Jump to content

HMW0139

Honorary Members
  • Posts

    22
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thanks for the link! Downloaded OTC, and did all what you listed to do! Cheers, Maniac thank you once again!
  2. Everything seems to be running smoothly, Thank you very much Mr.Maniac for all your time and effort getting rid of the $Recycle.Bin, it seems that svchost.exe problem has gone away as well. I really don't know if I still have that backdoor problem, so I'm pretty per-annoyed not logging to websites as I used to do on my laptop, but thank you very much!
  3. ComboFix 13-05-07.02 - Heavy Metal Miku 7/2013 Tue 17:21:45.2.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.3907.2195 [GMT -5:00] Running from: c:\users\Heavy Metal Miku\Downloads\ComboFix.exe Command switches used :: c:\users\Heavy Metal Miku\Documents\CC\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2013-04-07 to 2013-05-07 ))))))))))))))))))))))))))))))) . . 2013-05-07 22:36 . 2013-05-07 22:36 -------- d-----w- c:\users\school\AppData\Local\temp 2013-05-07 22:36 . 2013-05-07 22:36 -------- d-----w- c:\users\Public.HeavyMetalMiku\AppData\Local\temp 2013-05-07 22:36 . 2013-05-07 22:36 -------- d-----w- c:\users\Guest\AppData\Local\temp 2013-05-07 22:36 . 2013-05-07 22:36 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-05-07 22:28 . 2013-05-07 22:28 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D081C12D-44EC-4A13-938C-70DBEF4D5F7B}\offreg.dll 2013-05-06 16:38 . 2013-05-06 17:02 -------- d-----w- C:\TDSSKiller_Quarantine 2013-05-06 15:19 . 2013-05-06 15:19 -------- d-----w- c:\windows\ERUNT 2013-05-06 15:19 . 2013-05-06 15:19 -------- d-----w- C:\JRT 2013-05-06 12:50 . 2013-05-06 12:50 -------- d-----w- C:\found.001 2013-05-06 12:07 . 2013-05-06 12:07 -------- d-----w- c:\program files (x86)\ESET 2013-05-06 09:39 . 2013-05-01 23:34 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-05-06 09:39 . 2013-05-01 23:34 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2013-05-06 09:39 . 2013-05-01 23:34 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2013-05-06 09:39 . 2013-05-01 23:34 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-05-06 09:39 . 2013-05-02 15:44 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-05-06 09:39 . 2013-05-01 23:34 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-05-06 09:39 . 2013-05-01 23:34 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-05-06 09:39 . 2013-05-01 23:34 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-05-06 09:37 . 2013-05-01 23:33 41664 ----a-w- c:\windows\avastSS.scr 2013-05-06 09:31 . 2013-05-06 09:31 -------- d-----w- c:\users\Heavy Metal Miku\AppData\Roaming\Malwarebytes 2013-05-06 09:31 . 2013-05-06 09:31 -------- d-----w- c:\programdata\Malwarebytes 2013-05-06 09:31 . 2013-05-06 09:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-05-06 09:31 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-05-06 09:31 . 2013-05-06 09:31 -------- d-----w- c:\users\Heavy Metal Miku\AppData\Local\Programs 2013-05-06 08:37 . 2013-05-06 08:37 -------- d-----w- c:\programdata\Kaspersky Lab 2013-05-06 08:31 . 2013-02-09 07:11 556632 ----a-w- c:\windows\system32\drivers\4170085drv.sys 2013-05-06 08:31 . 2013-02-09 07:11 460888 ----a-w- c:\windows\system32\drivers\93093138.sys 2013-05-06 07:34 . 2013-05-06 13:34 -------- d-----w- c:\users\Heavy Metal Miku\AppData\Roaming\Anvisoft 2013-05-06 07:34 . 2013-05-06 07:34 -------- d-----w- c:\programdata\Anvisoft 2013-05-06 07:33 . 2013-05-06 13:34 -------- d-----w- c:\program files (x86)\Anvisoft 2013-05-06 06:41 . 2013-05-06 06:41 -------- d-sh--w- c:\windows\SysWow64\%APPDATA% 2013-05-03 18:52 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D081C12D-44EC-4A13-938C-70DBEF4D5F7B}\mpengine.dll 2013-04-23 21:44 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-04-15 20:32 . 2013-04-15 20:32 6128760 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2013-04-15 20:32 . 2013-04-15 20:32 6128760 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2013-04-14 21:00 . 2013-04-14 21:00 -------- d-----w- c:\program files (x86)\Common Files\Java 2013-04-14 20:54 . 2013-04-14 20:54 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-04-13 15:49 . 2013-04-13 16:05 -------- d-----w- c:\users\Heavy Metal Miku\AppData\Local\Line 2013-04-12 02:52 . 2013-04-12 02:52 26520 ----a-w- c:\program files (x86)\Mozilla Firefox\plugin-hang-ui.exe 2013-04-10 21:36 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-04-10 21:35 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll 2013-04-10 21:35 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll 2013-04-10 21:35 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll 2013-04-10 21:35 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll 2013-04-10 21:35 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll 2013-04-10 21:35 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll 2013-04-10 21:35 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys 2013-04-09 14:54 . 2013-04-09 14:54 -------- d-----w- c:\program files (x86)\Common Files\Skype 2013-04-09 13:23 . 2013-04-11 08:03 72702784 ----a-w- c:\windows\system32\MRT.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-02 07:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-05-01 23:33 . 2012-11-04 04:59 287840 ----a-w- c:\windows\system32\aswBoot.exe 2013-04-24 20:38 . 2012-04-05 00:10 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-04-24 20:38 . 2011-10-18 19:30 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-04-14 20:54 . 2012-06-04 23:11 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-04-14 20:54 . 2012-06-04 23:11 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\SysWow64\GPhotos.scr 2013-03-23 08:46 . 2013-03-23 08:46 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2013-03-23 08:36 . 2013-03-23 08:36 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2013-03-23 08:36 . 2013-03-23 08:36 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2013-03-23 08:36 . 2013-03-23 08:36 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2013-02-12 05:45 . 2013-03-13 20:35 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45 . 2013-03-13 20:35 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45 . 2013-03-13 20:35 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45 . 2013-03-13 20:35 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48 . 2013-03-13 20:35 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48 . 2013-03-13 20:35 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-02-12 04:12 . 2013-03-14 06:13 19968 ----a-w- c:\windows\system32\drivers\usb8023x.sys 2013-02-12 04:12 . 2013-03-14 06:13 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SansaDispatch"="c:\users\Heavy Metal Miku\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2013-03-18 613888] "DuckCapture"="c:\program files (x86)\DuckLink\DuckCapture\DuckCapture.exe" [2011-11-04 436736] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728] "GoogleChromeAutoLaunch_31CA42A8BD0706FB99B52FCA9D6C359A"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2013-04-09 1312720] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280] "Dolby Advanced Audio v2"="c:\dolby pcee4\pcee4.exe" [2011-06-01 506712] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-15 1081424] "ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2012-04-26 179272] "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-01 4858456] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Content Manager Assistant for PlayStation®.lnk - c:\program files (x86)\Sony\Content Manager Assistant\CMA.exe [2013-3-13 3458968] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752] R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-10 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 93093138;93093138;c:\windows\system32\DRIVERS\93093138.sys [2013-02-09 460888] S0 aswRvrt;aswRvrt; [x] S0 aswVmm;aswVmm; [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 4170085drv;4170085drv;c:\windows\system32\DRIVERS\4170085drv.sys [2013-02-09 556632] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-05 283200] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-12-08 22648] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-12-08 20520] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-12-08 62776] S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-01 80816] S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-03-15 352336] S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552] S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456] S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-22 2656280] S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [2010-12-11 67112] S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [2010-12-11 19496] S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [2010-12-11 35368] S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [2010-12-12 85544] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-11-01 410152] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 TotRec8;Total Recorder WDM audio filter driver;c:\windows\system32\drivers\TotRec8.sys [2012-11-30 124176] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-04-11 10:31 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-05-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 20:38] . 2013-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-07 22:03] . 2013-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-07 22:03] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-05-01 23:33 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-04 167704] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-04 392472] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-04 416024] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-22 12632168] "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-07-13 2264168] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU] "Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com uLocal Page = c:\windows\system32\blank.htm uDefault_Search_URL = hxxp://www.google.com/ie mDefault_Page_URL = hxxp://acer.msn.com mStart Page = hxxp://acer.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{07ADFD23-9263-42A8-BEE5-BC72B988C78D}: NameServer = 192.168.1.13 FF - ProfilePath - c:\users\Heavy Metal Miku\AppData\Roaming\Mozilla\Firefox\Profiles\dll6rgnn.default\ FF - prefs.js: browser.startup.homepage - google.com FF - prefs.js: network.proxy.http - 217.11.177.26 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2013-05-06 04:38; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) AddRemove-LINE - c:\program files (x86)\Naver\LINE\LineUnInst.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-479844974-4173024955-3454779408-1001\Software\KISS\000・・003*D*] "InstallPath"="c:\\KISS\\カスタムメイド3D\\" "DskSht"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\000・・003*D*] "DisplayName"="カスタムメイド3D" "UninstallString"="c:\\KISS\\カスタムメイド3D\\Installer.exe /luninst1" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-05-07 17:42:11 ComboFix-quarantined-files.txt 2013-05-07 22:42 ComboFix2.txt 2013-05-06 22:12 . Pre-Run: 32,138,371,072 bytes free Post-Run: 32,135,454,720 bytes free . - - End Of File - - A88F4D6173D4D41BA2970A99AAE41408
  4. Alright, it's finish! ComboFix 13-05-06.03 - Heavy Metal Miku 6/2013 Mon 16:30:43.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.3907.2791 [GMT -5:00] Running from: c:\users\Heavy Metal Miku\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Crack c:\program files (x86)\Crack\SMM_HCEditor.exe c:\program files (x86)\Crack\SMM_HyperCam.exe c:\program files (x86)\Naver c:\program files (x86)\Naver\LINE\amp-dll.dll c:\program files (x86)\Naver\LINE\CommLib.dll c:\program files (x86)\Naver\LINE\CommModule.dll c:\program files (x86)\Naver\LINE\DataModule.dll c:\program files (x86)\Naver\LINE\dbghelp.dll c:\program files (x86)\Naver\LINE\Line.exe c:\program files (x86)\Naver\LINE\LineAppMgr.exe c:\program files (x86)\Naver\LINE\LineUnInst.exe c:\program files (x86)\Naver\LINE\LineUpgrader.exe c:\program files (x86)\Naver\LINE\MediaInfo.dll c:\program files (x86)\Naver\LINE\Microsoft.VC90.CRT.manifest c:\program files (x86)\Naver\LINE\msvcp90.dll c:\program files (x86)\Naver\LINE\msvcr90.dll c:\program files (x86)\Naver\LINE\NELO.dll c:\program files (x86)\Naver\LINE\NELO_CrashReporter.exe c:\program files (x86)\Naver\LINE\README.license c:\program files (x86)\Naver\LINE\res\locale\en-US\strings.xml c:\program files (x86)\Naver\LINE\res\locale\es\strings.xml c:\program files (x86)\Naver\LINE\res\locale\ja-JP\strings.xml c:\program files (x86)\Naver\LINE\res\locale\ko-KR\strings.xml c:\program files (x86)\Naver\LINE\res\locale\zh-CN\strings.xml c:\program files (x86)\Naver\LINE\res\locale\zh-TW\strings.xml c:\program files (x86)\Naver\LINE\res\skin\basic\about.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\buddyInfo.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\chatMember.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\chatRoom.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\css\buddyInfo.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\chatMember.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\chatRoom.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\chatRoomMessage.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\common.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\emoji.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\emojiIcon.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\emojiLetter.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\groupMake.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\groupModify.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\invite.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\likeSelect.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\login.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\loginHelp.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\loginSecurity.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\makeGroup.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\myInfo.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\needQRCodeLogin.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\setting.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\settingContents.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\snsPanel.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\snsWindow.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\sticker.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\talk.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\talkAddBuddy.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\talkBuddyList.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\talkChatList.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\toast.css c:\program files (x86)\Naver\LINE\res\skin\basic\css\voip.css c:\program files (x86)\Naver\LINE\res\skin\basic\emoji.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\emojiIcon.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\emojiLetter.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\groupMake.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\groupModify.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_audio.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_btn_box.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_buddy_bubble_gray.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_buddy_bubble_gray2.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_buddy_image_frame.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_buddy_video.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_call.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_date_bubble.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_img_err.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_layer.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_menu_line.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_more.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_my_bubble_green.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_my_bubble_green2.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_my_bubble_light_green.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_my_image_frame.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_my_video.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_new_buddy.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_sep.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_splitter.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_top.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\bg_video.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\br_btm_l.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\br_btm_m.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\br_btm_r.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\br_line.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\br_top_l.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\br_top_r.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\btn_addblock.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\btn_arrow_down.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\btn_canel.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\btn_chat_type1.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\btn_close.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\btn_del.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\btn_emoji.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\btn_file.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\btn_max.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\btn_menu.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\btn_min.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\btn_room_name.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\check_style1.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\check_style2.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\check_style3.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\check_style3_x.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\check_style3_xx.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\flag.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\ico_alarm_off.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\ico_error_sticker.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\ico_fail.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\ico_file.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\ico_person.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\icon_voip.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\icon_voip_disable.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\loading.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\loading_small.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\nick_bubble_l.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\nick_bubble_m.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\nick_bubble_r.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\slider_bar.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\slider_thumb.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\chat\thumnail_box.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\bar_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\bar_02.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\bg_dlg_title.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\br_btm_l.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\br_btm_r.