows\System32\sscore.dll - ok
21:36:23.0584 5608 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
21:36:23.0584 5608 C:\Windows\System32\esent.dll - ok
21:36:23.0587 5608 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
21:36:23.0587 5608 C:\Windows\System32\ntdsapi.dll - ok
21:36:23.0591 5608 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
21:36:23.0591 5608 C:\Windows\System32\resutils.dll - ok
21:36:23.0594 5608 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
21:36:23.0594 5608 C:\Windows\System32\wbem\wbemprox.dll - ok
21:36:23.0597 5608 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
21:36:23.0597 5608 C:\Windows\System32\hnetcfg.dll - ok
21:36:23.0600 5608 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
21:36:23.0601 5608 C:\Windows\System32\nci.dll - ok
21:36:23.0604 5608 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
21:36:23.0604 5608 C:\Windows\System32\netprofm.dll - ok
21:36:23.0608 5608 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
21:36:23.0608 5608 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
21:36:23.0611 5608 [ 794D4B48DFB6E999537C7C3947863463 ] C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
21:36:23.0611 5608 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe - ok
21:36:23.0616 5608 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
21:36:23.0616 5608 C:\Windows\System32\wbem\wbemcore.dll - ok
21:36:23.0620 5608 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
21:36:23.0620 5608 C:\Windows\System32\wbem\esscli.dll - ok
21:36:23.0623 5608 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
21:36:23.0623 5608 C:\Windows\System32\wbem\WinMgmtR.dll - ok
21:36:23.0626 5608 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
21:36:23.0626 5608 C:\Windows\System32\rastapi.dll - ok
21:36:23.0630 5608 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
21:36:23.0630 5608 C:\Windows\SysWOW64\winspool.drv - ok
21:36:23.0634 5608 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
21:36:23.0634 5608 C:\Windows\SysWOW64\cryptnet.dll - ok
21:36:23.0637 5608 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
21:36:23.0637 5608 C:\Windows\System32\tapi32.dll - ok
21:36:23.0641 5608 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
21:36:23.0641 5608 C:\Windows\System32\wbem\wbemsvc.dll - ok
21:36:23.0644 5608 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
21:36:23.0644 5608 C:\Program Files\Bonjour\mdnsNSP.dll - ok
21:36:23.0648 5608 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
21:36:23.0649 5608 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
21:36:23.0651 5608 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
21:36:23.0651 5608 C:\Windows\System32\wbem\repdrvfs.dll - ok
21:36:23.0655 5608 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
21:36:23.0655 5608 C:\Windows\System32\wbem\wmiutils.dll - ok
21:36:23.0657 5608 [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
21:36:23.0657 5608 C:\Program Files\Windows Defender\MpRTP.dll - ok
21:36:23.0661 5608 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
21:36:23.0661 5608 C:\Windows\System32\tdh.dll - ok
21:36:23.0664 5608 [ 747E9FD93A32202BE6DC5D1321BE977C ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{32391188-4334-46E5-97EF-22A0E977C825}\mpengine.dll
21:36:23.0664 5608 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{32391188-4334-46E5-97EF-22A0E977C825}\mpengine.dll - ok
21:36:23.0667 5608 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
21:36:23.0667 5608 C:\Windows\System32\rasadhlp.dll - ok
21:36:23.0670 5608 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
21:36:23.0670 5608 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
21:36:23.0674 5608 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
21:36:23.0674 5608 C:\Windows\System32\ncobjapi.dll - ok
21:36:23.0678 5608 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
21:36:23.0678 5608 C:\Windows\System32\wbem\wbemess.dll - ok
21:36:23.0681 5608 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
21:36:23.0681 5608 C:\Windows\System32\unimdm.tsp - ok
21:36:23.0684 5608 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
21:36:23.0684 5608 C:\Windows\System32\uniplat.dll - ok
21:36:23.0687 5608 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
21:36:23.0687 5608 C:\Windows\System32\kmddsp.tsp - ok
21:36:23.0690 5608 [ A58F4E888905822C479B4CDC642AE278 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{32391188-4334-46E5-97EF-22A0E977C825}\mpasbase.vdm
21:36:23.0690 5608 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{32391188-4334-46E5-97EF-22A0E977C825}\mpasbase.vdm - ok
21:36:23.0694 5608 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
21:36:23.0694 5608 C:\Windows\System32\p2pcollab.dll - ok
21:36:23.0697 5608 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
21:36:23.0697 5608 C:\Windows\System32\ndptsp.tsp - ok
21:36:23.0700 5608 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
21:36:23.0700 5608 C:\Windows\System32\QAGENTRT.DLL - ok
21:36:23.0703 5608 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
21:36:23.0703 5608 C:\Windows\System32\wbem\NCProv.dll - ok
21:36:23.0706 5608 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
21:36:23.0706 5608 C:\Windows\System32\fveui.dll - ok
21:36:23.0709 5608 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
21:36:23.0709 5608 C:\Windows\System32\hidphone.tsp - ok
21:36:23.0713 5608 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
21:36:23.0713 5608 C:\Windows\System32\wuapi.dll - ok
21:36:23.0716 5608 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
21:36:23.0716 5608 C:\Windows\SysWOW64\msimg32.dll - ok
21:36:23.0719 5608 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
21:36:23.0719 5608 C:\Windows\SysWOW64\wer.dll - ok
21:36:23.0722 5608 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
21:36:23.0722 5608 C:\Windows\SysWOW64\SensApi.dll - ok
21:36:23.0725 5608 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
21:36:23.0725 5608 C:\Windows\SysWOW64\Faultrep.dll - ok
21:36:23.0728 5608 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
21:36:23.0728 5608 C:\Windows\SysWOW64\propsys.dll - ok
21:36:23.0732 5608 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
21:36:23.0732 5608 C:\Windows\System32\cabinet.dll - ok
21:36:23.0735 5608 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
21:36:23.0735 5608 C:\Windows\System32\wups.dll - ok
21:36:23.0738 5608 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
21:36:23.0738 5608 C:\Windows\System32\aeevts.dll - ok
21:36:23.0741 5608 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
21:36:23.0741 5608 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
21:36:23.0743 5608 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
21:36:23.0744 5608 C:\Windows\System32\rasppp.dll - ok
21:36:23.0747 5608 [ 6B44700917F45B19B96B46B345B6F0E7 ] C:\Program Files (x86)\Spybot - Search & Destroy\SDMain.exe
21:36:23.0747 5608 C:\Program Files (x86)\Spybot - Search & Destroy\SDMain.exe - ok
21:36:23.0750 5608 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
21:36:23.0750 5608 C:\Windows\System32\vpnike.dll - ok
21:36:23.0753 5608 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
21:36:23.0753 5608 C:\Windows\SysWOW64\sxs.dll - ok
21:36:23.0756 5608 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
21:36:23.0756 5608 C:\Windows\System32\raschap.dll - ok
21:36:23.0759 5608 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
21:36:23.0759 5608 C:\Windows\SysWOW64\wbemcomn.dll - ok
21:36:23.0762 5608 [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
21:36:23.0762 5608 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
21:36:23.0765 5608 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
21:36:23.0765 5608 C:\Windows\SysWOW64\apphelp.dll - ok
21:36:23.0767 5608 [ 3B286DB70D357E06CFF42C5C30EB3A52 ] C:\Program Files (x86)\Avid\Mbox Pro\DriverInterface.exe
21:36:23.0767 5608 C:\Program Files (x86)\Avid\Mbox Pro\DriverInterface.exe - ok
21:36:23.0771 5608 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
21:36:23.0771 5608 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
21:36:23.0775 5608 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
21:36:23.0775 5608 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
21:36:23.0779 5608 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
21:36:23.0779 5608 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
21:36:23.0782 5608 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
21:36:23.0782 5608 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
21:36:23.0786 5608 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
21:36:23.0786 5608 C:\Windows\SysWOW64\ntdsapi.dll - ok
21:36:23.0789 5608 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
21:36:23.0789 5608 C:\Windows\System32\ipnathlp.dll - ok
21:36:23.0792 5608 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
21:36:23.0792 5608 C:\Windows\System32\mprapi.dll - ok
21:36:23.0794 5608 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
21:36:23.0794 5608 C:\Windows\System32\netshell.dll - ok
21:36:23.0799 5608 [ 7EFCD514DC284B897D43F3FD3E978B00 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{32391188-4334-46E5-97EF-22A0E977C825}\mpasdlta.vdm
21:36:23.0799 5608 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{32391188-4334-46E5-97EF-22A0E977C825}\mpasdlta.vdm - ok
21:36:23.0802 5608 [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
21:36:23.0802 5608 C:\Program Files\Windows Defender\MsMpLics.dll - ok
21:36:23.0805 5608 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
21:36:23.0805 5608 C:\Windows\System32\wscapi.dll - ok
21:36:23.0808 5608 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
21:36:23.0808 5608 C:\Windows\System32\wscisvif.dll - ok
21:36:23.0812 5608 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
21:36:23.0812 5608 C:\Windows\System32\wscproxystub.dll - ok
21:36:23.0816 5608 [ 8058495AE703D76A68552C5801D7D705 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll
21:36:23.0816 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll - ok
21:36:23.0820 5608 [ 9811C4C97E7FC3AC62FC9AD2E612ED78 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll
21:36:23.0820 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll - ok
21:36:23.0824 5608 [ 7250E1044C3F3A2B217BA8CF2CE801FA ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll
21:36:23.0824 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll - ok
21:36:23.0828 5608 [ A8A3098D1B757AF5CE13A4B83D7F5FAA ] C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
21:36:23.0828 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe - ok
21:36:23.0832 5608 [ 4E9DDFD4A563E6FEC49A699CB03CA2D2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll
21:36:23.0832 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll - ok
21:36:23.0835 5608 [ 0C75D5C6026D73E27F94418EB8F8BFF9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll
21:36:23.0835 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll - ok
21:36:23.0838 5608 [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
21:36:23.0838 5608 C:\Windows\System32\vds.exe - ok
21:36:23.0841 5608 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
21:36:23.0841 5608 C:\Windows\System32\wdi.dll - ok
21:36:23.0844 5608 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
21:36:23.0844 5608 C:\Windows\System32\npmproxy.dll - ok
21:36:23.0847 5608 [ 020DDBA420E020F84BDEDCC8C65B3A56 ] C:\Windows\System32\osuninst.dll
21:36:23.0847 5608 C:\Windows\System32\osuninst.dll - ok
21:36:23.0851 5608 [ 339D66321076462395685EB0C3BC4345 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe
21:36:23.0851 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe - ok
21:36:23.0854 5608 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
21:36:23.0854 5608 C:\Windows\System32\hidserv.dll - ok
21:36:23.0857 5608 [ 3D1AE0543DD9FBA55409BF0A5103CA3D ] C:\Windows\System32\uexfat.dll
21:36:23.0857 5608 C:\Windows\System32\uexfat.dll - ok
21:36:23.0860 5608 [ EE11A3F03D8B801B721BC6D0089BDD9C ] C:\Windows\System32\ulib.dll
21:36:23.0860 5608 C:\Windows\System32\ulib.dll - ok
21:36:23.0863 5608 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
21:36:23.0863 5608 C:\Windows\System32\diagperf.dll - ok
21:36:23.0866 5608 [ E060CAF6D6C303A2C9BC13435F7F81A1 ] C:\Windows\System32\ifsutil.dll
21:36:23.0866 5608 C:\Windows\System32\ifsutil.dll - ok
21:36:23.0869 5608 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
21:36:23.0869 5608 C:\Windows\System32\perftrack.dll - ok
21:36:23.0872 5608 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
21:36:23.0872 5608 C:\Windows\System32\wpdbusenum.dll - ok
21:36:23.0875 5608 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll
21:36:23.0875 5608 C:\Windows\SysWOW64\mfc100u.dll - ok
21:36:23.0879 5608 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
21:36:23.0879 5608 C:\Windows\System32\PortableDeviceApi.dll - ok
21:36:23.0883 5608 [ C3804346CDF9A8744084EEBA6BA739AF ] C:\Windows\System32\uudf.dll
21:36:23.0883 5608 C:\Windows\System32\uudf.dll - ok
21:36:23.0887 5608 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