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\br_line.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\br_top_l.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\br_top_r.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\btn_close_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\btn_close_02.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\btn_system.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\btn_type1.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\btn_type2.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\btn_type3.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\btn_update.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\check_type1.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\checkbox_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\ico_close.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\ico_dot01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\ico_return.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\icon_clear.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\input_box.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\layer_btn_close.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\layer_btn_close_all.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\layer_btn_close_click.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\layer_btn_close_over.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\layer_btn_search_1.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\Line.ico c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\line_about.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\line_about_btn.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\loading.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\profile_frame.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\spin_down.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\spin_up.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\thumnail_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\thumnail_02.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\thumnail_03.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\thumnail_04.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\common\thumnail_05.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\bg_tab.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\btn_icon_bg.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\btn_index.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\btn_latest.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\btn_left.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\btn_letter.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\btn_right.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\btn_sticker_arrow1.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\btn_sticker_arrow2.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\emoji_bottom.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\emoji_select.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\emoji_top_bg.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\select_emoticon.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\select_kaomoji.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\select_sticker.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\emoji\stiker_btn_bg.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\bg_add_profile_frame.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\bg_teamlayer_top_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\btn_plus_02.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\btn_radio_off_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\btn_radio_on_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\btn_teampopup_cancel_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\btn_teampopup_invite_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\btn_teampopup_make_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\btn_teampopup_member_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\btn_teampopup_no_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\btn_teampopup_save_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\btn_teampopup_talk_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\btn_teampopup_write_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\btn_teampopup_yes_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\check_style1.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\check_style3.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\group\group_edit_select.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\btn_close.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\btn_login.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\btn_max.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\btn_min.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\btn_qrcode_refresh.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\en-US\01_main.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\en-US\02_email.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\en-US\03_qr01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\en-US\04_qr02.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\en-US\btn_login.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\en-US\btn_qrcode.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\es\01_main.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\es\02_email.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\es\03_qr01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\es\04_qr02.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\es\btn_login.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\es\btn_qrcode.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ico_q.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ico_step01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ico_step02.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ja-JP\01_main.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ja-JP\02_email.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ja-JP\03_jp_main.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ja-JP\04_jp_setting.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ja-JP\05_app_qr01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ja-JP\06_app_qr02.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ja-JP\07_wap_qr01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ja-JP\08_wap_qr02.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ja-JP\btn_login.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ja-JP\btn_qrcode.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ko-KR\01_main.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ko-KR\02_email.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ko-KR\03_naver.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ko-KR\04_qr01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ko-KR\05_qr02.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ko-KR\btn_international.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ko-KR\btn_login.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\ko-KR\btn_qrcode.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\line_logo.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\login_bg1.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\login_bg2.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\login_btm.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\login_bullet.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\login_bullet2.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\login_line.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\login_qrcode.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\num_box_bg.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\popup_img_qrsorry.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\zh-CN\01_main.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\zh-CN\02_email.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\zh-CN\03_qr01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\zh-CN\04_qr02.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\zh-CN\btn_login.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\zh-CN\btn_qrcode.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\zh-TW\01_main.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\zh-TW\02_email.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\zh-TW\03_qr01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\zh-TW\04_qr02.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\zh-TW\btn_login.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\login\zh-TW\btn_qrcode.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\menu\menu_bottom_l.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\menu\menu_bottom_m.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\menu\menu_bottom_r.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\menu\menu_check.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\menu\menu_middle_l.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\menu\menu_middle_r.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\menu\menu_top_l.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\menu\menu_top_m.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\menu\menu_top_r.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\menu\menu_uncheck.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\profile\img_default.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\profile\img_default_big.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\profile\img_default_group.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\profile\img_default_group_big.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\profile\img_default_makegroup.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\profile\list_img_default.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\profile\list_img_default_group.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\profile\list_img_default_makegroup.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\setting\bg_setting.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\setting\bg_setting_btm.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\setting\bg_setting_line.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\setting\bg_setting_top.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\setting\bg_setting_topleft.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\setting\bg_setting_topright.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\setting\btn_block_user.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\setting\btn_select.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\setting\ico_arrow.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\setting\layer_btn_close_all.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\setting\tab_bg.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\bg_badge.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\bg_subpanel.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\bg_tab.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\bg_top.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\btn_add_friend.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\btn_chat.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\btn_close.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\btn_list_option.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\btn_max.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\btn_menu.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\btn_min.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\btn_top_friendtalk_01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\check_addbuddy.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\check_group_show.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\group_member_count_bg.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\ico_tab01.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\ico_tab02.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\ico_tab03.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\ico_tab04.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\icon_search.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\img_no_data_1.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\img_no_data_2.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\img_no_data_3.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\input_cursor.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\list_tab_bar.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\nick_bubble_l.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\nick_bubble_m.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\nick_bubble_r.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\talk\status_bg.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_end_comment_more.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_icon_comment.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_icon_comment_on.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_icon_like.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_icon_like_on.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_icon_more_normal.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_like_1001.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_like_1002.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_like_1003.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_like_1004.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_like_1005.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_like_1006.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_like_layer_b_1.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_like_layer_b_2.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_like_layer_b_3.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_like_layer_t_1.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_like_layer_t_2.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\tm_like_layer_t_3.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\write_01_map_icon_selected.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\write_01_vod_icon_normal.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\write_pic.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\write_stamp.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tm\write_vod.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\toast\toast_bg.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\toast\toast_btn_call_accept.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\toast\toast_btn_call_bg.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\toast\toast_btn_call_refuse.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\toast\toast_close.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\toast\toast_icon_call_accept.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\toast\toast_icon_call_refuse.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\tray\line_off.ico c:\program files (x86)\Naver\LINE\res\skin\basic\images\tray\tray_icon_new.ico c:\program files (x86)\Naver\LINE\res\skin\basic\images\tray\tray_icon_offline.ico c:\program files (x86)\Naver\LINE\res\skin\basic\images\tray\tray_icon_online.ico c:\program files (x86)\Naver\LINE\res\skin\basic\images\voip\voip_icon_call_accept.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\voip\voip_icon_call_refuse.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\voip\voip_icon_mic.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\voip\voip_icon_mic_dim.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\voip\voip_icon_vol.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\voip\voip_icon_vol_dim.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\voip\voip_icon_vol_gray.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\voip\voip_icon_vol_green.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\voip\voip_win_btn.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\voip\voip_win_thumnail_110.png c:\program files (x86)\Naver\LINE\res\skin\basic\images\voip\voip_win_thumnail_bg.png c:\program files (x86)\Naver\LINE\res\skin\basic\invite.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\likeSelect.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\login.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\loginHelp.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\loginKickout.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\loginSecurity.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\macUpgradeNotice.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\myInfo.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\needQRCodeLogin.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\notice.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\picturePopup.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\QRCodeHelp.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\setting.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\settingAlarm.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\settingBasic.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\settingContact.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\settingProfile.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\settingTalk.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\skinMsgBox.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\snsPanel.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\snsWindow.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\sticker.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\talk.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\talkAddBuddy.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\talkBuddyList.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\talkChatList.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\test.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\toast.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\uploadPicture.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\voip.nxul c:\program files (x86)\Naver\LINE\res\skin\basic\windowPositionHelperTester.nxul c:\program files (x86)\Naver\LINE\res\skin\emoji\emoji_facemark.csv c:\program files (x86)\Naver\LINE\res\skin\emoji\emoji_icon.csv c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoji_w_001.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoji_w_002.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoji_w_003.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoji_w_004.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoji_w_005.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoji_w_006.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoji_w_007.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoji_w_008.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoji_w_009.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0120.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0121.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0122.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0123.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0124.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0125.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0126.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0127.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0128.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0129.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0130.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0131.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0132.