21:36:23.0887 5608 C:\Windows\System32\Apphlpdm.dll - ok
21:36:23.0892 5608 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
21:36:23.0892 5608 C:\Windows\System32\pnpts.dll - ok
21:36:23.0896 5608 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
21:36:23.0896 5608 C:\Windows\System32\wdiasqmmodule.dll - ok
21:36:23.0899 5608 [ B4CE0CAB186EBF4DF54BD34B4F0C0A06 ] C:\Windows\System32\untfs.dll
21:36:23.0900 5608 C:\Windows\System32\untfs.dll - ok
21:36:23.0903 5608 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
21:36:23.0903 5608 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
21:36:23.0907 5608 [ 491DA8248209835532DAABF18B0215DA ] C:\Windows\System32\fmifs.dll
21:36:23.0907 5608 C:\Windows\System32\fmifs.dll - ok
21:36:23.0910 5608 [ CC37D9A25FF8D8CF12FC2F512C100F45 ] C:\Windows\System32\ufat.dll
21:36:23.0910 5608 C:\Windows\System32\ufat.dll - ok
21:36:23.0914 5608 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
21:36:23.0914 5608 C:\Windows\System32\NapiNSP.dll - ok
21:36:23.0918 5608 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
21:36:23.0918 5608 C:\Windows\System32\pnrpnsp.dll - ok
21:36:23.0921 5608 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
21:36:23.0921 5608 C:\Windows\System32\winrnr.dll - ok
21:36:23.0924 5608 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
21:36:23.0924 5608 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
21:36:23.0928 5608 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
21:36:23.0928 5608 C:\Windows\SysWOW64\dwmapi.dll - ok
21:36:23.0931 5608 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
21:36:23.0931 5608 C:\Windows\SysWOW64\uxtheme.dll - ok
21:36:23.0934 5608 [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\Windows\SysWOW64\mfc100enu.dll
21:36:23.0934 5608 C:\Windows\SysWOW64\mfc100enu.dll - ok
21:36:23.0938 5608 [ FB24FA10D1178B7EF924E6D12E986DAA ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll
21:36:23.0938 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll - ok
21:36:23.0941 5608 [ 537967227B2F15AB69A5BF1CA9330C7B ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll
21:36:23.0941 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll - ok
21:36:23.0944 5608 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
21:36:23.0944 5608 C:\Windows\SysWOW64\winhttp.dll - ok
21:36:23.0947 5608 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
21:36:23.0947 5608 C:\Windows\SysWOW64\webio.dll - ok
21:36:23.0951 5608 [ 2FDF68C519F8B9D679110DAD0DE4857E ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll
21:36:23.0951 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll - ok
21:36:23.0954 5608 [ 08D6172E4AFDAD5FD9ADD46B09360707 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll
21:36:23.0955 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll - ok
21:36:23.0957 5608 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
21:36:23.0957 5608 C:\Windows\System32\IPSECSVC.DLL - ok
21:36:23.0960 5608 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
21:36:23.0960 5608 C:\Windows\System32\taskhost.exe - ok
21:36:23.0964 5608 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
21:36:23.0964 5608 C:\Windows\System32\FwRemoteSvr.dll - ok
21:36:23.0967 5608 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
21:36:23.0967 5608 C:\Windows\SysWOW64\wscapi.dll - ok
21:36:23.0971 5608 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
21:36:23.0971 5608 C:\Windows\SysWOW64\wscisvif.dll - ok
21:36:23.0974 5608 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
21:36:23.0974 5608 C:\Windows\SysWOW64\wscproxystub.dll - ok
21:36:23.0977 5608 [ 86F8145F5FD182F8C36337A351889F92 ] C:\Windows\System32\vdsdyn.dll
21:36:23.0977 5608 C:\Windows\System32\vdsdyn.dll - ok
21:36:23.0980 5608 [ AC3D7EE5F9EC2AB4BE0CDDE362D026A4 ] C:\Windows\System32\vdsbas.dll
21:36:23.0980 5608 C:\Windows\System32\vdsbas.dll - ok
21:36:23.0983 5608 [ D2D154D1842219A0620459C3C34EFD9D ] C:\Windows\System32\vdsvd.dll
21:36:23.0983 5608 C:\Windows\System32\vdsvd.dll - ok
21:36:23.0985 5608 [ BBB44E9207E7F5A8D931AA6C74962C77 ] C:\Windows\System32\virtdisk.dll
21:36:23.0986 5608 C:\Windows\System32\virtdisk.dll - ok
21:36:23.0988 5608 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
21:36:23.0989 5608 C:\Windows\System32\fltLib.dll - ok
21:36:23.0992 5608 [ C418F8085C61D3B6911EE82157CA3775 ] C:\Windows\System32\hbaapi.dll
21:36:23.0992 5608 C:\Windows\System32\hbaapi.dll - ok
21:36:23.0996 5608 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
21:36:23.0996 5608 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
21:36:23.0999 5608 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
21:36:23.0999 5608 C:\Windows\System32\dimsjob.dll - ok
21:36:24.0002 5608 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
21:36:24.0002 5608 C:\Windows\System32\pautoenr.dll - ok
21:36:24.0005 5608 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
21:36:24.0005 5608 C:\Windows\System32\certcli.dll - ok
21:36:24.0008 5608 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
21:36:24.0008 5608 C:\Windows\System32\wbem\wmiprov.dll - ok
21:36:24.0012 5608 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
21:36:24.0012 5608 C:\Windows\System32\CertEnroll.dll - ok
21:36:24.0016 5608 [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\Windows\System32\iscsidsc.dll
21:36:24.0016 5608 C:\Windows\System32\iscsidsc.dll - ok
21:36:24.0018 5608 [ 22D98BF27F3DAE2B3E9559B9C40D49A1 ] C:\Windows\System32\iscsium.dll
21:36:24.0018 5608 C:\Windows\System32\iscsium.dll - ok
21:36:24.0021 5608 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
21:36:24.0021 5608 C:\Windows\System32\dllhost.exe - ok
21:36:24.0024 5608 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
21:36:24.0024 5608 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
21:36:24.0027 5608 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
21:36:24.0027 5608 C:\Windows\System32\IDStore.dll - ok
21:36:24.0031 5608 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
21:36:24.0031 5608 C:\Windows\SysWOW64\winsta.dll - ok
21:36:24.0033 5608 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
21:36:24.0033 5608 C:\Windows\System32\AtBroker.exe - ok
21:36:24.0036 5608 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
21:36:24.0036 5608 C:\Windows\System32\mpr.dll - ok
21:36:24.0039 5608 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
21:36:24.0039 5608 C:\Windows\System32\userinit.exe - ok
21:36:24.0042 5608 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
21:36:24.0042 5608 C:\Windows\System32\PlaySndSrv.dll - ok
21:36:24.0045 5608 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
21:36:24.0045 5608 C:\Windows\System32\dwm.exe - ok
21:36:24.0048 5608 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
21:36:24.0048 5608 C:\Windows\System32\localspl.dll - ok
21:36:24.0051 5608 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
21:36:24.0051 5608 C:\Windows\System32\dwmredir.dll - ok
21:36:24.0054 5608 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
21:36:24.0054 5608 C:\Windows\System32\MsCtfMonitor.dll - ok
21:36:24.0057 5608 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
21:36:24.0057 5608 C:\Windows\System32\spoolss.dll - ok
21:36:24.0060 5608 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
21:36:24.0060 5608 C:\Windows\System32\dwmcore.dll - ok
21:36:24.0063 5608 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
21:36:24.0063 5608 C:\Windows\System32\msutb.dll - ok
21:36:24.0066 5608 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
21:36:24.0066 5608 C:\Windows\System32\winspool.drv - ok
21:36:24.0069 5608 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
21:36:24.0069 5608 C:\Windows\System32\HotStartUserAgent.dll - ok
21:36:24.0073 5608 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
21:36:24.0073 5608 C:\Windows\System32\PrintIsolationProxy.dll - ok
21:36:24.0077 5608 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
21:36:24.0077 5608 C:\Windows\System32\d3d10_1.dll - ok
21:36:24.0081 5608 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
21:36:24.0081 5608 C:\Windows\System32\d3d10_1core.dll - ok
21:36:24.0084 5608 [ C835670705596AE67EE7E0AE92A12071 ] C:\Windows\System32\HPZLLLHN.DLL
21:36:24.0084 5608 C:\Windows\System32\HPZLLLHN.DLL - ok
21:36:24.0086 5608 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
21:36:24.0086 5608 C:\Windows\System32\dxgi.dll - ok
21:36:24.0089 5608 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
21:36:24.0089 5608 C:\Windows\System32\FXSMON.dll - ok
21:36:24.0093 5608 [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
21:36:24.0093 5608 C:\Windows\System32\d3d11.dll - ok
21:36:24.0097 5608 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
21:36:24.0097 5608 C:\Windows\System32\tcpmon.dll - ok
21:36:24.0100 5608 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
21:36:24.0100 5608 C:\Windows\System32\snmpapi.dll - ok
21:36:24.0104 5608 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
21:36:24.0104 5608 C:\Windows\System32\dssenh.dll - ok
21:36:24.0107 5608 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
21:36:24.0107 5608 C:\Windows\System32\wsnmp32.dll - ok
21:36:24.0110 5608 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
21:36:24.0110 5608 C:\Windows\System32\usbmon.dll - ok
21:36:24.0114 5608 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
21:36:24.0114 5608 C:\Windows\explorer.exe - ok
21:36:24.0118 5608 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
21:36:24.0118 5608 C:\Windows\System32\WSDMon.dll - ok
21:36:24.0121 5608 [ AD51BE7F8FB2CE06FD220B657AFA6586 ] C:\Windows\System32\nvwgf2umx.dll
21:36:24.0121 5608 C:\Windows\System32\nvwgf2umx.dll - ok
21:36:24.0124 5608 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
21:36:24.0124 5608 C:\Windows\System32\WSDApi.dll - ok
21:36:24.0126 5608 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
21:36:24.0126 5608 C:\Windows\System32\webservices.dll - ok
21:36:24.0129 5608 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
21:36:24.0129 5608 C:\Windows\System32\fdPnp.dll - ok
21:36:24.0133 5608 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
21:36:24.0133 5608 C:\Windows\System32\fundisc.dll - ok
21:36:24.0137 5608 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
21:36:24.0137 5608 C:\Windows\System32\radardt.dll - ok
21:36:24.0140 5608 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
21:36:24.0140 5608 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
21:36:24.0143 5608 [ C30A50449EA4B611484A5F1F1F016774 ] C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL
21:36:24.0143 5608 C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL - ok
21:36:24.0148 5608 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
21:36:24.0148 5608 C:\Windows\System32\win32spl.dll - ok
21:36:24.0151 5608 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
21:36:24.0151 5608 C:\Windows\System32\inetpp.dll - ok
21:36:24.0155 5608 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
21:36:24.0155 5608 C:\Windows\System32\cscapi.dll - ok
21:36:24.0159 5608 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
21:36:24.0159 5608 C:\Windows\System32\uDWM.dll - ok
21:36:24.0163 5608 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
21:36:24.0163 5608 C:\Windows\System32\ExplorerFrame.dll - ok
21:36:24.0167 5608 [ 5877A3341AA7DF58789294CEBA38AE2B ] C:\Users\KOTARE\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
21:36:24.0167 5608 C:\Users\KOTARE\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll - ok
21:36:24.0171 5608 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
21:36:24.0171 5608 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
21:36:24.0175 5608 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
21:36:24.0175 5608 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
21:36:24.0178 5608 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
21:36:24.0178 5608 C:\Windows\System32\EhStorShell.dll - ok
21:36:24.0182 5608 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
21:36:24.0182 5608 C:\Windows\System32\ntshrui.dll - ok
21:36:24.0186 5608 [ F4D4166CB07E709EF63375368322B20A ] C:\Program Files\Mediafour\MacDrive 8\MACDRAPI.DLL
21:36:24.0186 5608 C:\Program Files\Mediafour\MacDrive 8\MACDRAPI.DLL - ok
21:36:24.0189 5608 [ 0A4F495719267A5AA577A4DB7E8BC8C0 ] C:\Program Files\Mediafour\MacDrive 8\MDVolumeIcons.dll
21:36:24.0189 5608 C:\Program Files\Mediafour\MacDrive 8\MDVolumeIcons.dll - ok
21:36:24.0192 5608 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
21:36:24.0192 5608 C:\Windows\System32\IconCodecService.dll - ok
21:36:24.0197 5608 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
21:36:24.0197 5608 C:\Windows\System32\appinfo.dll - ok
21:36:24.0200 5608 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
21:36:24.0201 5608 C:\Windows\System32\runonce.exe - ok
21:36:24.0204 5608 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
21:36:24.0204 5608 C:\Windows\SysWOW64\runonce.exe - ok
21:36:24.0207 5608 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
21:36:24.0207 5608 C:\Windows\SysWOW64\secur32.dll - ok
21:36:24.0210 5608 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
21:36:24.0210 5608 C:\Windows\SysWOW64\cmd.exe - ok
21:36:24.0213 5608 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
21:36:24.0213 5608 C:\Windows\SysWOW64\winbrand.dll - ok
21:36:24.0217 5608 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
21:36:24.0217 5608 C:\Windows\System32\aelupsvc.dll - ok
21:36:24.0220 5608 [ D3EAB9BCB2B92EFCA615781C215644C0 ] C:\Windows\SysWOW64\ieframe.dll
21:36:24.0220 5608 C:\Windows\SysWOW64\ieframe.dll - ok
21:36:24.0223 5608 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
21:36:24.0223 5608 C:\Windows\SysWOW64\oleacc.dll - ok
21:36:24.0226 5608 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
21:36:24.0226 5608 C:\Windows\SysWOW64\shdocvw.dll - ok
21:36:24.0229 5608 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\KOTARE\AppData\Local\Temp\A6DB555E-687D-4D1B-9234-9EE3E2C4D444.exe
21:36:24.0229 5608 C:\Users\KOTARE\AppData\Local\Temp\A6DB555E-687D-4D1B-9234-9EE3E2C4D444.exe - ok
21:36:24.0232 5608 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
21:36:24.0232 5608 C:\Windows\SysWOW64\credssp.dll - ok
21:36:24.0235 5608 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
21:36:24.0235 5608 C:\Windows\SysWOW64\wship6.dll - ok
21:36:24.0239 5608 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
21:36:24.0239 5608 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
21:36:24.0242 5608 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
21:36:24.0242 5608 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
21:36:24.0245 5608 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
21:36:24.0245 5608 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
21:36:24.0249 5608 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
21:36:24.0249 5608 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
21:36:24.0252 5608 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
21:36:24.0252 5608 C:\Windows\SysWOW64\rasadhlp.dll - ok
21:36:24.0256 5608 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
21:36:24.0256 5608 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
21:36:24.0259 5608 [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
21:36:24.0259 5608 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
21:36:24.0263 5608 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
21:36:24.0263 5608 C:\Windows\SysWOW64\EhStorShell.dll - ok
21:36:24.0266 5608 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
21:36:24.0266 5608 C:\Windows\SysWOW64\ntshrui.dll - ok
21:36:24.0268 5608 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
21:36:24.0268 5608 C:\Windows\SysWOW64\cscapi.dll - ok
21:36:24.0271 5608 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
21:36:24.0271 5608 C:\Windows\SysWOW64\slc.dll - ok
21:36:24.0274 5608 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
21:36:24.0274 5608 C:\Windows\SysWOW64\imageres.dll - ok
21:36:24.0277 5608 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
21:36:24.0277 5608 C:\Windows\System32\taskeng.exe - ok
21:36:24.0280 5608 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
21:36:24.0280 5608 C:\Windows\System32\TSChannel.dll - ok
21:36:24.0283 5608 [ AE2BE27838478814F87EE42437D862E6 ] C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
21:36:24.0283 5608 C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe - ok
21:36:24.0287 5608 [ 131DFB6DC47571B23523504F947A991D ] C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSParts.dll
21:36:24.0287 5608 C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSParts.dll - ok
21:36:24.0290 5608 [ 2766769440198C1E63122865850BB631 ] C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSAPI.dll
21:36:24.0290 5608 C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSAPI.dll - ok
21:36:24.0293 5608 [ DA4950C4239E0C4FF35895FD7AA46B05 ] C:\Program Files (x86)\TOSHIBA\ConfigFree\CFWlApi.dll
21:36:24.0293 5608 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFWlApi.dll - ok
21:36:24.0296 5608 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
21:36:24.0296 5608 C:\Windows\SysWOW64\wlanapi.dll - ok
21:36:24.0299 5608 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
21:36:24.0299 5608 C:\Windows\SysWOW64\wlanutil.dll - ok
21:36:24.0303 5608 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
21:36:24.0303 5608 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
21:36:24.0305 5608 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll
21:36:24.0305 5608 C:\Windows\SysWOW64\rasdlg.dll - ok
21:36:24.0308 5608 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll
21:36:24.0308 5608 C:\Windows\SysWOW64\mprapi.dll - ok
21:36:24.0312 5608 [ 15936A348676D246A41A4781E6A34692 ] C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSMUI.dll
21:36:24.0312 5608 C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSMUI.dll - ok
21:36:24.0315 5608 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
21:36:24.0316 5608 C:\Windows\SysWOW64\comdlg32.dll - ok
21:36:24.0318 5608 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
21:36:24.0318 5608 C:\Windows\System32\wbem\cimwin32.dll - ok
21:36:24.0321 5608 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
21:36:24.0321 5608 C:\Windows\System32\framedynos.dll - ok
21:36:24.0324 5608 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
21:36:24.0324 5608 C:\Windows\System32\wmi.dll - ok
21:36:24.0328 5608 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
21:36:24.0328 5608 C:\Windows\SysWOW64\sfc.dll - ok
21:36:24.0331 5608 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
21:36:24.0331 5608 C:\Windows\SysWOW64\sfc_os.dll - ok
21:36:24.0334 5608 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
21:36:24.0334 5608 C:\Windows\SysWOW64\devrtl.dll - ok
21:36:24.0337 5608 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
21:36:24.0337 5608 C:\Windows\System32\ie4uinit.exe - ok
21:36:24.0340 5608 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
21:36:24.0340 5608 C:\Windows\System32\iedkcs32.dll - ok
21:36:24.0342 5608 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
21:36:24.0342 5608 C:\Windows\System32\timedate.cpl - ok
21:36:24.0345 5608 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
21:36:24.0346 5608 C:\Windows\System32\actxprxy.dll - ok
21:36:24.0349 5608 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
21:36:24.0349 5608 C:\Windows\System32\shdocvw.dll - ok
21:36:24.0351 5608 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
21:36:24.0351 5608 C:\Windows\System32\linkinfo.dll - ok
21:36:24.0354 5608 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
21:36:24.0354 5608 C:\Windows\System32\msftedit.dll - ok
21:36:24.0357 5608 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
21:36:24.0357 5608 C:\Windows\System32\msls31.dll - ok
21:36:24.0361 5608 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
21:36:24.0361 5608 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
21:36:24.0364 5608 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
21:36:24.0364 5608 C:\Windows\System32\gameux.dll - ok
21:36:24.0367 5608 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
21:36:24.0367 5608 C:\Windows\System32\DeviceCenter.dll - ok
21:36:24.0370 5608 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
21:36:24.0370 5608 C:\Windows\System32\SearchFolder.dll - ok
21:36:24.0374 5608 [ 1E98EE77B8CFD2E56F73D752C2A1313B ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
21:36:24.0374 5608 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
21:36:24.0379 5608 [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
21:36:24.0379 5608 C:\Windows\System32\StructuredQuery.dll - ok
21:36:24.0383 5608 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\53082895.sys
21:36:24.0383 5608 C:\Windows\System32\drivers\53082895.sys - ok
21:36:24.0386 5608 [ 75CE9BFDFC2059712219BA9896A64EC6 ] C:\Windows\System32\SynCOM.dll
21:36:24.0386 5608 C:\Windows\System32\SynCOM.dll - ok
21:36:24.0390 5608 [ 058B2444E93E8F1E707CF787A7B1D6A0 ] C:\Windows\System32\SynTPAPI.dll
21:36:24.0390 5608 C:\Windows\System32\SynTPAPI.dll - ok
21:36:24.0394 5608 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
21:36:24.0394 5608 C:\Windows\SysWOW64\msxml3.dll - ok
21:36:24.0398 5608 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
21:36:24.0398 5608 C:\Windows\System32\thumbcache.dll - ok
21:36:24.0403 5608 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
21:36:24.0403 5608 C:\Windows\System32\networkexplorer.dll - ok
21:36:24.0407 5608 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
21:36:24.0407 5608 C:\Windows\System32\stobject.dll - ok
21:36:24.0411 5608 [ 32F848093F4E8FFDFC1C9CCC37D4A312 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
21:36:24.0411 5608 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe - ok
21:36:24.0416 5608 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
21:36:24.0416 5608 C:\Windows\System32\batmeter.dll - ok
21:36:24.0420 5608 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
21:36:24.0420 5608 C:\Windows\System32\drprov.dll - ok
21:36:24.0425 5608 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
21:36:24.0425 5608 C:\Windows\System32\ntlanman.dll - ok
21:36:24.0429 5608 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
21:36:24.0429 5608 C:\Windows\SysWOW64\msi.dll - ok
21:36:24.0434 5608 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
21:36:24.0434 5608 C:\Windows\System32\davclnt.dll - ok
21:36:24.0437 5608 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
21:36:24.0437 5608 C:\Windows\System32\davhlpr.dll - ok
21:36:24.0442 5608 [ 0BE8EFCEE5813F60CD2D3D67088143D7 ] C:\Program Files\Mediafour\MacDrive 8\MacDriveD.exe
21:36:24.0442 5608 C:\Program Files\Mediafour\MacDrive 8\MacDriveD.exe - ok
21:36:24.0450 5608 [ 24985DC3934E6BB72699673C086F81D9 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
21:36:24.0450 5608 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
21:36:24.0455 5608 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
21:36:24.0455 5608 C:\Windows\System32\msi.dll - ok
21:36:24.0461 5608 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
21:36:24.0461 5608 C:\Windows\System32\browcli.dll - ok
21:36:24.0468 5608 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
21:36:24.0468 5608 C:\Windows\System32\schedcli.dll - ok
21:36:24.0474 5608 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
21:36:24.0474 5608 C:\Windows\System32\consent.exe - ok
21:36:24.0480 5608 [ A974F7EB760451D7CF7342F9E088DBB0 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
21:36:24.0480 5608 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe - ok
21:36:24.0486 5608 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
21:36:24.0486 5608 C:\Windows\SysWOW64\riched20.dll - ok
21:36:24.0492 5608 [ F3008D067B1160F815451C8AF0C37399 ] C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll
21:36:24.0492 5608 C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll - ok
21:36:24.0499 5608 [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
21:36:24.0500 5608 C:\Program Files\Windows Sidebar\sidebar.exe - ok
21:36:24.0506 5608 [ 896A1DB9A972AD2339C2E8569EC926D1 ] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
21:36:24.0506 5608 C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe - ok
21:36:24.0510 5608 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
21:36:24.0510 5608 C:\Windows\System32\msiltcfg.dll - ok
21:36:24.0515 5608 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
21:36:24.0515 5608 C:\Windows\SysWOW64\oledlg.dll - ok
21:36:24.0517 5608 [ BB50B21FEE2A6F3E5FC92B330ECCF050 ] C:\Windows\SysWOW64\hhctrl.ocx
21:36:24.0518 5608 C:\Windows\SysWOW64\hhctrl.ocx - ok
21:36:24.0522 5608 [ B58DC8BEA322E1AA38B9CA4F2AA4C496 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll
21:36:24.0522 5608 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll - ok
21:36:24.0527 5608 [ AAB13578D84A89F5E56B35671C9345A2 ] C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll
21:36:24.0528 5608 C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll - ok
21:36:24.0532 5608 [ 9C96B167C21F6DCCF68E96853B0A8F93 ] C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll
21:36:24.0532 5608 C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll - ok
21:36:24.0536 5608 [ 8402A407CB307B5E61CC7FF29F2EFC93 ] C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll
21:36:24.0536 5608 C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll - ok
21:36:24.0540 5608 [ 6428A1B56B4F426F35A029231FF0BB1E ] C:\Windows\SysWOW64\jsproxy.dll
21:36:24.0540 5608 C:\Windows\SysWOW64\jsproxy.dll - ok
21:36:24.0544 5608 [ AECD66642FBDD440F3DDA94BE5416679 ] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
21:36:24.0544 5608 C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe - ok
21:36:24.0549 5608 [ 831DB2AF3C761915D19E2EF2C64E6D87 ] C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
21:36:24.0549 5608 C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll - ok
21:36:24.0554 5608 [ 460723A080D6F22E56D45BC8C1F15B2A ] C:\Windows\System32\mshtml.dll
21:36:24.0554 5608 C:\Windows\System32\mshtml.dll - ok