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0133.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0134.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0135.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0136.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0137.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0138.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_0139.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_01.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_02.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_03.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_04.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_05.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_06.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_07.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_08.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_09.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_10.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_11.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_12.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_13.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_14.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_15.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_16.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_17.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_18.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_19.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_20.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_02_21.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_03_01.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_03_02.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_03_03.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_03_04.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_03_05.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_03_06.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_03_07.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_03_08.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_03_09.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_03_10.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_03_11.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_03_12.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_04_01.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_04_02.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_04_03.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_04_04.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_04_05.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_04_06.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_04_07.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_04_08.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_04_09.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_04_10.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_04_11.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_04_12.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_04_13.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_05_01.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_05_02.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_05_03.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_05_04.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_05_05.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_05_06.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_05_07.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_05_08.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_05_09.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_05_10.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_05_11.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_05_12.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_05_13.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_05_14.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_05_15.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_01.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_02.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_03.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_04.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_05.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_06.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_07.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_08.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_09.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_10.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_11.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_12.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_13.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_14.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_15.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_16.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_17.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_18.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_19.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_20.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_06_21.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_01.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_02.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_03.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_04.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_05.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_06.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_07.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_08.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_09.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_10.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_11.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_12.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_13.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_14.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_15.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_16.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_17.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_18.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_19.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_20.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_01_21.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_01.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_02.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_03.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_04.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_05.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_06.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_07.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_08.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_09.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_10.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_11.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_12.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_13.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_14.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_15.png c:\program files (x86)\Naver\LINE\res\skin\emoji\icon\emoticon_face_02_16.png c:\program files (x86)\Naver\LINE\res\skin\sticker\gift\gift_1.png c:\program files (x86)\Naver\LINE\res\skin\sticker\gift\gift_2.png c:\program files (x86)\Naver\LINE\res\skin\sticker\gift\gift_3.png c:\program files (x86)\Naver\LINE\res\skin\sticker\gift\gift_4.png c:\program files (x86)\Naver\LINE\res\skin\sticker\tab\tab00_off.png c:\program files (x86)\Naver\LINE\res\skin\sticker\tab\tab00_on.png c:\program files (x86)\Naver\LINE\res\sounds\Bell.wav c:\program files (x86)\Naver\LINE\res\sounds\VoipEnd.wav c:\program files (x86)\Naver\LINE\res\sounds\VoipRing.wav c:\program files (x86)\Naver\LINE\res\sounds\VoipRingback.wav c:\windows\assembly\GAC_32\Desktop.ini c:\windows\assembly\GAC_64\Desktop.ini c:\windows\Temp\log.txt . . ((((((((((((((((((((((((( Files Created from 2013-04-06 to 2013-05-06 ))))))))))))))))))))))))))))))) . . 2013-05-06 21:57 . 2013-05-06 21:57 -------- d-----w- c:\users\Guest\AppData\Local\temp 2013-05-06 21:57 . 2013-05-06 21:57 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-05-06 21:57 . 2013-05-06 21:57 -------- d-----w- c:\users\school\AppData\Local\temp 2013-05-06 21:57 . 2013-05-06 21:57 -------- d-----w- c:\users\Public.HeavyMetalMiku\AppData\Local\temp 2013-05-06 16:38 . 2013-05-06 17:02 -------- d-----w- C:\TDSSKiller_Quarantine 2013-05-06 15:19 . 2013-05-06 15:19 -------- d-----w- c:\windows\ERUNT 2013-05-06 15:19 . 2013-05-06 15:19 -------- d-----w- C:\JRT 2013-05-06 12:50 . 2013-05-06 12:50 -------- d-----w- C:\found.001 2013-05-06 12:07 . 2013-05-06 12:07 -------- d-----w- c:\program files (x86)\ESET 2013-05-06 09:39 . 2013-05-01 23:34 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-05-06 09:39 . 2013-05-01 23:34 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2013-05-06 09:39 . 2013-05-01 23:34 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2013-05-06 09:39 . 2013-05-01 23:34 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-05-06 09:39 . 2013-05-02 15:44 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-05-06 09:39 . 2013-05-01 23:34 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-05-06 09:39 . 2013-05-01 23:34 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-05-06 09:39 . 2013-05-01 23:34 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-05-06 09:37 . 2013-05-01 23:33 41664 ----a-w- c:\windows\avastSS.scr 2013-05-06 09:31 . 2013-05-06 09:31 -------- d-----w- c:\users\Heavy Metal Miku\AppData\Roaming\Malwarebytes 2013-05-06 09:31 . 2013-05-06 09:31 -------- d-----w- c:\programdata\Malwarebytes 2013-05-06 09:31 . 2013-05-06 09:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-05-06 09:31 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-05-06 09:31 . 2013-05-06 09:31 -------- d-----w- c:\users\Heavy Metal Miku\AppData\Local\Programs 2013-05-06 08:37 . 2013-05-06 08:37 -------- d-----w- c:\programdata\Kaspersky Lab 2013-05-06 08:31 . 2013-02-09 07:11 556632 ----a-w- c:\windows\system32\drivers\4170085drv.sys 2013-05-06 08:31 . 2013-02-09 07:11 460888 ----a-w- c:\windows\system32\drivers\93093138.sys 2013-05-06 07:34 . 2013-05-06 13:34 -------- d-----w- c:\users\Heavy Metal Miku\AppData\Roaming\Anvisoft 2013-05-06 07:34 . 2013-05-06 07:34 -------- d-----w- c:\programdata\Anvisoft 2013-05-06 07:33 . 2013-05-06 13:34 -------- d-----w- c:\program files (x86)\Anvisoft 2013-05-06 06:41 . 2013-05-06 06:41 -------- d-sh--w- c:\windows\SysWow64\%APPDATA% 2013-04-23 21:44 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-04-15 20:32 . 2013-04-15 20:32 6128760 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2013-04-15 20:32 . 2013-04-15 20:32 6128760 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2013-04-14 21:00 . 2013-04-14 21:00 -------- d-----w- c:\program files (x86)\Common Files\Java 2013-04-14 20:54 . 2013-04-14 20:54 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-04-13 15:49 . 2013-04-13 16:05 -------- d-----w- c:\users\Heavy Metal Miku\AppData\Local\Line 2013-04-12 02:52 . 2013-04-12 02:52 26520 ----a-w- c:\program files (x86)\Mozilla Firefox\plugin-hang-ui.exe 2013-04-10 21:36 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-04-10 21:35 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll 2013-04-10 21:35 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll 2013-04-10 21:35 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll 2013-04-10 21:35 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll 2013-04-10 21:35 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll 2013-04-10 21:35 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll 2013-04-10 21:35 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys 2013-04-09 14:54 . 2013-04-09 14:54 -------- d-----w- c:\program files (x86)\Common Files\Skype 2013-04-09 13:23 . 2013-04-11 08:03 72702784 ----a-w- c:\windows\system32\MRT.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-05 07:46 . 2013-05-05 07:46 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D081C12D-44EC-4A13-938C-70DBEF4D5F7B}\offreg.dll 2013-05-02 07:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-05-01 23:33 . 2012-11-04 04:59 287840 ----a-w- c:\windows\system32\aswBoot.exe 2013-04-24 20:38 . 2012-04-05 00:10 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-04-24 20:38 . 2011-10-18 19:30 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-04-14 20:54 . 2012-06-04 23:11 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-04-14 20:54 . 2012-06-04 23:11 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-04-10 03:46 . 2013-05-03 18:52 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D081C12D-44EC-4A13-938C-70DBEF4D5F7B}\mpengine.dll 2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\SysWow64\GPhotos.scr 2013-03-23 08:46 . 2013-03-23 08:46 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2013-03-23 08:36 . 2013-03-23 08:36 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2013-03-23 08:36 . 2013-03-23 08:36 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2013-03-23 08:36 . 2013-03-23 08:36 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2013-02-12 05:45 . 2013-03-13 20:35 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45 . 2013-03-13 20:35 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45 . 2013-03-13 20:35 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45 . 2013-03-13 20:35 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48 . 2013-03-13 20:35 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48 . 2013-03-13 20:35 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-02-12 04:12 . 2013-03-14 06:13 19968 ----a-w- c:\windows\system32\drivers\usb8023x.sys 2013-02-12 04:12 . 2013-03-14 06:13 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SansaDispatch"="c:\users\Heavy Metal Miku\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2013-03-18 613888] "DuckCapture"="c:\program files (x86)\DuckLink\DuckCapture\DuckCapture.exe" [2011-11-04 436736] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728] "GoogleChromeAutoLaunch_31CA42A8BD0706FB99B52FCA9D6C359A"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2013-04-09 1312720] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280] "Dolby Advanced Audio v2"="c:\dolby pcee4\pcee4.exe" [2011-06-01 506712] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-15 1081424] "ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2012-04-26 179272] "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-01 4858456] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Content Manager Assistant for PlayStation®.lnk - c:\program files (x86)\Sony\Content Manager Assistant\CMA.exe [2013-3-13 3458968] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752] R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-10 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 93093138;93093138;c:\windows\system32\DRIVERS\93093138.sys [2013-02-09 460888] S0 aswRvrt;aswRvrt; [x] S0 aswVmm;aswVmm; [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 4170085drv;4170085drv;c:\windows\system32\DRIVERS\4170085drv.sys [2013-02-09 556632] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-05 283200] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-12-08 22648] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-12-08 20520] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-12-08 62776] S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-01 80816] S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-03-15 352336] S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552] S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456] S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-22 2656280] S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [2010-12-11 67112] S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [2010-12-11 19496] S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [2010-12-11 35368] S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [2010-12-12 85544] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-11-01 410152] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 TotRec8;Total Recorder WDM audio filter driver;c:\windows\system32\drivers\TotRec8.sys [2012-11-30 124176] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-04-11 10:31 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-05-06 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 20:38] . 2013-05-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-07 22:03] . 2013-05-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-07 22:03] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-05-01 23:33 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-04 167704] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-04 392472] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-04 416024] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-22 12632168] "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-07-13 2264168] "Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com uLocal Page = c:\windows\system32\blank.htm uDefault_Search_URL = hxxp://www.google.com/ie mDefault_Page_URL = hxxp://acer.msn.com mStart Page = hxxp://acer.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{07ADFD23-9263-42A8-BEE5-BC72B988C78D}: NameServer = 192.168.1.13 FF - ProfilePath - c:\users\Heavy Metal Miku\AppData\Roaming\Mozilla\Firefox\Profiles\dll6rgnn.default\ FF - prefs.js: browser.startup.homepage - google.com FF - prefs.js: network.proxy.http - 217.11.177.26 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2013-05-06 04:38; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKLM-Run-Wondershare Helper Compact.exe - c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe SafeBoot-26116270.sys SafeBoot-90310795.sys Toolbar-Locked - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-LINE - c:\program files (x86)\Naver\LINE\LineUnInst.exe AddRemove-hao123desk-jp - c:\users\Heavy Metal Miku\AppData\Roaming\baidu\hao123-jp\hao123.1.0.0.1106.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-479844974-4173024955-3454779408-1001\Software\KISS\000・・003*D*] "InstallPath"="c:\\KISS\\カスタムメイド3D\\" "DskSht"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\000・・003*D*] "DisplayName"="カスタムメイド3D" "UninstallString"="c:\\KISS\\カスタムメイド3D\\Installer.exe /luninst1" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Launch Manager\LMworker.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\Launch Manager\LMutilps32.exe c:\program files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Completion time: 2013-05-06 17:12:46 - machine was rebooted ComboFix-quarantined-files.txt 2013-05-06 22:12 . Pre-Run: 22,163,353,600 bytes free Post-Run: 33,327,652,864 bytes free . - - End Of File - - 485A9F07EDB064DCA5D48FCED90D5CE3
  5. This looks like a suicide choice to make, I am reading throughout the links you have posted. I am going to transfer some stuff to my external HDD just in case my laptop misses up but I will have whats important to me. I thank you for your cooperation throughout the hours you had helped me! I hope you can wait a little more and be patience throughout the process of transferring that I am doing at the moment, and when the time comes, as well a good luck for me once I proceed ComboFix.