21:36:24.0558 5608 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
21:36:24.0558 5608 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
21:36:24.0565 5608 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:36:24.0565 5608 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
21:36:24.0569 5608 [ 4410FB92A4A4744E7FB1780A55AB891D ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
21:36:24.0569 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe - ok
21:36:24.0573 5608 [ 11615D80DC10ABB83D2A9002B70A4E36 ] C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
21:36:24.0573 5608 C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll - ok
21:36:24.0578 5608 [ F6DF4B43737BFAF3D9314C00F4547AC7 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnESC.dll
21:36:24.0578 5608 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnESC.dll - ok
21:36:24.0582 5608 [ C9CB4FB4CA7D5FDA648478EB8966353F ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
21:36:24.0582 5608 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll - ok
21:36:24.0587 5608 [ 8A07221789D46B2EA7DFCA2BC807572A ] C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
21:36:24.0587 5608 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe - ok
21:36:24.0591 5608 [ 85D5125275E44CA04D5514947A9FF874 ] C:\Program Files\TOSHIBA\TBS\TBSMain.dll
21:36:24.0591 5608 C:\Program Files\TOSHIBA\TBS\TBSMain.dll - ok
21:36:24.0596 5608 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
21:36:24.0596 5608 C:\Windows\System32\wersvc.dll - ok
21:36:24.0600 5608 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
21:36:24.0600 5608 C:\Windows\System32\fdProxy.dll - ok
21:36:24.0604 5608 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
21:36:24.0604 5608 C:\Windows\System32\msimtf.dll - ok
21:36:24.0608 5608 [ E08F0527A16426C2D90F4823572B27FC ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
21:36:24.0608 5608 C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe - ok
21:36:24.0611 5608 [ 0A1BB8FF664EA24C2679B70F731A6F7A ] C:\Windows\System32\jscript9.dll
21:36:24.0611 5608 C:\Windows\System32\jscript9.dll - ok
21:36:24.0616 5608 [ 7E8A672B7B06A6EB11960C22E0360C59 ] C:\Windows\System32\d2d1.dll
21:36:24.0616 5608 C:\Windows\System32\d2d1.dll - ok
21:36:24.0620 5608 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
21:36:24.0620 5608 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
21:36:24.0624 5608 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
21:36:24.0624 5608 C:\Windows\System32\DXP.dll - ok
21:36:24.0628 5608 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
21:36:24.0628 5608 C:\Windows\System32\prnfldr.dll - ok
21:36:24.0632 5608 [ 63BB89DED1E9104E68D33E54DE4D340D ] C:\Windows\System32\DWrite.dll
21:36:24.0632 5608 C:\Windows\System32\DWrite.dll - ok
21:36:24.0636 5608 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
21:36:24.0636 5608 C:\Windows\System32\ActionCenter.dll - ok
21:36:24.0641 5608 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
21:36:24.0641 5608 C:\Windows\System32\Syncreg.dll - ok
21:36:24.0644 5608 [ 88B0BCC23660D466879099F26CCB8CA5 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll
21:36:24.0644 5608 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll - ok
21:36:24.0648 5608 [ C498EF41B93986BCBD483597573EB96D ] C:\Windows\System32\d3d10warp.dll
21:36:24.0648 5608 C:\Windows\System32\d3d10warp.dll - ok
21:36:24.0651 5608 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
21:36:24.0651 5608 C:\Windows\System32\FXSST.dll - ok
21:36:24.0655 5608 [ B96F045D571747F8700CB43E8C458FF0 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
21:36:24.0655 5608 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
21:36:24.0658 5608 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
21:36:24.0658 5608 C:\Windows\System32\FXSAPI.dll - ok
21:36:24.0661 5608 [ A7DA2525A4344F79176A0DFA517E647E ] C:\Program Files\TOSHIBA\Power Saver\TFunc2.dll
21:36:24.0661 5608 C:\Program Files\TOSHIBA\Power Saver\TFunc2.dll - ok
21:36:24.0664 5608 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
21:36:24.0664 5608 C:\Windows\ehome\ehSSO.dll - ok
21:36:24.0667 5608 [ 67B6E3F2A554558B6A8B6395A27E4CE6 ] C:\Windows\System32\nvd3dumx.dll
21:36:24.0668 5608 C:\Windows\System32\nvd3dumx.dll - ok
21:36:24.0671 5608 [ E6BC081DDE7391AD0A044C0796A86D08 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll
21:36:24.0671 5608 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll - ok
21:36:24.0674 5608 [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
21:36:24.0674 5608 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
21:36:24.0678 5608 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
21:36:24.0678 5608 C:\Windows\System32\FXSRESM.dll - ok
21:36:24.0682 5608 [ EDE3D67AE2951D330AA6A4EB7FEF7739 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll
21:36:24.0682 5608 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll - ok
21:36:24.0686 5608 [ 3B7506E8038B8BD210DC6A5F6586594F ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\fnf5.dll
21:36:24.0686 5608 C:\Program Files\TOSHIBA\FlashCards\Hotkey\fnf5.dll - ok
21:36:24.0689 5608 [ 158664C8B781555346B132DB878048B7 ] C:\Windows\System32\nvapi64.dll
21:36:24.0689 5608 C:\Windows\System32\nvapi64.dll - ok
21:36:24.0692 5608 [ 5A462CA146417C53309FAE0852B7FC3F ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF67.dll
21:36:24.0692 5608 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF67.dll - ok
21:36:24.0695 5608 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
21:36:24.0695 5608 C:\Windows\System32\WPDShServiceObj.dll - ok
21:36:24.0698 5608 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
21:36:24.0698 5608 C:\Windows\System32\FXSSVC.exe - ok
21:36:24.0701 5608 [ 76772BABA8ABEB992A672F5C139B9B2D ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll
21:36:24.0701 5608 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll - ok
21:36:24.0704 5608 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
21:36:24.0704 5608 C:\Windows\System32\wlanapi.dll - ok
21:36:24.0707 5608 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
21:36:24.0707 5608 C:\Windows\System32\PortableDeviceTypes.dll - ok
21:36:24.0710 5608 [ 684C3847C7E6EAEFBB72C92CFEB7F455 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF9.dll
21:36:24.0710 5608 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF9.dll - ok
21:36:24.0715 5608 [ 66935625C1758EFEFFAF8CF0E020A6F9 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
21:36:24.0715 5608 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll - ok
21:36:24.0718 5608 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
21:36:24.0718 5608 C:\Windows\System32\srchadmin.dll - ok
21:36:24.0722 5608 [ 4C671C688884F18152441DC16AA629F6 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
21:36:24.0722 5608 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll - ok
21:36:24.0725 5608 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
21:36:24.0725 5608 C:\Windows\System32\AltTab.dll - ok
21:36:24.0729 5608 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
21:36:24.0729 5608 C:\Windows\System32\SearchIndexer.exe - ok
21:36:24.0733 5608 [ 9C4E90343294E9549FB81E52681F5008 ] C:\Program Files\TOSHIBA\Power Saver\TFunctab.dll
21:36:24.0733 5608 C:\Program Files\TOSHIBA\Power Saver\TFunctab.dll - ok
21:36:24.0737 5608 [ DF7A114D5DE40CAFBEB4BE5A85D800BB ] C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll
21:36:24.0737 5608 C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll - ok
21:36:24.0740 5608 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
21:36:24.0740 5608 C:\Windows\System32\pnidui.dll - ok
21:36:24.0743 5608 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
21:36:24.0743 5608 C:\Windows\System32\QUTIL.DLL - ok
21:36:24.0747 5608 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
21:36:24.0747 5608 C:\Windows\System32\tquery.dll - ok
21:36:24.0750 5608 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
21:36:24.0750 5608 C:\Windows\System32\ddraw.dll - ok
21:36:24.0754 5608 [ 31F829385328ECA5BA89CC9481548DC7 ] C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll
21:36:24.0754 5608 C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll - ok
21:36:24.0757 5608 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
21:36:24.0757 5608 C:\Windows\System32\bthprops.cpl - ok
21:36:24.0760 5608 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
21:36:24.0760 5608 C:\Windows\System32\dciman32.dll - ok
21:36:24.0763 5608 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
21:36:24.0763 5608 C:\Windows\System32\mssrch.dll - ok
21:36:24.0767 5608 [ C2975FF1603C3BA18249CFC8972ED5A7 ] C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll
21:36:24.0767 5608 C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll - ok
21:36:24.0770 5608 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
21:36:24.0770 5608 C:\Windows\System32\msidle.dll - ok
21:36:24.0773 5608 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
21:36:24.0773 5608 C:\Windows\System32\mssprxy.dll - ok
21:36:24.0776 5608 [ 13BC9BF69A7A03ED92BFDF36E9B4C508 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll
21:36:24.0777 5608 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll - ok
21:36:24.0780 5608 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
21:36:24.0780 5608 C:\Windows\System32\en-US\tquery.dll.mui - ok
21:36:24.0783 5608 [ AD1EA59C74D873AC22FB839B8E3E97F7 ] C:\Program Files (x86)\Spybot - Search & Destroy\advcheck.dll
21:36:24.0783 5608 C:\Program Files (x86)\Spybot - Search & Destroy\advcheck.dll - ok
21:36:24.0786 5608 [ 6BE1A6D5C978F6E57FC052C8F8C57540 ] C:\Program Files (x86)\TOSHIBA\PCDiag\NotifyPCD.dll
21:36:24.0786 5608 C:\Program Files (x86)\TOSHIBA\PCDiag\NotifyPCD.dll - ok
21:36:24.0789 5608 [ DB19F12858970BA4563ABDABE44481A2 ] C:\Program Files (x86)\TOSHIBA\ConfigFree\CFNotify64.dll
21:36:24.0789 5608 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFNotify64.dll - ok
21:36:24.0792 5608 [ B087EEA25747C87942DC37E426DD37C3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll
21:36:24.0792 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll - ok
21:36:24.0797 5608 [ 4773A6F221AD2A84D98135E39253DB8F ] C:\Program Files\TOSHIBA\SmoothView\NotifyTZU.dll
21:36:24.0797 5608 C:\Program Files\TOSHIBA\SmoothView\NotifyTZU.dll - ok
21:36:24.0801 5608 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
21:36:24.0801 5608 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
21:36:24.0805 5608 [ A753DB6E0F38F7E1618BEB2A0C062ECD ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll
21:36:24.0805 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll - ok
21:36:24.0810 5608 [ C543BCAE30E80606944D4ED75E290AA7 ] C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll
21:36:24.0810 5608 C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll - ok
21:36:24.0814 5608 [ E829C45F0D77852C43BE99C4B1BD215D ] C:\Windows\System32\ieframe.dll
21:36:24.0814 5608 C:\Windows\System32\ieframe.dll - ok
21:36:24.0818 5608 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
21:36:24.0818 5608 C:\Windows\SysWOW64\samcli.dll - ok
21:36:24.0822 5608 [ DD30B0C734521424D13D1388841997B3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll
21:36:24.0822 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll - ok
21:36:24.0826 5608 [ 3DED19B8E91BA2B3900EB31EAFD5D2CE ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll
21:36:24.0826 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll - ok
21:36:24.0830 5608 [ 236A40829213BA4C594A8429172DF1B1 ] C:\Program Files\TOSHIBA\Utilities\NotifyX.dll
21:36:24.0830 5608 C:\Program Files\TOSHIBA\Utilities\NotifyX.dll - ok
21:36:24.0835 5608 [ BE6E0BD153A00E10A0DCCEFB542FE534 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll
21:36:24.0835 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll - ok
21:36:24.0838 5608 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
21:36:24.0838 5608 C:\Windows\SysWOW64\duser.dll - ok
21:36:24.0842 5608 [ 611CA0F64B0BD3BC60194A04F727706B ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll
21:36:24.0842 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll - ok
21:36:24.0848 5608 [ 3CAABC313E0DA7017748D5D044034918 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll
21:36:24.0848 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll - ok
21:36:24.0852 5608 [ E7D6F0AFFB7833396B6EE75E2C06F5BB ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll
21:36:24.0852 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll - ok
21:36:24.0856 5608 [ 7A843EBB27253A7E7CFE30691546B338 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll
21:36:24.0856 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll - ok
21:36:24.0862 5608 [ FA97A189C080DA9FC300C877F9C8F298 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll
21:36:24.0862 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll - ok
21:36:24.0866 5608 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
21:36:24.0866 5608 C:\Windows\SysWOW64\dui70.dll - ok
21:36:24.0870 5608 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
21:36:24.0870 5608 C:\Windows\SysWOW64\msvfw32.dll - ok
21:36:24.0876 5608 [ DFD56CC998FA371AC1ECBDF662B2E91F ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll
21:36:24.0876 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll - ok
21:36:24.0880 5608 [ 9D57A94E6108405F5F7E3227F96DD8CB ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll
21:36:24.0880 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll - ok
21:36:24.0885 5608 [ AAEB89CE906A9206F05AB08324339513 ] C:\Program Files\TOSHIBA\TBS\NotifyTBS.dll
21:36:24.0885 5608 C:\Program Files\TOSHIBA\TBS\NotifyTBS.dll - ok
21:36:24.0890 5608 [ B01B53052ADA5D6DAB5EE34BEC125A3A ] C:\Program Files (x86)\TOSHIBA\TRCMan\HardIO.dll
21:36:24.0890 5608 C:\Program Files (x86)\TOSHIBA\TRCMan\HardIO.dll - ok
21:36:24.0894 5608 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
21:36:24.0894 5608 C:\Windows\System32\rasdlg.dll - ok
21:36:24.0899 5608 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
21:36:24.0899 5608 C:\Windows\SysWOW64\FirewallAPI.dll - ok
21:36:24.0903 5608 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
21:36:24.0903 5608 C:\Windows\System32\dot3api.dll - ok
21:36:24.0908 5608 [ 46059030DA49F06EFB80957F7CD11861 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll
21:36:24.0908 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll - ok
21:36:24.0911 5608 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
21:36:24.0911 5608 C:\Windows\System32\wlanhlp.dll - ok
21:36:24.0915 5608 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
21:36:24.0915 5608 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
21:36:24.0920 5608 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
21:36:24.0920 5608 C:\Windows\System32\WWanAPI.dll - ok
21:36:24.0924 5608 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
21:36:24.0924 5608 C:\Windows\System32\wwapi.dll - ok
21:36:24.0930 5608 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
21:36:24.0930 5608 C:\Windows\System32\QAGENT.DLL - ok
21:36:24.0933 5608 [ FE600919B7DE511A52C3E668F87CAA2D ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll
21:36:24.0933 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll - ok
21:36:24.0937 5608 [ 4DE1EBB2314E2F10AC9EC83138193F8B ] C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll
21:36:24.0937 5608 C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll - ok
21:36:24.0942 5608 [ 0F474378D3E218E1982DBA3B5139B30D ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicw.dll
21:36:24.0942 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\cclicw.dll - ok
21:36:24.0946 5608 [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys
21:36:24.0946 5608 C:\Windows\System32\drivers\cdfs.sys - ok
21:36:24.0950 5608 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
21:36:24.0950 5608 C:\Windows\SysWOW64\actxprxy.dll - ok
21:36:24.0954 5608 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
21:36:24.0954 5608 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
21:36:24.0959 5608 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
21:36:24.0959 5608 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
21:36:24.0963 5608 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
21:36:24.0963 5608 C:\Windows\System32\wsock32.dll - ok
21:36:24.0966 5608 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
21:36:24.0966 5608 C:\Windows\System32\wmdrmdev.dll - ok
21:36:24.0969 5608 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
21:36:24.0969 5608 C:\Windows\System32\drmv2clt.dll - ok
21:36:24.0973 5608 [ 8A47B2BC09F10E6EEEC278E27313E328 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
21:36:24.0973 5608 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
21:36:24.0977 5608 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
21:36:24.0977 5608 C:\Windows\System32\upnp.dll - ok
21:36:24.0980 5608 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
21:36:24.0980 5608 C:\Windows\System32\wmp.dll - ok
21:36:24.0984 5608 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
21:36:24.0985 5608 C:\Windows\System32\wmploc.DLL - ok
21:36:24.0987 5608 [ F7220A36464885AC591C21544B47D443 ] C:\Program Files\Internet Explorer\ieproxy.dll
21:36:24.0987 5608 C:\Program Files\Internet Explorer\ieproxy.dll - ok
21:36:24.0990 5608 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
21:36:24.0990 5608 C:\Windows\System32\wmpps.dll - ok
21:36:24.0994 5608 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
21:36:24.0994 5608 C:\Windows\System32\wmpmde.dll - ok
21:36:24.0998 5608 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
21:36:24.0998 5608 C:\Windows\System32\WinSATAPI.dll - ok
21:36:25.0001 5608 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
21:36:25.0001 5608 C:\Windows\System32\MSMPEG2ENC.DLL - ok
21:36:25.0004 5608 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
21:36:25.0004 5608 C:\Windows\System32\devenum.dll - ok
21:36:25.0007 5608 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
21:36:25.0007 5608 C:\Windows\System32\msdmo.dll - ok
21:36:25.0010 5608 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
21:36:25.0010 5608 C:\Windows\System32\udhisapi.dll - ok
21:36:25.0013 5608 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
21:36:25.0013 5608 C:\Windows\System32\webcheck.dll - ok
21:36:25.0016 5608 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
21:36:25.0016 5608 C:\Windows\System32\mlang.dll - ok
21:36:25.0020 5608 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
21:36:25.0020 5608 C:\Windows\System32\SearchProtocolHost.exe - ok
21:36:25.0022 5608 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
21:36:25.0022 5608 C:\Windows\System32\SyncCenter.dll - ok
21:36:25.0026 5608 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
21:36:25.0026 5608 C:\Windows\System32\msshooks.dll - ok
21:36:25.0030 5608 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
21:36:25.0030 5608 C:\Windows\System32\SearchFilterHost.exe - ok
21:36:25.0033 5608 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
21:36:25.0033 5608 C:\Windows\System32\imapi2.dll - ok
21:36:25.0037 5608 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
21:36:25.0037 5608 C:\Windows\System32\mscoree.dll - ok
21:36:25.0041 5608 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
21:36:25.0041 5608 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
21:36:25.0044 5608 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
21:36:25.0044 5608 C:\Windows\System32\hgcpl.dll - ok
21:36:25.0048 5608 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
21:36:25.0048 5608 C:\Windows\System32\fdPHost.dll - ok
21:36:25.0053 5608 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
21:36:25.0053 5608 C:\Windows\System32\FDResPub.dll - ok
21:36:25.0057 5608 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
21:36:25.0057 5608 C:\Windows\System32\fdWSD.dll - ok
21:36:25.0061 5608 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
21:36:25.0061 5608 C:\Windows\System32\mssph.dll - ok
21:36:25.0065 5608 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
21:36:25.0065 5608 C:\Windows\System32\fdSSDP.dll - ok
21:36:25.0068 5608 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
21:36:25.0068 5608 C:\Windows\System32\mapi32.dll - ok
21:36:25.0073 5608 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
21:36:25.0073 5608 C:\Windows\System32\ListSvc.dll - ok
21:36:25.0076 5608 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
21:36:25.0076 5608 C:\Windows\System32\P2P.dll - ok
21:36:25.0079 5608 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
21:36:25.0079 5608 C:\Windows\System32\IdListen.dll - ok
21:36:25.0083 5608 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
21:36:25.0083 5608 C:\Windows\System32\hgprint.dll - ok
21:36:25.0086 5608 [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
21:36:25.0086 5608 C:\Windows\System32\CertPolEng.dll - ok
21:36:25.0089 5608 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
21:36:25.0089 5608 C:\Windows\System32\pnrpsvc.dll - ok
21:36:25.0092 5608 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
21:36:25.0092 5608 C:\Windows\System32\Query.dll - ok
21:36:25.0098 5608 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
21:36:25.0098 5608 C:\Windows\System32\p2psvc.dll - ok
21:36:25.0102 5608 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
21:36:25.0102 5608 C:\Windows\System32\P2PGraph.dll - ok
21:36:25.0106 5608 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
21:36:25.0106 5608 C:\Windows\System32\NaturalLanguage6.dll - ok
21:36:25.0111 5608 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
21:36:25.0111 5608 C:\Windows\System32\NlsData0009.dll - ok
21:36:25.0116 5608 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
21:36:25.0116 5608 C:\Windows\System32\NlsLexicons0009.dll - ok
21:36:25.0119 5608 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
21:36:25.0119 5608 C:\Windows\System32\ELSCore.dll - ok
21:36:25.0121 5608 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
21:36:25.0121 5608 C:\Windows\System32\elsTrans.dll - ok
21:36:25.0124 5608 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
21:36:25.0124 5608 C:\Windows\System32\elslad.dll - ok
21:36:25.0127 5608 [ 11542EC1F1C53EDB3CCF5AADF4C9972F ] C:\Windows\System32\NlsData0000.dll
21:36:25.0127 5608 C:\Windows\System32\NlsData0000.dll - ok
21:36:25.0132 5608 [ B0BF698030DB6561393AE753C6D3F936 ] C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\chrome.exe
21:36:25.0132 5608 C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\chrome.exe - ok
21:36:25.0135 5608 [ 27352AAC3B0CCE5C325CEC3BE4D83A9B ] C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\chrome.dll
21:36:25.0135 5608 C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\chrome.dll - ok
21:36:25.0139 5608 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
21:36:25.0139 5608 C:\Windows\SysWOW64\dbghelp.dll - ok
21:36:25.0144 5608 [ 20B2FD7BA7B16B5B0297062F2DDE5296 ] C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\icudt.dll
21:36:25.0144 5608 C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\icudt.dll - ok
21:36:25.0147 5608 [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL
21:36:25.0147 5608 C:\Windows\SysWOW64\KBDUS.DLL - ok
21:36:25.0150 5608 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
21:36:25.0150 5608 C:\Windows\SysWOW64\nlaapi.dll - ok
21:36:25.0153 5608 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
21:36:25.0153 5608 C:\Windows\SysWOW64\AudioSes.dll - ok
21:36:25.0157 5608 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
21:36:25.0157 5608 C:\Windows\SysWOW64\MMDevAPI.dll - ok
21:36:25.0161 5608 [ 5BF8E37FA1E25227480F9CD2ACA21FB6 ] C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\d3dcompiler_46.dll
21:36:25.0161 5608 C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\d3dcompiler_46.dll - ok
21:36:25.0164 5608 [ 43C9CF6825CEA58F1815B7C3DBBB385C ] C:\Windows\SysWOW64\Wpc.dll
21:36:25.0164 5608 C:\Windows\SysWOW64\Wpc.dll - ok
21:36:25.0168 5608 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
21:36:25.0168 5608 C:\Windows\SysWOW64\wevtapi.dll - ok
21:36:25.0172 5608 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
21:36:25.0172 5608 C:\Windows\SysWOW64\samlib.dll - ok
21:36:25.0176 5608 [ 6FF1689E63D2EBCAB1456EC19F6C2C7C ] C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\libglesv2.dll
21:36:25.0176 5608 C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\libglesv2.dll - ok
21:36:25.0180 5608 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
21:36:25.0180 5608 C:\Windows\SysWOW64\mssprxy.dll - ok
21:36:25.0183 5608 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
21:36:25.0183 5608 C:\Windows\SysWOW64\d3d9.dll - ok
21:36:25.0186 5608 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
21:36:25.0186 5608 C:\Windows\SysWOW64\msftedit.dll - ok
21:36:25.0190 5608 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
21:36:25.0190 5608 C:\Windows\SysWOW64\d3d8thk.dll - ok
21:36:25.0194 5608 [ 9159A49B13B5D4DA262415D87A5F7212 ] C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\libegl.dll
21:36:25.0194 5608 C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\libegl.dll - ok
21:36:25.0199 5608 [ 689035D36092179300547AE4266A00EE ] C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll
21:36:25.0199 5608 C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll - ok
21:36:25.0203 5608 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
21:36:25.0203 5608 C:\Windows\System32\drttransport.dll - ok
21:36:25.0207 5608 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
21:36:25.0207 5608 C:\Windows\System32\drt.dll - ok
21:36:25.0211 5608 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
21:36:25.0211 5608 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
21:36:25.0217 5608 [ AF202429B591B91D95D323815B30FE4D ] C:\Windows\SysWOW64\nvd3dum.dll
21:36:25.0217 5608 C:\Windows\SysWOW64\nvd3dum.dll - ok
21:36:25.0223 5608 [ 1948BFFB626F0065BA6911FE970E8483 ] C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppgooglenaclpluginchrome.dll
21:36:25.0223 5608 C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppgooglenaclpluginchrome.dll - ok
21:36:25.0230 5608 [ E56FE56A51BC05E9CC367B3CC2BBFFA9 ] C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\ffmpegsumo.dll
21:36:25.0230 5608 C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\ffmpegsumo.dll - ok
21:36:25.0234 5608 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
21:36:25.0234 5608 C:\Windows\SysWOW64\mscms.dll - ok
21:36:25.0238 5608 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
21:36:25.0238 5608 C:\Windows\SysWOW64\powrprof.dll - ok
21:36:25.0242 5608 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
21:36:25.0242 5608 C:\Windows\SysWOW64\dxva2.dll - ok
21:36:25.0245 5608 [ FDBA1DEC4F9BE4274A00B9B850C63484 ] C:\Windows\SysWOW64\mf.dll
21:36:25.0245 5608 C:\Windows\SysWOW64\mf.dll - ok
21:36:25.0249 5608 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
21:36:25.0249 5608 C:\Windows\SysWOW64\mfplat.dll - ok
21:36:25.0254 5608 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
21:36:25.0254 5608 C:\Windows\SysWOW64\avrt.dll - ok
21:36:25.0258 5608 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
21:36:25.0258 5608 C:\Windows\SysWOW64\ksuser.dll - ok
21:36:25.0262 5608 [ 600A65F922CCDCBB2D11467914241556 ] C:\Windows\SysWOW64\msmpeg2vdec.dll
21:36:25.0262 5608 C:\Windows\SysWOW64\msmpeg2vdec.dll - ok
21:36:25.0266 5608 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
21:36:25.0266 5608 C:\Windows\SysWOW64\linkinfo.dll - ok
21:36:25.0270 5608 [ 53AF1750FD45DDD705C9B68C7DC58827 ] C:\Windows\SysWOW64\evr.dll
21:36:25.0270 5608 C:\Windows\SysWOW64\evr.dll - ok
21:36:25.0276 5608 [ 41E7C4FA6491747402CFCA77CC1C7AAB ] C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
21:36:25.0276 5608 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe - ok
21:36:25.0280 5608 [ 3C06536A9AA332E9E0CEBDE5A596822A ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
21:36:25.0280 5608 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
21:36:25.0284 5608 [ 0C15DB6FF927935F0ECA52FEEA40E6C2 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
21:36:25.0284 5608 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
21:36:25.0288 5608 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\SysWOW64\SearchFolder.dll
21:36:25.0288 5608 C:\Windows\SysWOW64\SearchFolder.dll - ok
21:36:25.0292 5608 [ 6A1E8DEB746912DF47CF651E138401D7 ] C:\Windows\SysWOW64\StructuredQuery.dll
21:36:25.0292 5608 C:\Windows\SysWOW64\StructuredQuery.dll - ok
21:36:25.0296 5608 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:36:25.0296 5608 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
21:36:25.0299 5608 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
21:36:25.0299 5608 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
21:36:25.0303 5608 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
21:36:25.0303 5608 C:\Windows\SysWOW64\mscoree.dll - ok
21:36:25.0306 5608 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:36:25.0306 5608 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
21:36:25.0310 5608 [ F647D0BEA553C1D0C251CE07DA6A5511 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
21:36:25.0310 5608 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll - ok
21:36:25.0315 5608 [ 99F97C9FE748C37528C338A423577FCB ] C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll
21:36:25.0315 5608 C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll - ok
21:36:25.0319 5608 [ F647D0BEA553C1D0C251CE07DA6A5511 ] C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
21:36:25.0319 5608 C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll - ok
21:36:25.0322 5608 [ 419680FCE774976FD752EB425D91AEDF ] C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll
21:36:25.0322 5608 C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll - ok
21:36:25.0326 5608 [ DE5507DBA44CC5B6869205871B64A587 ] C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll
21:36:25.0326 5608 C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll - ok
21:36:25.0331 5608 [ 2DA7883A884BE60F9EB2810F67E0E361 ] C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll
21:36:25.0331 5608 C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll - ok
21:36:25.0335 5608 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
21:36:25.0335 5608 C:\Windows\System32\msvcr100_clr0400.dll - ok
21:36:25.0340 5608 [ BB28A86CDFFFBB041C72AD9EFEAA00D0 ] C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll
21:36:25.0340 5608 C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll - ok
21:36:25.0344 5608 [ 16112E74A62381C69456566D35F9E51E ] C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll
21:36:25.0344 5608 C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll - ok
21:36:25.0349 5608 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
21:36:25.0349 5608 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe - ok
21:36:25.0354 5608 [ BB7F5F4966E76578A3EC0D11C444C545 ] C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll
21:36:25.0354 5608 C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll - ok
21:36:25.0358 5608 [ 11EF47BE3D8A4A943E10A63870C1F2C6 ] C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll
21:36:25.0358 5608 C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll - ok
21:36:25.0362 5608 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
21:36:25.0362 5608 C:\Windows\System32\sppsvc.exe - ok
21:36:25.0367 5608 [ 645FDC499C4B19F2B34109C6DA444A65 ] C:\Program Files (x86)\Mozilla Firefox\Plugins\npwachk.dll
21:36:25.0367 5608 C:\Program Files (x86)\Mozilla Firefox\Plugins\npwachk.dll - ok
21:36:25.0371 5608 [ 419680FCE774976FD752EB425D91AEDF ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll
21:36:25.0372 5608 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll - ok
21:36:25.0377 5608 [ DE5507DBA44CC5B6869205871B64A587 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll
21:36:25.0377 5608 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll - ok
21:36:25.0382 5608 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
21:36:25.0382 5608 C:\Windows\System32\drivers\spsys.sys - ok
21:36:25.0387 5608 [ 2DA7883A884BE60F9EB2810F67E0E361 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll
21:36:25.0387 5608 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll - ok
21:36:25.0392 5608 [ BB28A86CDFFFBB041C72AD9EFEAA00D0 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll
21:36:25.0392 5608 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll - ok
21:36:25.0397 5608 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:36:25.0397 5608 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok
21:36:25.0401 5608 [ 16112E74A62381C69456566D35F9E51E ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
21:36:25.0401 5608 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll - ok
21:36:25.0406 5608 [ BB7F5F4966E76578A3EC0D11C444C545 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll
21:36:25.0406 5608 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll - ok
21:36:25.0411 5608 [ 11EF47BE3D8A4A943E10A63870C1F2C6 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll
21:36:25.0411 5608 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll - ok
21:36:25.0415 5608 [ D480C9220BFE667DE65A46CDE80EA7E9 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
21:36:25.0415 5608 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll - ok
21:36:25.0422 5608 [ 122F89E0905FC656D56F65CD7A2E9B4D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
21:36:25.0422 5608 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll - ok
21:36:25.0428 5608 [ DB988B4550DB9BCE86F9199D961057FC ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
21:36:25.0428 5608 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - ok
21:36:25.0434 5608 [ 1CBAD5EEE017FAFEA2BF75E82330783D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\DTMessageLib.dll
21:36:25.0434 5608 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\DTMessageLib.dll - ok
21:36:25.0439 5608 [ AFD9010DC500096809C2784551909304 ] C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
21:36:25.0439 5608 C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll - ok
21:36:25.0443 5608 [ A843FC35574ECFD9E7A41C5505A9921B ] C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
21:36:25.0443 5608 C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll - ok
21:36:25.0447 5608 [ C517E5EA7CEE783F3681F62D2A362E5B ] C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
21:36:25.0447 5608 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll - ok
21:36:25.0451 5608 [ C1680C34DE8A405C8829AB93236576FD ] C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
21:36:25.0451 5608 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll - ok
21:36:25.0456 5608 [ E0FF893763BA82BAABB869A351F0C455 ] C:\Users\KOTARE\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
21:36:25.0456 5608 C:\Users\KOTARE\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll - ok
21:36:25.0460 5608 [ E64819B6014A93E2503BB52419A0F6F3 ] C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
21:36:25.0461 5608 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll - ok
21:36:25.0465 5608 [ 1B197A0ED28DB310AB67591567C3787A ] C:\Windows\SysWOW64\npDeployJava1.dll
21:36:25.0465 5608 C:\Windows\SysWOW64\npDeployJava1.dll - ok
21:36:25.0469 5608 [ 87132527E2256CF6683A18C4EB34DD3B ] C:\Windows\SysWOW64\Wat\npWatWeb.dll
21:36:25.0469 5608 C:\Windows\SysWOW64\Wat\npWatWeb.dll - ok
21:36:25.0475 5608 [ A5C14075B571AF1C9592595BE724D9D2 ] C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
21:36:25.0475 5608 C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll - ok
21:36:25.0479 5608 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
21:36:25.0479 5608 C:\Windows\System32\wuaueng.dll - ok
21:36:25.0484 5608 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
21:36:25.0484 5608 C:\Windows\System32\mspatcha.dll - ok
21:36:25.0488 5608 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
21:36:25.0488 5608 C:\Windows\SysWOW64\NapiNSP.dll - ok
21:36:25.0492 5608 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
21:36:25.0492 5608 C:\Windows\SysWOW64\pnrpnsp.dll - ok
21:36:25.0501 5608 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
21:36:25.0501 5608 C:\Windows\SysWOW64\winrnr.dll - ok
21:36:25.0505 5608 [ DC055805A0DC0F20ED025CF4941C13B3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
21:36:25.0505 5608 C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe - ok
21:36:25.0509 5608 [ 263963D93A3CA8F685EFA5966F1E6581 ] C:\Windows\SysWOW64\mshtml.dll
21:36:25.0509 5608 C:\Windows\SysWOW64\mshtml.dll - ok
21:36:25.0514 5608 [ 4A01C63D52823267529DBFB5F3D0ED77 ] C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll
21:36:25.0514 5608 C:\Users\KOTARE\AppData\Local\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll - ok
21:36:25.0518 5608 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
21:36:25.0518 5608 C:\Windows\System32\sppwinob.dll - ok
21:36:25.0522 5608 [ BFEBB6F76A0988A38260870C61A6D1B7 ] C:\Windows\SysWOW64\mfreadwrite.dll
21:36:25.0522 5608 C:\Windows\SysWOW64\mfreadwrite.dll - ok
21:36:25.0525 5608 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
21:36:25.0525 5608 C:\Windows\SysWOW64\devenum.dll - ok
21:36:25.0530 5608 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
21:36:25.0530 5608 C:\Windows\SysWOW64\msdmo.dll - ok
21:36:25.0534 5608 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
21:36:25.0534 5608 C:\Windows\SysWOW64\avicap32.dll - ok
21:36:25.0538 5608 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
21:36:25.0538 5608 C:\Windows\SysWOW64\vfwwdm32.dll - ok
21:36:25.0543 5608 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
21:36:25.0543 5608 C:\Windows\System32\wups2.dll - ok
21:36:25.0547 5608 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
21:36:25.0547 5608 C:\Windows\System32\sppobjs.dll - ok
21:36:25.0551 5608 [ 769765CE2CC62867468CEA93969B2242 ] C:\Windows\System32\drivers\asyncmac.sys
21:36:25.0551 5608 C:\Windows\System32\drivers\asyncmac.sys - ok
21:36:25.0554 5608 ============================================================
21:36:25.0554 5608 Scan finished
21:36:25.0554 5608 ============================================================
21:36:25.0571 5560 Detected object count: 6
21:36:25.0571 5560 Actual detected object count: 6
21:36:37.0141 5560 digiSPTIService ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:37.0141 5560 digiSPTIService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:36:37.0142 5560 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:37.0142 5560 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:36:37.0143 5560 MacDrive8ServiceD ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:37.0144 5560 MacDrive8ServiceD ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:36:37.0147 5560 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:37.0147 5560 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:36:37.0149 5560 McciCMService64 ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:37.0149 5560 McciCMService64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:36:37.0150 5560 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:37.0150 5560 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:36:40.0384 4072 Deinitialize success
  • 0