  6. 21C0735B21DCC8BC4FEF02F379EF ] C:\Windows\SysWOW64\Apphlpdm.dll 11:36:46.0481 4812 C:\Windows\SysWOW64\Apphlpdm.dll - ok 11:36:46.0496 4812 [ 18BA04479F5EB04FBD9C9A1572E4617E ] C:\Program Files (x86)\Java\jre7\bin\keytool.exe 11:36:46.0496 4812 C:\Program Files (x86)\Java\jre7\bin\keytool.exe - ok 11:36:46.0496 4812 [ 23E58DE783E988C62C07CC32A0332C2C ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup 11:36:46.0496 4812 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok 11:36:46.0496 4812 [ B1A94D0465AB523E02F7A4FCF879169D ] C:\Program Files (x86)\Java\jre7\bin\jli.dll 11:36:46.0496 4812 C:\Program Files (x86)\Java\jre7\bin\jli.dll - ok 11:36:46.0512 4812 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll 11:36:46.0512 4812 C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll - ok 11:36:46.0512 4812 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll 11:36:46.0512 4812 C:\Windows\System32\Apphlpdm.dll - ok 11:36:46.0512 4812 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll 11:36:46.0512 4812 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok 11:36:46.0528 4812 [ 99934BAB4B8BFD3B52F3A13A1DA18890 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\5b203f3d0f44503fccf96b4a673c0e6e\System.ni.dll 11:36:46.0528 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\5b203f3d0f44503fccf96b4a673c0e6e\System.ni.dll - ok 11:36:46.0528 4812 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll 11:36:46.0528 4812 C:\Windows\SysWOW64\dsrole.dll - ok 11:36:46.0528 4812 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll 11:36:46.0528 4812 C:\Windows\SysWOW64\slc.dll - ok 11:36:46.0543 4812 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll 11:36:46.0543 4812 C:\Windows\SysWOW64\imageres.dll - ok 11:36:46.0543 4812 [ 36F37BD6B67F9BEA441A126C2DA35262 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\02d0f1247d4a3a368d2a77e8a548c24a\System.Drawing.ni.dll 11:36:46.0543 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\02d0f1247d4a3a368d2a77e8a548c24a\System.Drawing.ni.dll - ok 11:36:46.0543 4812 [ 8839C69D4E9468A1E5BDF4B9F4BCC5FE ] C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll 11:36:46.0543 4812 C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll - ok 11:36:46.0559 4812 [ 76F27FAB5BA22E336E5D42626702E744 ] C:\Program Files (x86)\Java\jre7\bin\verify.dll 11:36:46.0559 4812 C:\Program Files (x86)\Java\jre7\bin\verify.dll - ok 11:36:46.0559 4812 [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\SysWOW64\apisetschema.dll 11:36:46.0559 4812 C:\Windows\SysWOW64\apisetschema.dll - ok 11:36:46.0559 4812 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll 11:36:46.0559 4812 C:\Windows\System32\PortableDeviceApi.dll - ok 11:36:46.0574 4812 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll 11:36:46.0574 4812 C:\Windows\System32\netshell.dll - ok 11:36:46.0574 4812 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\SysWOW64\PortableDeviceConnectApi.dll 11:36:46.0574 4812 C:\Windows\SysWOW64\PortableDeviceConnectApi.dll - ok 11:36:46.0574 4812 [ 8A53582955841F6FFC62D7FD2E913773 ] C:\Program Files (x86)\Java\jre7\bin\java.dll 11:36:46.0574 4812 C:\Program Files (x86)\Java\jre7\bin\java.dll - ok 11:36:46.0590 4812 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll 11:36:46.0590 4812 C:\Windows\System32\PortableDeviceConnectApi.dll - ok 11:36:46.0590 4812 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll 11:36:46.0590 4812 C:\Windows\SysWOW64\dot3api.dll - ok 11:36:46.0590 4812 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll 11:36:46.0590 4812 C:\Windows\System32\dot3api.dll - ok 11:36:46.0606 4812 [ 95A841BE3CF27181D7E9033DD66BC5CF ] C:\Program Files (x86)\Java\jre7\bin\zip.dll 11:36:46.0606 4812 C:\Program Files (x86)\Java\jre7\bin\zip.dll - ok 11:36:46.0606 4812 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll 11:36:46.0606 4812 C:\Windows\SysWOW64\wlanhlp.dll - ok 11:36:46.0606 4812 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll 11:36:46.0606 4812 C:\Windows\System32\wlanhlp.dll - ok 11:36:46.0606 4812 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll 11:36:46.0606 4812 C:\Windows\SysWOW64\hnetcfg.dll - ok 11:36:46.0621 4812 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll 11:36:46.0621 4812 C:\Windows\System32\hnetcfg.dll - ok 11:36:46.0621 4812 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll 11:36:46.0621 4812 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok 11:36:46.0621 4812 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll 11:36:46.0621 4812 C:\Windows\SysWOW64\wbemcomn.dll - ok 11:36:46.0637 4812 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll 11:36:46.0637 4812 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok 11:36:46.0637 4812 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll 11:36:46.0637 4812 C:\Windows\SysWOW64\wbem\fastprox.dll - ok 11:36:46.0637 4812 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll 11:36:46.0637 4812 C:\Windows\SysWOW64\ntdsapi.dll - ok 11:36:46.0652 4812 [ 27D002C0D63FB0FD41A623C190F0B6FD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\6f188156db329da9eb9f7dfbd490fe04\System.Windows.Forms.ni.dll 11:36:46.0652 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\6f188156db329da9eb9f7dfbd490fe04\System.Windows.Forms.ni.dll - ok 11:36:46.0652 4812 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll 11:36:46.0652 4812 C:\Windows\SysWOW64\SPInf.dll - ok 11:36:46.0652 4812 [ 30B2B89BB7D7BB4BEB0162D8633B9DF9 ] C:\Program Files (x86)\Java\jre7\bin\sunec.dll 11:36:46.0652 4812 C:\Program Files (x86)\Java\jre7\bin\sunec.dll - ok 11:36:46.0668 4812 [ 22385EE33688B10B61DA1D8CA9549E4B ] C:\Users\Heavy Metal Miku\AppData\Local\Temp\clear.fiClient\cabarc.exe 11:36:46.0668 4812 C:\Users\Heavy Metal Miku\AppData\Local\Temp\clear.fiClient\cabarc.exe - ok 11:36:46.0668 4812 [ 1683548B3FDD5AD0B940F19CA6700BB8 ] C:\Program Files (x86)\Java\jre7\bin\sunmscapi.dll 11:36:46.0668 4812 C:\Program Files (x86)\Java\jre7\bin\sunmscapi.dll - ok 11:36:46.0668 4812 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll 11:36:46.0668 4812 C:\Windows\SysWOW64\comdlg32.dll - ok 11:36:46.0684 4812 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll 11:36:46.0684 4812 C:\Windows\SysWOW64\oledlg.dll - ok 11:36:46.0684 4812 [ B5B2896034D8ADEBD79E0C281B52508F ] C:\Windows\AppPatch\AcGenral.dll 11:36:46.0684 4812 C:\Windows\AppPatch\AcGenral.dll - ok 11:36:46.0684 4812 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll 11:36:46.0684 4812 C:\Windows\SysWOW64\msacm32.dll - ok 11:36:46.0684 4812 [ 90FB1802D488FFA9029854A77D4F3F27 ] C:\Windows\SysWOW64\oleaccrc.dll 11:36:46.0684 4812 C:\Windows\SysWOW64\oleaccrc.dll - ok 11:36:46.0699 4812 [ B39B8CC163C41B12FE83E777199F3378 ] C:\Windows\SysWOW64\tzres.dll 11:36:46.0699 4812 C:\Windows\SysWOW64\tzres.dll - ok 11:36:46.0699 4812 [ 94DBAAB1343316055DCC2526D818F6E6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\93cead2a03814bde61473510f8910727\System.Xml.ni.dll 11:36:46.0699 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\93cead2a03814bde61473510f8910727\System.Xml.ni.dll - ok 11:36:46.0699 4812 [ 530D7A0984B619F656E90D5A02CDF00D ] C:\Program Files\AVAST Software\Avast\1041\Base.dll 11:36:46.0715 4812 C:\Program Files\AVAST Software\Avast\1041\Base.dll - ok 11:36:46.0715 4812 [ 134D210D648F7D8B8E95CF4C72B4C595 ] C:\Program Files\AVAST Software\Avast\aswAraSr.exe 11:36:46.0715 4812 C:\Program Files\AVAST Software\Avast\aswAraSr.exe - ok 11:36:46.0715 4812 [ 7496F7E2FF929DE8F64435290402694B ] C:\Program Files\AVAST Software\Avast\aswAra.dll 11:36:46.0715 4812 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok 11:36:46.0715 4812 [ FC05310B5586802B93A004F68AD0107A ] C:\Program Files\AVAST Software\Avast\screenhooks32.dll 11:36:46.0715 4812 C:\Program Files\AVAST Software\Avast\screenhooks32.dll - ok 11:36:46.0730 4812 [ 0ED27C5642D4787D41CABCCE92B5B92A ] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe 11:36:46.0730 4812 C:\Program Files\AVAST Software\Avast\aswRegSvr.exe - ok 11:36:46.0730 4812 [ 58212DC7B4F1258EC18AFC3C0488B3EE ] C:\Program Files\AVAST Software\Avast\ashShell.dll 11:36:46.0730 4812 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok 11:36:46.0730 4812 [ 7132802C1BFF8A332F038875D6A397D9 ] C:\Program Files\AVAST Software\Avast\ashQuick.exe 11:36:46.0730 4812 C:\Program Files\AVAST Software\Avast\ashQuick.exe - ok 11:36:46.0746 4812 [ 7C925D13827B0C75677D83D2D46259BC ] C:\Program Files\AVAST Software\Avast\ashUpd.exe 11:36:46.0746 4812 C:\Program Files\AVAST Software\Avast\ashUpd.exe - ok 11:36:46.0746 4812 [ 9BA0D0025EAD5F550360910EABDC56E5 ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe 11:36:46.0746 4812 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok 11:36:46.0762 4812 [ 1895FDF8E3A75C48A24DAEDECC985635 ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswBoot.exe 11:36:46.0762 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswBoot.exe - ok 11:36:46.0762 4812 [ 1B4D815E14B4A6CF423B00E7E9445A5C ] C:\Windows\avastSS.scr 11:36:46.0762 4812 C:\Windows\avastSS.scr - ok 11:36:46.0762 4812 [ 6C604262100E7B2F4658ED8DD83BF6F6 ] C:\Program Files\AVAST Software\Avast\avastSS.dll 11:36:46.0762 4812 C:\Program Files\AVAST Software\Avast\avastSS.dll - ok 11:36:46.0762 4812 [ 05686CB62731716599F0C4F47C9C6EE6 ] C:\Program Files\AVAST Software\Avast\sched.exe 11:36:46.0762 4812 C:\Program Files\AVAST Software\Avast\sched.exe - ok 11:36:46.0777 4812 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll 11:36:46.0777 4812 C:\Windows\SysWOW64\IconCodecService.dll - ok 11:36:46.0777 4812 [ 760E2015DE7EC25B54EE11D7915A2553 ] C:\Program Files\AVAST Software\Avast\aswData.dll 11:36:46.0777 4812 C:\Program Files\AVAST Software\Avast\aswData.dll - ok 11:36:46.0777 4812 [ 7CDF72D5213A3EC23DE8E2EF5CCB5D07 ] C:\Program Files\AVAST Software\Avast\aswUtil.dll 11:36:46.0777 4812 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok 11:36:46.0793 4812 [ 52E85644090EC04A94ED301090B461A3 ] C:\Program Files\AVAST Software\Avast\aswW8ntf.dll 11:36:46.0793 4812 C:\Program Files\AVAST Software\Avast\aswW8ntf.dll - ok 11:36:46.0793 4812 [ 1010E520B76453C6AD2D170D67A14CF3 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe 11:36:46.0793 4812 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok 11:36:46.0793 4812 [ 6A70854398A8F7C2AB4CF67DF4EEE44E ] C:\Program Files\AVAST Software\Avast\AvSSHook.dll 11:36:46.0793 4812 C:\Program Files\AVAST Software\Avast\AvSSHook.dll - ok 11:36:46.0808 4812 [ AD9D2C89DC7013B4F375246825D862BA ] C:\Program Files\AVAST Software\Avast\CommonRes.dll 11:36:46.0808 4812 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok 11:36:46.0808 4812 [ D33BE7B03969AFB8A0EA555CF19D08DF ] C:\Program Files\AVAST Software\Avast\VisthAux.exe 11:36:46.0808 4812 C:\Program Files\AVAST Software\Avast\VisthAux.exe - ok 11:36:46.0808 4812 [ 68F61A965E05D760C27589651B193F2D ] C:\Program Files\AVAST Software\Avast\aswChLic.exe 11:36:46.0808 4812 C:\Program Files\AVAST Software\Avast\aswChLic.exe - ok 11:36:46.0824 4812 [ 1D52874272E2031D5D5FFB943B170EAF ] C:\Program Files\AVAST Software\Avast\aswRvrt.dll 11:36:46.0824 4812 C:\Program Files\AVAST Software\Avast\aswRvrt.dll - ok 11:36:46.0824 4812 [ 8BB9315A336FF4F4409C5AD6454C7FEA ] C:\Program Files\AVAST Software\Avast\aswVmm.dll 11:36:46.0824 4812 C:\Program Files\AVAST Software\Avast\aswVmm.dll - ok 11:36:46.0824 4812 [ 0B0CB3B0FEEA5385F36320A68E01EC23 ] C:\Program Files\AVAST Software\Avast\aswRunDll.exe 11:36:46.0824 4812 C:\Program Files\AVAST Software\Avast\aswRunDll.exe - ok 11:36:46.0840 4812 [ A1256565943EB598C4A7AADB4ABCA786 ] C:\Program Files\AVAST Software\Avast\aswLSRun.dll 11:36:46.0840 4812 C:\Program Files\AVAST Software\Avast\aswLSRun.dll - ok 11:36:46.0840 4812 [ FE823B5C178E35C0C862F2A952BA88EE ] C:\Program Files\AVAST Software\Avast\1041\Boot.dll 11:36:46.0840 4812 C:\Program Files\AVAST Software\Avast\1041\Boot.dll - ok 11:36:46.0840 4812 [ 4600048E0E02E9DE329A6B3903C0EF54 ] C:\Program Files\AVAST Software\Avast\1041\uiLangRes.dll 11:36:46.0840 4812 C:\Program Files\AVAST Software\Avast\1041\uiLangRes.dll - ok 11:36:46.0855 4812 [ A9176D311C8712157E821177BA024776 ] C:\Program Files\AVAST Software\Avast\AvastGUIProxy.dll 11:36:46.0855 4812 C:\Program Files\AVAST Software\Avast\AvastGUIProxy.dll - ok 11:36:46.0855 4812 [ A0E2D52E811F51D0294CB531B423CCB5 ] C:\Program Files\AVAST Software\Avast\AvastGUIProxy64.dll 11:36:46.0855 4812 C:\Program Files\AVAST Software\Avast\AvastGUIProxy64.dll - ok 11:36:46.0855 4812 [ 17D26428968B3E0E38C11D41C8DE130A ] C:\Program Files\AVAST Software\Avast\aswMonVD.dll 11:36:46.0855 4812 C:\Program Files\AVAST Software\Avast\aswMonVD.dll - ok 11:36:46.0871 4812 [ B74340BD4B31BF575561027EA93CCB94 ] C:\Program Files\AVAST Software\Avast\Setup\INF\Aavmker4.sys 11:36:46.0871 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\Aavmker4.sys - ok 11:36:46.0871 4812 [ D6CB9A991861A8F19C3762EF4FDECB50 ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswMon.sys 11:36:46.0871 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswMon.sys - ok 11:36:46.0886 4812 [ 5A3042DDFEDBF133265056714640C5DF ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswMon2.sys 11:36:46.0886 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswMon2.sys - ok 11:36:46.0886 4812 [ 5A46BB2BEB3FC1385D56EFD8B57FB537 ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswMonFlt.sys 11:36:46.0886 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswMonFlt.sys - ok 11:36:46.0886 4812 [ 2B427BAF48952868ECE8DE6A0AC2E85B ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswSP.sys 11:36:46.0886 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswSP.sys - ok 11:36:46.0902 4812 [ BE1F39FD61852D31B1E99B2DA23A3693 ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswFsBlk.sys 11:36:46.0902 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswFsBlk.sys - ok 11:36:46.0902 4812 [ 020CD9DFC85F753C84629D07EB9A16BA ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswSnx.sys 11:36:46.0902 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswSnx.sys - ok 11:36:46.0902 4812 [ 688713FF4DE824A5090BAD2E2BE3816E ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswKbd.sys 11:36:46.0902 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswKbd.sys - ok 11:36:46.0918 4812 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll 11:36:46.0918 4812 C:\Windows\SysWOW64\devrtl.dll - ok 11:36:46.0918 4812 [ E81608EF25709525A236F3A3E03855EB ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswVmm.sys 11:36:46.0918 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswVmm.sys - ok 11:36:46.0933 4812 [ C4FE2A34CC7CBDF93446768CA7AC8180 ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswRvrt.sys 11:36:46.0933 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswRvrt.sys - ok 11:36:46.0933 4812 [ 99D10F18F7D2C35A82DA99F01A2E1622 ] C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe 11:36:46.0933 4812 C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe - ok 11:36:46.0933 4812 [ 21DD338011E6861D38CC46F9B3A0E2C8 ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswBoot.exe 11:36:46.0933 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswBoot.exe - ok 11:36:46.0949 4812 [ 4CB3F8181AF2844974A4D98737CC5D26 ] C:\Program Files\AVAST Software\Avast\AavmRpch64.dll 11:36:46.0949 4812 C:\Program Files\AVAST Software\Avast\AavmRpch64.dll - ok 11:36:46.0949 4812 [ D138519D63EBDA79B90FF2872783D91F ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\netcfg_x64.exe 11:36:46.0949 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\netcfg_x64.exe - ok 11:36:46.0949 4812 [ 264FE5A8140A7420FF00FBA09F1BA4F4 ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\Aavmker4.sys 11:36:46.0949 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\Aavmker4.sys - ok 11:36:46.0964 4812 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe 11:36:46.0964 4812 C:\Windows\System32\ie4uinit.exe - ok 11:36:46.0964 4812 [ B7922A57C8C3D8AF9B9FB40DA4648B58 ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswMon2.sys 11:36:46.0964 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswMon2.sys - ok 11:36:46.0964 4812 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll 11:36:46.0964 4812 C:\Windows\System32\iedkcs32.dll - ok 11:36:46.0980 4812 [ 90980D5291F8E725700272E4B64EDA10 ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswMonFlt.sys 11:36:46.0980 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswMonFlt.sys - ok 11:36:46.0980 4812 [ D8FEC7F7BFE1BAD685DC8D1EF384693D ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswSP.sys 11:36:46.0980 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswSP.sys - ok 11:36:46.0980 4812 [ F3F5F2FDE0DEABA4F2CE336E9454FAE2 ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswFsBlk.sys 11:36:46.0980 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswFsBlk.sys - ok 11:36:46.0996 4812 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll 11:36:46.0996 4812 C:\Windows\SysWOW64\SndVolSSO.dll - ok 11:36:46.0996 4812 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll 11:36:46.0996 4812 C:\Windows\SysWOW64\hid.dll - ok 11:36:46.0996 4812 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll 11:36:46.0996 4812 C:\Windows\SysWOW64\MMDevAPI.dll - ok 11:36:47.0011 4812 [ 9237BE2AB3C7D611F1F8FB7018691BAC ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswSnx.sys 11:36:47.0011 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswSnx.sys - ok 11:36:47.0011 4812 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl 11:36:47.0011 4812 C:\Windows\SysWOW64\timedate.cpl - ok 11:36:47.0011 4812 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl 11:36:47.0011 4812 C:\Windows\System32\timedate.cpl - ok 11:36:47.0027 4812 [ 7BA96B748762759E5AC844DE672A49AD ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswKbd.sys 11:36:47.0027 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswKbd.sys - ok 11:36:47.0027 4812 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll 11:36:47.0027 4812 C:\Windows\SysWOW64\actxprxy.dll - ok 11:36:47.0027 4812 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll 11:36:47.0027 4812 C:\Windows\System32\actxprxy.dll - ok 11:36:47.0042 4812 [ 3C7D772F6059C142991D00FE3AB61D40 ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswVmm.sys 11:36:47.0042 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswVmm.sys - ok 11:36:47.0042 4812 [ A06E330475C1957C50C13B483D41F2BD ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswRvrt.sys 11:36:47.0042 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswRvrt.sys - ok 11:36:47.0058 4812 [ 68C199CA1ED9F2D1044A16159A997377 ] C:\Program Files\AVAST Software\Avast\AhAScr.dll 11:36:47.0058 4812 C:\Program Files\AVAST Software\Avast\AhAScr.dll - ok 11:36:47.0058 4812 [ 71413A520AD3D04F0FAB512E38DDA529 ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll 11:36:47.0058 4812 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok 11:36:47.0058 4812 [ FFE9271CAF7F27A6C44721192328CFE9 ] C:\Program Files\AVAST Software\Avast\aswJsFlt64.dll 11:36:47.0058 4812 C:\Program Files\AVAST Software\Avast\aswJsFlt64.dll - ok 11:36:47.0074 4812 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll 11:36:47.0074 4812 C:\Windows\System32\shdocvw.dll - ok 11:36:47.0074 4812 [ 7CCA5A4E6624BCADFAF3930343CF4BF3 ] C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll 11:36:47.0074 4812 C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll - ok 11:36:47.0074 4812 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll 11:36:47.0074 4812 C:\Windows\SysWOW64\linkinfo.dll - ok 11:36:47.0089 4812 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll 11:36:47.0089 4812 C:\Windows\System32\linkinfo.dll - ok 11:36:47.0089 4812 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\SysWOW64\SearchFolder.dll 11:36:47.0089 4812 C:\Windows\SysWOW64\SearchFolder.dll - ok 11:36:47.0089 4812 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll 11:36:47.0089 4812 C:\Windows\System32\SearchFolder.dll - ok 11:36:47.0089 4812 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\SysWOW64\msutb.dll 11:36:47.0105 4812 C:\Windows\SysWOW64\msutb.dll - ok 11:36:47.0105 4812 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll 11:36:47.0105 4812 C:\Windows\SysWOW64\shacct.dll - ok 11:36:47.0105 4812 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\SysWOW64\gameux.dll 11:36:47.0105 4812 C:\Windows\SysWOW64\gameux.dll - ok 11:36:47.0105 4812 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll 11:36:47.0105 4812 C:\Windows\System32\gameux.dll - ok 11:36:47.0120 4812 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll 11:36:47.0120 4812 C:\Windows\SysWOW64\xmllite.dll - ok 11:36:47.0120 4812 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll 11:36:47.0120 4812 C:\Windows\SysWOW64\msiltcfg.dll - ok 11:36:47.0120 4812 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll 11:36:47.0120 4812 C:\Windows\System32\msiltcfg.dll - ok 11:36:47.0136 4812 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll 11:36:47.0136 4812 C:\Windows\SysWOW64\msftedit.dll - ok 11:36:47.0136 4812 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll 11:36:47.0136 4812 C:\Windows\System32\msftedit.dll - ok 11:36:47.0136 4812 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll 11:36:47.0136 4812 C:\Windows\SysWOW64\msls31.dll - ok 11:36:47.0152 4812 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll 11:36:47.0152 4812 C:\Windows\System32\msls31.dll - ok 11:36:47.0152 4812 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll 11:36:47.0152 4812 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok 11:36:47.0152 4812 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\SysWOW64\authui.dll 11:36:47.0152 4812 C:\Windows\SysWOW64\authui.dll - ok 11:36:47.0167 4812 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll 11:36:47.0167 4812 C:\Windows\SysWOW64\cryptui.dll - ok 11:36:47.0167 4812 [ B4C246614645A02B4B31FBBAB3933994 ] C:\Windows\System32\igfxtray.exe 11:36:47.0167 4812 C:\Windows\System32\igfxtray.exe - ok 11:36:47.0167 4812 [ 652B60C9C4D5391FF0970B9086702E8F ] C:\Windows\System32\ieframe.dll 11:36:47.0167 4812 C:\Windows\System32\ieframe.dll - ok 11:36:47.0183 4812 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\49389785.sys 11:36:47.0183 4812 C:\Windows\System32\drivers\49389785.sys - ok 11:36:47.0183 4812 [ CD67A4A62C98DEFA693A4D79EB8282BC ] C:\Windows\SysWOW64\en-US\kernel32.dll.mui 11:36:47.0183 4812 C:\Windows\SysWOW64\en-US\kernel32.dll.mui - ok 11:36:47.0198 4812 [ 302052B0DECC6B5C9B9674B8130688C8 ] C:\Windows\System32\hkcmd.exe 11:36:47.0198 4812 C:\Windows\System32\hkcmd.exe - ok 11:36:47.0198 4812 [ DEC9EFC0232630A023F239F30E893364 ] C:\Windows\System32\hccutils.dll 11:36:47.0198 4812 C:\Windows\System32\hccutils.dll - ok 11:36:47.0198 4812 [ 20EAAD688308955DF09DCA40E24FB7EC ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 11:36:47.0198 4812 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok 11:36:47.0214 4812 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll 11:36:47.0214 4812 C:\Windows\SysWOW64\riched20.dll - ok 11:36:47.0214 4812 [ 8EF9E7CABAD4E1CB881F8BA8124EB226 ] C:\Windows\System32\igfxsrvc.exe 11:36:47.0214 4812 C:\Windows\System32\igfxsrvc.exe - ok 11:36:47.0230 4812 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll 11:36:47.0230 4812 C:\Windows\SysWOW64\ExplorerFrame.dll - ok 11:36:47.0230 4812 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv 11:36:47.0230 4812 C:\Windows\SysWOW64\wdmaud.drv - ok 11:36:47.0230 4812 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll 11:36:47.0230 4812 C:\Windows\SysWOW64\avrt.dll - ok 11:36:47.0245 4812 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll 11:36:47.0245 4812 C:\Windows\SysWOW64\duser.dll - ok 11:36:47.0245 4812 [ 5E20992CC504102E5460C3D7C73806A9 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 11:36:47.0245 4812 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok 11:36:47.0245 4812 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll 11:36:47.0245 4812 C:\Windows\SysWOW64\dui70.dll - ok 11:36:47.0261 4812 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll 11:36:47.0261 4812 C:\Windows\SysWOW64\AudioSes.dll - ok 11:36:47.0261 4812 [ 86B5FF963BE36DC3C9CC39EEA887EAFE ] C:\Windows\System32\igfxsrvc.dll 11:36:47.0261 4812 C:\Windows\System32\igfxsrvc.dll - ok 11:36:47.0261 4812 [ 8971731D7F7BB9851203FA3DB0E43279 ] C:\Windows\System32\igfxrjpn.lrc 11:36:47.0261 4812 C:\Windows\System32\igfxrjpn.lrc - ok 11:36:47.0276 4812 [ 95B1ED366B6A84850AA0AF8E9E958DB8 ] C:\Windows\System32\igfxress.dll 11:36:47.0276 4812 C:\Windows\System32\igfxress.dll - ok 11:36:47.0276 4812 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll 11:36:47.0276 4812 C:\Windows\SysWOW64\esent.dll - ok 11:36:47.0276 4812 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll 11:36:47.0276 4812 C:\Windows\System32\wbem\NCProv.dll - ok 11:36:47.0292 4812 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe 11:36:47.0292 4812 C:\Windows\SysWOW64\svchost.exe - ok 11:36:47.0292 4812 [ 899DD0F1C1D4FBD65E15C5A9C177F886 ] C:\Windows\SysWOW64\en-US\AudioSes.dll.mui 11:36:47.0292 4812 C:\Windows\SysWOW64\en-US\AudioSes.dll.mui - ok 11:36:47.0292 4812 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll 11:36:47.0292 4812 C:\Windows\System32\DeviceCenter.dll - ok 11:36:47.0308 4812 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll 11:36:47.0308 4812 C:\Windows\System32\wersvc.dll - ok 11:36:47.0308 4812 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll 11:36:47.0308 4812 C:\Windows\System32\esent.dll - ok 11:36:47.0308 4812 [ 8B285BDAB7735FDFB18E6F7122923B77 ] C:\Windows\SysWOW64\UIAnimation.dll 11:36:47.0308 4812 C:\Windows\SysWOW64\UIAnimation.dll - ok 11:36:47.0323 4812 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv 11:36:47.0323 4812 C:\Windows\SysWOW64\msacm32.drv - ok 11:36:47.0323 4812 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll 11:36:47.0323 4812 C:\Windows\System32\UIAnimation.dll - ok 11:36:47.0323 4812 [ D03DDC67CACF37DAEF70E7FF41DE089C ] C:\Windows\System32\igfxpers.exe 11:36:47.0323 4812 C:\Windows\System32\igfxpers.exe - ok 11:36:47.0339 4812 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll 11:36:47.0339 4812 C:\Windows\SysWOW64\stobject.dll - ok 11:36:47.0339 4812 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll 11:36:47.0339 4812 C:\Windows\System32\stobject.dll - ok 11:36:47.0339 4812 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll 11:36:47.0339 4812 C:\Windows\SysWOW64\batmeter.dll - ok 11:36:47.0339 4812 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll 11:36:47.0339 4812 C:\Windows\SysWOW64\dsound.dll - ok 11:36:47.0354 4812 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll 11:36:47.0354 4812 C:\Windows\System32\batmeter.dll - ok 11:36:47.0354 4812 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll 11:36:47.0354 4812 C:\Windows\SysWOW64\midimap.dll - ok 11:36:47.0354 4812 [ ACD88DB968EC69740EEC6DF61B778493 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 11:36:47.0354 4812 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok 11:36:47.0370 4812 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll 11:36:47.0370 4812 C:\Windows\SysWOW64\es.dll - ok 11:36:47.0370 4812 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll 11:36:47.0370 4812 C:\Windows\SysWOW64\opengl32.dll - ok 11:36:47.0370 4812 [ 3222C43F2B8BCA7F4BFE4434C3A8EA89 ] C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe 11:36:47.0370 4812 C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe - ok 11:36:47.0386 4812 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll 11:36:47.0386 4812 C:\Windows\SysWOW64\prnfldr.dll - ok 11:36:47.0386 4812 [ 1E7E20AEB43FF4F93F291F2241C22B04 ] C:\Windows\System32\igfxdev.dll 11:36:47.0386 4812 C:\Windows\System32\igfxdev.dll - ok 11:36:47.0386 4812 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll 11:36:47.0386 4812 C:\Windows\System32\prnfldr.dll - ok 11:36:47.0386 4812 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll 11:36:47.0386 4812 C:\Windows\SysWOW64\glu32.dll - ok 11:36:47.0401 4812 [ 96C0E38905CFD788313BE8E11DAE3F2F ] C:\Windows\SysWOW64\cryptsvc.dll 11:36:47.0401 4812 C:\Windows\SysWOW64\cryptsvc.dll - ok 11:36:47.0401 4812 [ 642725C62F565DCC3697885EE72BCB32 ] C:\Windows\SysWOW64\en-US\glu32.dll.mui 11:36:47.0401 4812 C:\Windows\SysWOW64\en-US\glu32.dll.mui - ok 11:36:47.0401 4812 [ F0474296AC4E0E6BDE733C1B8513E41A ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe 11:36:47.0401 4812 C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe - ok 11:36:47.0417 4812 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll 11:36:47.0417 4812 C:\Windows\System32\DXP.dll - ok 11:36:47.0417 4812 [ 9315293B5F47E1BDEBCAFF53F279C1BF ] C:\Windows\SysWOW64\en-US\prnfldr.dll.mui 11:36:47.0417 4812 C:\Windows\SysWOW64\en-US\prnfldr.dll.mui - ok 11:36:47.0417 4812 [ 1E7F7800F2EE1F15D866D7AAFF7B1EE5 ] C:\Windows\SysWOW64\en-US\oledlg.dll.mui 11:36:47.0417 4812 C:\Windows\SysWOW64\en-US\oledlg.dll.mui - ok 11:36:47.0432 4812 [ C13B42E5692C98A2660135E4BEB26A1A ] C:\Users\Heavy Metal Miku\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe 11:36:47.0432 4812 C:\Users\Heavy Metal Miku\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe - ok 11:36:47.0432 4812 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll 11:36:47.0432 4812 C:\Windows\SysWOW64\Syncreg.dll - ok 11:36:47.0432 4812 [ 08F41D439573071E0D9559A87B3B4A63 ] C:\Program Files\Acer\Acer ePower Management\BrightnessControl.dll 11:36:47.0432 4812 C:\Program Files\Acer\Acer ePower Management\BrightnessControl.dll - ok 11:36:47.0448 4812 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll 11:36:47.0448 4812 C:\Windows\System32\Syncreg.dll - ok 11:36:47.0448 4812 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll 11:36:47.0448 4812 C:\Windows\System32\dsound.dll - ok 11:36:47.0448 4812 [ 4180FFF15CA42F5C36085BBB3B6742B0 ] C:\Windows\SysWOW64\SynCOM.dll 11:36:47.0448 4812 C:\Windows\SysWOW64\SynCOM.dll - ok 11:36:47.0464 4812 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll 11:36:47.0464 4812 C:\Windows\SysWOW64\thumbcache.dll - ok 11:36:47.0464 4812 [ C652C08AF20258449EC350FD5568AAB0 ] C:\Windows\System32\en-US\dxp.dll.mui 11:36:47.0464 4812 C:\Windows\System32\en-US\dxp.dll.mui - ok 11:36:47.0464 4812 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll 11:36:47.0464 4812 C:\Windows\System32\RtkCfg64.dll - ok 11:36:47.0479 4812 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll 11:36:47.0479 4812 C:\Windows\System32\thumbcache.dll - ok 11:36:47.0479 4812 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll 11:36:47.0479 4812 C:\Windows\SysWOW64\dxva2.dll - ok 11:36:47.0479 4812 [ 79DE9216B4800813CC3EFA8048F7B038 ] C:\Windows\SysWOW64\mmres.dll 11:36:47.0479 4812 C:\Windows\SysWOW64\mmres.dll - ok 11:36:47.0479 4812 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll 11:36:47.0479 4812 C:\Windows\System32\opengl32.dll - ok 11:36:47.0495 4812 [ 732FCC47D7F3C83AB464D8953825CBAC ] C:\Windows\System32\SynTPAPI.dll 11:36:47.0495 4812 C:\Windows\System32\SynTPAPI.dll - ok 11:36:47.0495 4812 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll 11:36:47.0495 4812 C:\Windows\ehome\ehSSO.dll - ok 11:36:47.0495 4812 [ C73AD671B6516DBBA2721E1A1395C116 ] C:\Program Files\Acer\Acer ePower Management\CommonControl.dll 11:36:47.0495 4812 C:\Program Files\Acer\Acer ePower Management\CommonControl.dll - ok 11:36:47.0510 4812 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll 11:36:47.0510 4812 C:\Windows\System32\IccLibDll_x64.dll - ok 11:36:47.0510 4812 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\SysWOW64\AudioEng.dll 11:36:47.0510 4812 C:\Windows\SysWOW64\AudioEng.dll - ok 11:36:47.0510 4812 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll 11:36:47.0510 4812 C:\Windows\System32\glu32.dll - ok 11:36:47.0510 4812 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll 11:36:47.0510 4812 C:\Windows\SysWOW64\dxgi.dll - ok 11:36:47.0526 4812 [ 5BBC10542EB70D60E3E659B8440399C2 ] C:\Program Files\Synaptics\SynTP\SynZMetr.exe 11:36:47.0526 4812 C:\Program Files\Synaptics\SynTP\SynZMetr.exe - ok 