Advertisements


#11
KOTARE33

KOTARE33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Malwarebytes Anti-Rootkit BETA 1.01.0.1022

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_27

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 1.596000 GHz
Memory total: 6304542720, free: 3703246848

------------ Kernel report ------------
04/04/2013 21:44:10
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\13659231.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
  • 0

#12
KOTARE33

KOTARE33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Other known problem is that I can't update Java and Windows won't let me create a Homegroup.
  • 0

#13
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello KOTARE33

-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

When you are complete please send me both reports

Gringo
  • 0

#14
KOTARE33

KOTARE33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hi Gringo.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.1 (04.03.2013:1)
OS: Windows 7 Home Premium x64
Ran by KOTARE on Fri 05/04/2013 at 1:51:47.87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{001FB17F-F668-4AC9-8D79-54937E8D9FFD}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{01F9FF18-A803-48D3-A67D-047C719EFC8D}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{0428D1A8-5E20-4676-A37A-768AC249E853}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{044B85A7-7FDD-496F-947A-61965CAB3CE3}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{06FB93AA-749A-4EFA-A08A-34D78104A0E7}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{09F0635D-C967-4575-8ADE-03DC5828DCB7}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{0AEBDE54-D042-445E-BA8D-AA4471625E17}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{0BE01A88-70C8-4E7D-9699-842E2D4CD47A}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{0C0952E3-C5B8-4FD3-BA60-8C70A10E9E46}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{0D462C69-39E7-4B55-AC5A-5C2A872ABFA7}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{0E3A0AE7-B983-4197-9A53-57028091F758}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{10B01A4E-9AE5-4F7F-8C0F-AC384DB67915}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{11C81E8C-F844-4A98-986F-B20BD3F0E280}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{122BA85D-DAA9-45E3-A021-612BC033438C}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{139E3DD6-BA97-410F-896E-7B906B88F203}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{13B629E6-E5EF-48F3-BAC8-C9F9E7A36613}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{1460B2E9-BC8E-4631-A2AB-5FF51FDBDC02}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{16FCFAC9-87BC-462C-BB1B-E954AE77E225}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{17CA81CD-3B8A-48D5-A16B-7DE2BAB89408}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{1C83715B-B42C-4BED-A06E-F1280CE08ABB}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{1CC58A02-D3B6-4182-9065-8515D15F8FE3}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{1D78DCD5-6313-4C05-93B4-3AF2E632C6DF}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{1E2D13FA-0D3D-4369-A52D-45BBC7798918}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{1FAD1384-B087-488A-9C52-5DFC9A1A52B9}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{1FC13972-3A0A-48CB-9C8D-90F4E4876885}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{213015B0-93F5-4BAC-B89E-7FC2BCF1D014}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{2145ECA3-45DF-43F8-9F41-6D121B46ED43}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{21B3C921-F750-4A98-99C8-BF5C6D5B7622}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{22B36D72-BEB4-4AF8-A4D8-366BDBCE3278}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{23703647-EC81-4121-967E-3645F5CB69BF}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{244EED71-8F98-4C8A-B336-C1E8F964451E}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{267030EF-6DB1-465B-B83A-C8BED39EEB78}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{284E4F7B-C0BC-4DB7-AAE7-B8EDD514589D}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{28FD558F-B022-46DB-97E2-BB031AE96ADF}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{2988B565-29E2-4892-AA55-E86AF21F6414}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{29FDA193-49BB-404C-B083-90B0A25A3385}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{2A2FD594-6733-4DCB-8EEB-BE33E11D992C}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{2AEF768E-E6A3-44C3-A03F-85C1E8E84CC7}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{2B040984-83F7-4A57-9ADF-2AB4DE02F2BD}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{2B1C6097-721C-4927-A8E6-DA8E6E730013}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{2B5683FC-FC05-4DB6-8841-C916B2A5BCD9}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{2D5A9A15-7120-4DF9-BF10-78D845147F06}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{2E05EE5F-982B-4511-B7AD-1E5162B28146}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{2F2DAE19-C0F7-4E05-A466-8AF97251A814}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{2F8C4951-89EC-422A-A28C-94A9BBF7D3C5}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{30350701-7DC8-4101-A463-B97C5DC12F9D}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{30E3903C-1B83-4A54-B78C-8F0F2FDD6EC0}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{32115703-36A8-40C8-A236-3EAA69857BA6}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{32621041-CEB4-4185-99A9-3DA17122557D}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{33545ADE-B7D0-4FCE-8370-C58A4FB535FA}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{36089B0B-BF42-483E-B628-30E50F69206A}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{3707B006-2870-4EFA-9A94-58163ED28516}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{37A97ADE-0AF3-4E97-8B5A-3F09E4A5E979}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{37CF204E-378A-41F3-9EDF-60B1FF17423B}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{388FC67D-F00F-488D-BB53-BEB36D4E09A6}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{3B6DB11C-72E4-4FB3-A190-564A552E93D8}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{3C21FEB9-5BA3-4DA5-B665-618E0E1AB843}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{3E4BE27F-4623-4950-8B0A-AA24DB77BB0E}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{3F6A541D-DF30-4B21-9BD2-07A8377798F3}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{3F6B8992-285B-46B0-B33D-BD0CD4CD1FF7}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{41EC6796-821E-4472-864B-B9536ECF645E}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{42A8B3EF-E2E5-4918-8755-D81A8C7D164C}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{4506B82A-D082-4D40-8473-30D3352DCF6D}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{45E2BCAA-1207-4400-AEF2-16C2C058B915}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{46F07B62-A8F1-45C4-AC38-1DE78A371628}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{479C13C6-F4D1-4E7A-BB3E-D164DE196E56}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{49242069-ED38-4093-B368-5C9AFD774276}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{49C7CB5E-E238-4395-9543-3D54C9FAE10A}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{4A6C4083-AD19-4798-B68A-2D3ADC140246}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{4A92FF25-C635-48F1-88EA-BCD40DBB0E2E}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{4CB661E7-4A95-4E12-8231-DCB35C8B370D}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{51FF7EE4-DAC7-4A8D-960D-AE3B85B7FA91}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{520FED61-D264-4ECB-8044-CEE5DF77EBF3}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{52B9FAFC-D96A-46C5-BBE9-D8955812EEB3}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{536F5DB8-DDE2-4331-87A5-1B0FC3D6522A}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{5414E117-1EDC-4E97-96A8-4F3DD95B000A}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{5422E053-5D23-4BEB-872E-5C27B10CE741}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{543F3EA3-6C83-4C1C-BF09-87F32B3CF4AE}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{544CAA54-C375-488F-AF1E-3C957FA85B97}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{5487BEF5-1CC6-4057-B36C-A057F45D7B96}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{549FE06D-A1D3-4884-8ADA-0B2F820CA796}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{54EFF2C7-1A93-4061-BB23-0699AB5851D7}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{56ACB0C1-26CB-4415-9B52-B1384DF3A108}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{56AFC176-9642-4004-9794-1F56006ED356}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{56CDA2AA-3E0D-4254-BFCF-3C56BB7072E0}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{56D278B1-33EF-49E1-950F-AEE353E74C13}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{56DE476A-2D8F-401C-832D-D5F867763404}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{57580729-271F-47A7-9F4D-374599F6C462}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{5805536A-29ED-4E7F-9557-32A2551CB07B}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{5B11871D-399A-43D8-B5A6-2E693E885F9A}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{5B66C42A-C20B-4779-91D5-8C10A31F080C}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{5D4DFFEA-D45E-4476-A138-78A0FBCC4EC6}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{5D713FF4-B32B-4961-B1CB-8C9A0FA7BC37}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{5D9931B2-5B47-4823-A974-1050957CD26E}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{5EF66DA3-2610-4655-8EE5-E5FAFB1C1461}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{5F33E627-C9B8-40DD-B5E3-BB0ABB3AB738}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{5F65D5C5-FCD1-47CA-8CDD-D0BE75FAE148}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{60EDD188-AA76-406B-9523-3C319A8CA4B8}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{629A405B-D338-474A-AD1D-CD261E9FA3F3}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{63F705E5-58F0-49F9-A502-F7FFE21E01EA}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{6456594C-826F-4CCD-A4E1-5712FC179D40}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{64AD8B8A-C35D-4287-A551-0367F7AC2B12}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{672B2342-BD74-4E0D-A5E3-924F2CABB9D6}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{675ECA1B-D6D3-4762-AADF-35B9908FD3F9}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{67D8D9F9-6AC4-40E4-9014-8E3ABA5060E7}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{68D22B55-73C5-4E9C-8E2D-75565CB0FEB3}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{6D2C944F-B47D-49DB-B5E8-03480422931C}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{6F40C8B0-71B8-425A-B0A7-F6C4BA3640EE}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{7090BF6E-5CFD-410F-98A0-879DDA0C7696}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{7338BD22-F3DF-47D8-A4DA-9F8B4DB8C3C2}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{75493F09-B997-47C9-85F1-EFD22FB30791}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{757FBC47-B935-4643-803E-DDBCF4A233A2}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{763EF607-26B2-4E0B-887D-D425F9DBB1B6}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{7668014C-D956-4FDF-8835-E9F712F820F5}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{77127EB5-16BE-412F-82A5-0719FAFC7916}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{791BA46D-88E7-4599-A926-35B287AA58B1}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{79736667-EFB6-40DD-868C-1457271F34EC}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