11:36:47.0526 4812 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll 11:36:47.0526 4812 C:\Windows\System32\FXSST.dll - ok 11:36:47.0526 4812 [ 2BE75D317951D3B0119638D247EE3D5C ] C:\Program Files\Synaptics\SynTP\SynMood.exe 11:36:47.0526 4812 C:\Program Files\Synaptics\SynTP\SynMood.exe - ok 11:36:47.0542 4812 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll 11:36:47.0542 4812 C:\Windows\System32\ddraw.dll - ok 11:36:47.0542 4812 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll 11:36:47.0542 4812 C:\Windows\SysWOW64\FXSAPI.dll - ok 11:36:47.0542 4812 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll 11:36:47.0542 4812 C:\Windows\System32\FXSAPI.dll - ok 11:36:47.0557 4812 [ 8B211FFCCC2C08DDC0FD023E70A13DD8 ] C:\Windows\System32\R4EEA64A.dll 11:36:47.0557 4812 C:\Windows\System32\R4EEA64A.dll - ok 11:36:47.0557 4812 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll 11:36:47.0557 4812 C:\Windows\SysWOW64\FXSRESM.dll - ok 11:36:47.0557 4812 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll 11:36:47.0557 4812 C:\Windows\System32\dciman32.dll - ok 11:36:47.0573 4812 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll 11:36:47.0573 4812 C:\Windows\SysWOW64\AltTab.dll - ok 11:36:47.0573 4812 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll 11:36:47.0573 4812 C:\Windows\System32\msimg32.dll - ok 11:36:47.0573 4812 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll 11:36:47.0573 4812 C:\Windows\System32\FXSRESM.dll - ok 11:36:47.0573 4812 [ C18CC13B289A6025E6BF657A3C9D0746 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 11:36:47.0573 4812 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok 11:36:47.0588 4812 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll 11:36:47.0588 4812 C:\Windows\System32\oledlg.dll - ok 11:36:47.0588 4812 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll 11:36:47.0588 4812 C:\Windows\SysWOW64\networkexplorer.dll - ok 11:36:47.0588 4812 [ DE066239FEAB3DB5EF14429EBA175D62 ] C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll 11:36:47.0588 4812 C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll - ok 11:36:47.0604 4812 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll 11:36:47.0604 4812 C:\Windows\System32\networkexplorer.dll - ok 11:36:47.0604 4812 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll 11:36:47.0604 4812 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok 11:36:47.0604 4812 [ F840FDC9B97D4A4B898A32AE2F6791AB ] C:\Program Files\AVAST Software\Avast\AvastBCL-Sfx.exe 11:36:47.0604 4812 C:\Program Files\AVAST Software\Avast\AvastBCL-Sfx.exe - ok 11:36:47.0620 4812 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll 11:36:47.0620 4812 C:\Windows\SysWOW64\pnidui.dll - ok 11:36:47.0620 4812 [ 3701E4B5918D3AF0054C3F4E58340C45 ] C:\Program Files\AVAST Software\Avast\asulaunch.exe 11:36:47.0620 4812 C:\Program Files\AVAST Software\Avast\asulaunch.exe - ok 11:36:47.0620 4812 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL 11:36:47.0620 4812 C:\Windows\SysWOW64\QUTIL.DLL - ok 11:36:47.0635 4812 [ A21E91366EDC8ABD10142C533546C54F ] C:\Windows\System32\GfxUI.exe 11:36:47.0635 4812 C:\Windows\System32\GfxUI.exe - ok 11:36:47.0635 4812 [ 3439ACA52CE19DFEEB26E2316983AB4B ] C:\Windows\System32\SynCOM.dll 11:36:47.0635 4812 C:\Windows\System32\SynCOM.dll - ok 11:36:47.0635 4812 [ E429410581E60535B555DDA729424885 ] C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe 11:36:47.0635 4812 C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe - ok 11:36:47.0651 4812 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll 11:36:47.0651 4812 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok 11:36:47.0651 4812 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll 11:36:47.0651 4812 C:\Windows\System32\WPDShServiceObj.dll - ok 11:36:47.0651 4812 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll 11:36:47.0651 4812 C:\Windows\SysWOW64\srchadmin.dll - ok 11:36:47.0666 4812 [ 7B7ADA3DC8CDB3C820DF7C9B208DB0D5 ] C:\Program Files\AVAST Software\Avast\Setup\INF\v5\aswnet.sys 11:36:47.0666 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\v5\aswnet.sys - ok 11:36:47.0666 4812 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll 11:36:47.0666 4812 C:\Windows\System32\AltTab.dll - ok 11:36:47.0666 4812 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll 11:36:47.0666 4812 C:\Windows\System32\PortableDeviceTypes.dll - ok 11:36:47.0666 4812 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl 11:36:47.0666 4812 C:\Windows\SysWOW64\bthprops.cpl - ok 11:36:47.0682 4812 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\SysWOW64\ncsi.dll 11:36:47.0682 4812 C:\Windows\SysWOW64\ncsi.dll - ok 11:36:47.0682 4812 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll 11:36:47.0682 4812 C:\Windows\System32\pnidui.dll - ok 11:36:47.0682 4812 [ B2742EA6ED844D747E2348A504E491CB ] C:\Windows\System32\dxva2.dll 11:36:47.0682 4812 C:\Windows\System32\dxva2.dll - ok 11:36:47.0698 4812 [ A25D6C5DD53F2F85F6E3FC7EC93ECFCF ] C:\Program Files (x86)\DuckLink\DuckCapture\QtSolutions_SingleApplication-head.dll 11:36:47.0698 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtSolutions_SingleApplication-head.dll - ok 11:36:47.0698 4812 [ 3DC9AD47BAA02C954E965063737B477B ] C:\Program Files (x86)\DuckLink\DuckCapture\QtGui4.dll 11:36:47.0698 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtGui4.dll - ok 11:36:47.0698 4812 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL 11:36:47.0698 4812 C:\Windows\System32\QUTIL.DLL - ok 11:36:47.0713 4812 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll 11:36:47.0713 4812 C:\Windows\System32\wbem\wmipcima.dll - ok 11:36:47.0713 4812 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll 11:36:47.0713 4812 C:\Windows\SysWOW64\wevtapi.dll - ok 11:36:47.0713 4812 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll 11:36:47.0713 4812 C:\Windows\SysWOW64\tquery.dll - ok 11:36:47.0729 4812 [ BB7481A1306823D1B6592263F1AB8DD7 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe 11:36:47.0729 4812 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok 11:36:47.0729 4812 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe 11:36:47.0729 4812 C:\Windows\System32\FXSSVC.exe - ok 11:36:47.0729 4812 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll 11:36:47.0729 4812 C:\Windows\SysWOW64\browcli.dll - ok 11:36:47.0744 4812 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll 11:36:47.0744 4812 C:\Windows\System32\srchadmin.dll - ok 11:36:47.0744 4812 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll 11:36:47.0744 4812 C:\Windows\SysWOW64\schedcli.dll - ok 11:36:47.0744 4812 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll 11:36:47.0744 4812 C:\Windows\SysWOW64\mssprxy.dll - ok 11:36:47.0760 4812 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl 11:36:47.0760 4812 C:\Windows\System32\bthprops.cpl - ok 11:36:47.0760 4812 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe 11:36:47.0760 4812 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok 11:36:47.0760 4812 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe 11:36:47.0760 4812 C:\Windows\System32\wbem\WmiPrvSE.exe - ok 11:36:47.0776 4812 [ 81B31773039DD1FEDACE4FCA1E5A45ED ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\ProtocolHandlerPS.dll 11:36:47.0776 4812 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\ProtocolHandlerPS.dll - ok 11:36:47.0776 4812 [ 44C88CDCD9BDA038DF41333C60624824 ] C:\Program Files (x86)\DuckLink\DuckCapture\QtCore4.dll 11:36:47.0776 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtCore4.dll - ok 11:36:47.0776 4812 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll 11:36:47.0776 4812 C:\Windows\SysWOW64\ksuser.dll - ok 11:36:47.0791 4812 [ DF868412F45988D2A262A85CB8ED9043 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OWSSuppPS.dll 11:36:47.0791 4812 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OWSSuppPS.dll - ok 11:36:47.0791 4812 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe 11:36:47.0791 4812 C:\Windows\SysWOW64\SearchIndexer.exe - ok 11:36:47.0791 4812 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll 11:36:47.0791 4812 C:\Windows\SysWOW64\rasdlg.dll - ok 11:36:47.0791 4812 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe 11:36:47.0791 4812 C:\Windows\System32\SearchIndexer.exe - ok 11:36:47.0807 4812 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll 11:36:47.0807 4812 C:\Windows\System32\wbem\cimwin32.dll - ok 11:36:47.0807 4812 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll 11:36:47.0807 4812 C:\Windows\System32\rasdlg.dll - ok 11:36:47.0807 4812 [ 8B968045D75783A09592C3105F2865DA ] C:\Users\Heavy Metal Miku\Desktop\dds.scr 11:36:47.0807 4812 C:\Users\Heavy Metal Miku\Desktop\dds.scr - ok 11:36:47.0822 4812 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll 11:36:47.0822 4812 C:\Windows\SysWOW64\mssrch.dll - ok 11:36:47.0822 4812 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll 11:36:47.0822 4812 C:\Windows\SysWOW64\mprapi.dll - ok 11:36:47.0822 4812 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\SysWOW64\framedynos.dll 11:36:47.0822 4812 C:\Windows\SysWOW64\framedynos.dll - ok 11:36:47.0838 4812 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll 11:36:47.0838 4812 C:\Windows\System32\mprapi.dll - ok 11:36:47.0838 4812 [ E94037020D973D8CE196ADAA264BB19E ] C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll 11:36:47.0838 4812 C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll - ok 11:36:47.0838 4812 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll 11:36:47.0838 4812 C:\Windows\SysWOW64\rasapi32.dll - ok 11:36:47.0854 4812 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll 11:36:47.0854 4812 C:\Windows\SysWOW64\rasman.dll - ok 11:36:47.0854 4812 [ CDD9EF69189F21AB3F73789DE741D35D ] C:\Program Files (x86)\DuckLink\DuckCapture\QtNetwork4.dll 11:36:47.0854 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtNetwork4.dll - ok 11:36:47.0854 4812 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll 11:36:47.0854 4812 C:\Windows\SysWOW64\rtutils.dll - ok 11:36:47.0869 4812 [ 7619D9ABB017DEBB29D0793A9C2B64A8 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe 11:36:47.0869 4812 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe - ok 11:36:47.0869 4812 [ 86AE7188850AB20FABD2DAF562EAF731 ] C:\Program Files (x86)\DuckLink\DuckCapture\DuckCore.dll 11:36:47.0869 4812 C:\Program Files (x86)\DuckLink\DuckCapture\DuckCore.dll - ok 11:36:47.0869 4812 [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL 11:36:47.0869 4812 C:\Windows\SysWOW64\KBDUS.DLL - ok 11:36:47.0885 4812 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll 11:36:47.0885 4812 C:\Windows\System32\framedynos.dll - ok 11:36:47.0885 4812 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll 11:36:47.0885 4812 C:\Windows\SysWOW64\msidle.dll - ok 11:36:47.0885 4812 [ 6FDF222B791EA2E12F54C320EADF28C4 ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll 11:36:47.0885 4812 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll - ok 11:36:47.0900 4812 [ 0D360F06B168A6F37ACA9D9F958245DA ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe 11:36:47.0900 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe - ok 11:36:47.0900 4812 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe 11:36:47.0900 4812 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok 11:36:47.0900 4812 [ 48B5EA6C0CA4B0A788444224A40ED21F ] C:\Program Files (x86)\DuckLink\DuckCapture\QtSolutions_PropertyBrowser-head.dll 11:36:47.0900 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtSolutions_PropertyBrowser-head.dll - ok 11:36:47.0916 4812 [ AAE606B26B42AE596B2D9FBBD35A3A19 ] C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll 11:36:47.0916 4812 C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll - ok 11:36:47.0916 4812 [ 367EACCF8FE6FEF31FE79FCF68D4CDCE ] C:\Windows\System32\igfxext.exe 11:36:47.0916 4812 C:\Windows\System32\igfxext.exe - ok 11:36:47.0916 4812 [ BC83108B18756547013ED443B8CDB31B ] C:\Program Files (x86)\DuckLink\DuckCapture\msvcp100.dll 11:36:47.0916 4812 C:\Program Files (x86)\DuckLink\DuckCapture\msvcp100.dll - ok 11:36:47.0932 4812 [ E9117F0FB2403B8188E7863662F23946 ] C:\Program Files (x86)\DuckLink\DuckCapture\QtScript4.dll 11:36:47.0932 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtScript4.dll - ok 11:36:47.0932 4812 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Program Files (x86)\DuckLink\DuckCapture\msvcr100.dll 11:36:47.0932 4812 C:\Program Files (x86)\DuckLink\DuckCapture\msvcr100.dll - ok 11:36:47.0932 4812 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll 11:36:47.0932 4812 C:\Windows\SysWOW64\WWanAPI.dll - ok 11:36:47.0947 4812 [ E6CC0FA3C1040C791EB3F4BA6C789411 ] C:\Dolby PCEE4\pcee4.exe 11:36:47.0947 4812 C:\Dolby PCEE4\pcee4.exe - ok 11:36:47.0947 4812 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll 11:36:47.0947 4812 C:\Windows\System32\WWanAPI.dll - ok 11:36:47.0947 4812 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll 11:36:47.0947 4812 C:\Windows\System32\tquery.dll - ok 11:36:47.0963 4812 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll 11:36:47.0963 4812 C:\Program Files\Windows Media Player\wmpnssci.dll - ok 11:36:47.0963 4812 [ 396C81DF1B349F60C893C6862A6DBAA9 ] C:\Windows\System32\igfxexps.dll 11:36:47.0963 4812 C:\Windows\System32\igfxexps.dll - ok 11:36:47.0963 4812 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll 11:36:47.0963 4812 C:\Windows\SysWOW64\wwapi.dll - ok 11:36:47.0978 4812 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll 11:36:47.0978 4812 C:\Windows\System32\wwapi.dll - ok 11:36:47.0978 4812 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 11:36:47.0978 4812 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok 11:36:47.0978 4812 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL 11:36:47.0978 4812 C:\Windows\SysWOW64\QAGENT.DLL - ok 11:36:47.0994 4812 [ FB063A7D64A5F67DE13EFAEA55E60FEB ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\chrome.dll 11:36:47.0994 4812 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\chrome.dll - ok 11:36:47.0994 4812 [ 8D6276455E3F94AF22D06A4BE3A49429 ] C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe 11:36:47.0994 4812 C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe - ok 11:36:47.0994 4812 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL 11:36:47.0994 4812 C:\Windows\System32\QAGENT.DLL - ok 11:36:48.0010 4812 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe 11:36:48.0010 4812 C:\Windows\System32\wbem\unsecapp.exe - ok 11:36:48.0010 4812 [ 2ADC102A6D92BFB1F092A1A165E24181 ] C:\Program Files (x86)\Launch Manager\LManager.exe 11:36:48.0010 4812 C:\Program Files (x86)\Launch Manager\LManager.exe - ok 11:36:48.0010 4812 [ EE373B29746ACF31267AAE3AD69A5885 ] C:\Program Files (x86)\DuckLink\DuckCapture\QtScriptTools4.dll 11:36:48.0010 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtScriptTools4.dll - ok 11:36:48.0025 4812 [ 311DC5224497C93AE966BAC37ACE0690 ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\icudt.dll 11:36:48.0025 4812 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\icudt.dll - ok 11:36:48.0025 4812 [ BF0A9D0AA8706C5E694A63354DC7FDB2 ] C:\Program Files (x86)\NTI\Acer Backup Manager\LUInterface.dll 11:36:48.0025 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\LUInterface.dll - ok 11:36:48.0025 4812 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll 11:36:48.0025 4812 C:\Windows\System32\mssrch.dll - ok 11:36:48.0041 4812 [ 24400819CDAF1D018030BEEDD7B87046 ] C:\Program Files (x86)\DuckLink\DuckCapture\QxtGui.dll 11:36:48.0041 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QxtGui.dll - ok 11:36:48.0041 4812 [ E0BBBB56A661B872A163CE3132F6FBA1 ] C:\Program Files (x86)\NTI\Acer Backup Manager\MUI\0409\Lang.dll 11:36:48.0041 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\MUI\0409\Lang.dll - ok 11:36:48.0056 4812 [ CDC7236484FC0E35C66578ECE8139672 ] C:\Program Files (x86)\DuckLink\DuckCapture\QxtCore.dll 11:36:48.0056 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QxtCore.dll - ok 11:36:48.0056 4812 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll 11:36:48.0056 4812 C:\Windows\SysWOW64\mscoree.dll - ok 11:36:48.0056 4812 [ 4EA2353A8DE4F486F1DF9EBD1FCDD5AD ] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe 11:36:48.0056 4812 C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe - ok 11:36:48.0072 4812 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe 11:36:48.0072 4812 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok 11:36:48.0072 4812 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll 11:36:48.0072 4812 C:\Windows\System32\msidle.dll - ok 11:36:48.0072 4812 [ 3C00870E9DC573EE2256243D84AEBB38 ] C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qgif4.dll 11:36:48.0072 4812 C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qgif4.dll - ok 11:36:48.0088 4812 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll 11:36:48.0088 4812 C:\Windows\System32\mssprxy.dll - ok 11:36:48.0088 4812 [ A85A8813FE042C1D9B1FC70B7C0EE1C8 ] C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qico4.dll 11:36:48.0088 4812 C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qico4.dll - ok 11:36:48.0088 4812 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll 11:36:48.0088 4812 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok 11:36:48.0103 4812 [ A2949E68F77A9A69646C9C6EAF5CDA89 ] C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qjpeg4.dll 11:36:48.0103 4812 C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qjpeg4.dll - ok 11:36:48.0103 4812 [ D35187E38B0BD6E116C2CE582CAC4273 ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe 11:36:48.0103 4812 C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe - ok 11:36:48.0119 4812 [ 43C9CF6825CEA58F1815B7C3DBBB385C ] C:\Windows\SysWOW64\Wpc.dll 11:36:48.0119 4812 C:\Windows\SysWOW64\Wpc.dll - ok 11:36:48.0119 4812 [ 8651ABE581848284D5370B8EEE6E6445 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\c6a07bfaa9adcbdcf92f2f6412b5adee\PresentationFramework.ni.dll 11:36:48.0119 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\c6a07bfaa9adcbdcf92f2f6412b5adee\PresentationFramework.ni.dll - ok 11:36:48.0119 4812 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll 11:36:48.0119 4812 C:\Windows\System32\wsock32.dll - ok 11:36:48.0134 4812 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui 11:36:48.0134 4812 C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok 11:36:48.0134 4812 [ 5BF8E37FA1E25227480F9CD2ACA21FB6 ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\d3dcompiler_46.dll 11:36:48.0134 4812 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\d3dcompiler_46.dll - ok 11:36:48.0134 4812 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui 11:36:48.0134 4812 C:\Windows\System32\en-US\tquery.dll.mui - ok 11:36:48.0150 4812 [ A07F12FA297F3F074D496B333C259AFA ] C:\Program Files (x86)\Launch Manager\COMFNUTL.DLL 11:36:48.0150 4812 C:\Program Files (x86)\Launch Manager\COMFNUTL.DLL - ok 11:36:48.0150 4812 [ 35AC4B63CBB9FB6B4472913E9948B517 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 11:36:48.0150 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok 11:36:48.0150 4812 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll 11:36:48.0150 4812 C:\Windows\SysWOW64\wmp.dll - ok 11:36:48.0166 4812 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files (x86)\Acer\clear.fi\Movie\MFC71.dll 11:36:48.0166 4812 C:\Program Files (x86)\Acer\clear.fi\Movie\MFC71.dll - ok 11:36:48.0166 4812 [ 8877094AC20DD2C1B03B478256BC9D1B ] C:\Program Files (x86)\DuckLink\DuckCapture\DuckUpdate.exe 11:36:48.0166 4812 C:\Program Files (x86)\DuckLink\DuckCapture\DuckUpdate.exe - ok 11:36:48.0166 4812 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\SysWOW64\wmdrmdev.dll 11:36:48.0166 4812 C:\Windows\SysWOW64\wmdrmdev.dll - ok 11:36:48.0181 4812 [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe 11:36:48.0181 4812 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok 11:36:48.0181 4812 [ 916A2C4EB028604783FD5EA169236C1D ] C:\Program Files (x86)\QuickTime\QTTask.exe 11:36:48.0181 4812 C:\Program Files (x86)\QuickTime\QTTask.exe - ok 11:36:48.0181 4812 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files (x86)\Acer\clear.fi\Movie\msvcr71.dll 11:36:48.0181 4812 C:\Program Files (x86)\Acer\clear.fi\Movie\msvcr71.dll - ok 11:36:48.0197 4812 [ 632A6D75FEEABC846EE9AEC33345EF34 ] C:\Program Files (x86)\Launch Manager\CDROMUTL.DLL 11:36:48.0197 4812 C:\Program Files (x86)\Launch Manager\CDROMUTL.DLL - ok 11:36:48.0197 4812 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files (x86)\Acer\clear.fi\Movie\msvcp71.dll 11:36:48.0197 4812 C:\Program Files (x86)\Acer\clear.fi\Movie\msvcp71.dll - ok 11:36:48.0197 4812 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll 11:36:48.0197 4812 C:\Windows\System32\wmdrmdev.dll - ok 11:36:48.0212 4812 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll 11:36:48.0212 4812 C:\Windows\System32\wmp.dll - ok 11:36:48.0212 4812 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 11:36:48.0212 4812 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok 11:36:48.0212 4812 [ 5366AC5299ECD86011E6F757AB472D6B ] C:\Program Files (x86)\DuckLink\DuckCapture\QtXml4.dll 11:36:48.0212 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtXml4.dll - ok 11:36:48.0228 4812 [ 69259DD752862F5665413AFCFB4C0B0E ] C:\Program Files (x86)\