{7B0B5A3F-E673-4AFC-A5EB-94A7FAE67A98}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{7E36E5E4-82EA-4902-81F4-2D2890B7E259}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{7EE63A19-2776-459F-980B-707C57A4450D}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{7F1724B5-D3AB-4EAF-A461-A7528B1F002F}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{7FC5638F-1764-476D-8672-7CFAB8295585}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{800748D2-71E6-4D70-810D-486824F0A364}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{80AF5621-8892-4487-BE63-646B09169DC9}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{81169BA1-832D-47EF-B7BF-A7311534BFF2}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{81B974E1-46EA-4461-AC56-0346C889036A}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{89E8CD08-FB6C-40C6-BEFA-C0FE9A6397C9}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{89FCBB41-5E79-4A9B-AB30-D4148D0C040E}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{8B33198E-7281-45A0-B75D-459073411BD4}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{8B5744C6-1823-4F30-894E-A42CB19C921F}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{8CDCEA14-6AA3-45B3-8720-BE2F4D3F2335}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{8E910EC5-C92B-4B35-9ABA-0A85AA7C30A0}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{8EFC24A6-BD50-4CA4-BC41-47F1660C97F4}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{8F9EC6D1-9730-4B04-A50F-618BE21F8C69}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{9014CE53-1154-4DFF-85DB-9A41EA75F615}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{910841E2-4E8C-4EB5-BB9E-645CA9982D20}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{91817781-AF7C-40E8-B5CB-8B26373432B2}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{946B09CF-FE09-4BA0-8279-641477356AC0}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{94B21593-9A90-46A3-8020-09D5F2345111}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{96805FE4-77F0-4D99-8F27-08A16A055906}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{96922D56-6DEE-4195-87E7-E00E790DB2BD}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{96B83755-DFA2-4772-87FE-E14EABC17B2A}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{96E7DF08-6A7B-4CB0-A039-A193A32C64E8}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{9733AFE4-4DE1-4CC3-8424-C09F0322EA3E}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{97FB4C93-5C54-4DD5-BA32-F918AE037662}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{98C8ACED-493F-4F78-8B8D-69DF71A41C08}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{9C34BC45-B706-4E75-8A1A-A5EA9A189915}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{9D398FE3-3F65-4040-B6D3-A5B0F1F0C69A}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{9D82DAAC-ADE7-4609-944B-0B8C7DCA3BB0}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{A47216E8-0D05-4DBE-8FF4-6FB4F9802597}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{A477DBB5-A924-4193-8274-F3C64E4F623E}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{A4931140-FC39-4191-8466-B1E6CF5853EB}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{A637170A-83A2-40F9-96C6-B0BC4CBA88C4}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{A76EFBBD-4A3B-4235-ACA3-E2B987A8F59B}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{A7E2B333-6B23-4542-AB1D-A880092E2DDF}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{A86FE606-74DB-4535-9772-9DB79187B134}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{A8C00A34-456A-4C45-8C5F-80989B4FF84C}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{A9066953-8C52-4C37-B6BE-B86CFDEE244D}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{AE89CE87-09C5-4BB9-9790-F7DC84B5584C}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{AEFC79E0-5FA7-48C4-9C88-AD5488256E93}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{B2461D3F-6514-4B19-BA3E-B6019E8B82FA}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{B2D80F41-4F2D-423D-BD33-7FF975876FA8}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{B4B5EF9D-E958-493E-8EC3-0AC813ED2AAD}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{B4C6B63A-508B-464D-AC0A-968859E1AA92}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{B5966497-BE53-4C59-B7F1-717A5427C9FA}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{B6E54652-4C08-48A3-871E-60166006DDF2}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{B903DD80-678B-48FA-BD6F-811ABE2EB31E}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{B91299E5-8BAE-4C6D-98F7-579F66DCA6CB}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{BAFBB3A9-757E-4324-9FFF-BD6060865E4B}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{BBCA05F6-49C6-4D91-9723-147BE96F9A81}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{BC6A91AC-3A4C-45B7-9718-871AD51C557C}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{BD6AD7D3-BF65-4F1F-8DEE-BE3B76B554E4}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{C322F76B-F175-4ACF-A80F-A65D87F95C58}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{C325ADB3-65CF-49CD-A300-B5572DA05BDC}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{C3D384FA-B4CF-4A55-BDD5-9BE3902F3305}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{CAC42D37-64D5-45B4-A55D-ECA564CC4B7C}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{CF9CCD42-A6EE-4AF3-8F6C-7877F349CCA9}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{D086B4CE-AA0F-4CB6-ADBB-E2A5C056A635}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{D0FD7C6C-0224-48EF-839A-E35B5A7DDCB7}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{D1871A99-19B9-4EFE-9EC6-DC5C76BF3F3F}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{D49FFE60-1E5D-454B-870E-772B28D59D64}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{D4E2A85B-5BE8-41F1-9DAE-55956F1BF34D}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{D75064E5-432C-414C-AEC5-C671451054EB}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{D75C7159-88B5-4843-8388-41C4C016BB07}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{D7B3A81D-F507-4AB2-A780-974580684509}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{D8663E97-2C99-47B0-89FA-F291EAB63FA5}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{D8FB080A-72E6-4B08-BBBD-419A3B519942}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{DA6DF645-82A8-4547-8E46-F6726DB678DF}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{DA960E43-5DAA-4611-BF5A-B8C9E7CABEDE}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{DB3D834A-9A63-4083-A406-258E257ABBBD}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{DB9EA733-0750-46E0-9D31-820A1C45E44C}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{DC3071B2-67F6-4247-B9E8-AF2D3F6E05F4}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{DCFE4D2A-BC23-4203-BE4C-48D388E2E389}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{DFF9DBEC-C5CB-4B3C-95B1-9D5DB1DB62A1}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{E00A1DD3-1026-47FC-AE4D-F7FDD2F4EDF1}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{E1024590-8F95-4933-BF16-DE9BB2028222}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{E4928E54-FF86-46E1-8070-8FE5EAA8EE5D}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{E548AB90-4F30-45BB-8F14-4E8206C5FB80}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{E54A0ED0-596B-456F-8B79-CCD532AC4AFB}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{E55BEAD3-1562-4B79-B45D-2EE5E98D75F9}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{E76D5394-7EFF-4235-8590-DE343A8D44D6}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{E8AB1658-67ED-4646-BDFF-D7BE4B3A28EB}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{EB0A2989-AFEA-4655-BB1D-F343718C9388}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{EB18BE71-8836-4DB4-B6B9-081BBCE3D93E}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{EB633E90-E9BE-42DF-8941-AFFAB099B020}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{ECECFEB8-0B67-4B47-8948-C5CD94167B31}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{ED50C815-10BF-46AC-98A9-67B8E6F4D88A}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{EE1B3608-9FBA-4E6A-8B92-605DE35DAF1B}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{EE4449CD-0399-4C9E-ABC4-C5B29E8F3AEE}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{EF34BEC0-32D9-46A5-A73A-920FC3FB8471}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{F02E3D5D-0C05-4F13-B540-39F2BA811078}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{F08353B3-52EE-43FA-AACA-937F77AA4249}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{F0F0EA7E-2035-4707-8FA8-BAD43E45AD02}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{F117F35D-0AD3-4404-BC63-C10A1D84AC6B}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{F186621F-A9A5-489D-960C-372C7891A9B0}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{F3C09B47-B2F5-47B3-BC8A-6914428BF102}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{F512F6E0-2473-40F2-9375-FCF38D083995}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{F52C3773-B502-4E11-9BB8-7CEF43E791B9}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{F6B69409-C46F-464F-857F-910E6E69F037}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{F7B08B00-9909-4781-AD1B-6E1716D9573B}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{F85FB722-742D-446E-947F-DA4117769F48}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{F897A915-1DD8-47F2-8FD3-3A923F7C2A35}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{FA4B9234-44B2-4C89-B5D9-27719DE458C2}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{FAC00646-92CF-41CD-AD3A-73EC583D83C2}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{FD42F55F-4862-4AF3-B03B-B0A89239E7E9}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{FD96CBB3-EA76-4980-8C61-80D679D1BBC9}
Successfully deleted: [Empty Folder] C:\Users\KOTARE\appdata\local\{FF8D322A-2BE1-41EE-BA6F-21BAE3D70874}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 05/04/2013 at 2:03:58.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#15
KOTARE33

KOTARE33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-04-05 02:07:51
-----------------------------
02:07:51.814 OS Version: Windows x64 6.1.7601 Service Pack 1
02:07:51.814 Number of processors: 8 586 0x1E05
02:07:51.816 ComputerName: KINGFISHER UserName: KOTARE
02:07:53.579 Initialize success
02:14:44.693 AVAST engine defs: 13040400
02:17:18.624 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
02:17:18.628 Disk 0 Vendor: TOSHIBA_ GJ00 Size: 610480MB BusType: 3
02:17:18.922 Disk 0 MBR read successfully
02:17:18.926 Disk 0 MBR scan
02:17:18.934 Disk 0 Windows 7 default MBR code
02:17:18.939 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
02:17:18.965 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 610378 MB offset 206848
02:17:19.202 Disk 0 scanning C:\Windows\system32\drivers
02:17:34.760 Service scanning
02:18:56.420 Modules scanning
02:18:56.435 Disk 0 trace - called modules:
02:18:56.481 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
02:18:56.489 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800662a790]
02:18:56.501 3 CLASSPNP.SYS[fffff88001a1743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006381050]
02:18:58.265 AVAST engine scan C:\Windows
02:19:03.039 AVAST engine scan C:\Windows\system32
02:23:03.501 AVAST engine scan C:\Windows\system32\drivers
02:23:24.400 AVAST engine scan C:\Users\KOTARE
02:44:11.682 AVAST engine scan C:\ProgramData
02:44:52.475 Disk 0 MBR has been saved successfully to "C:\Users\KOTARE\Desktop\MBR.dat"
02:44:52.488 The log file has been saved successfully to "C:\Users\KOTARE\Desktop\aswMBR.txt"
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP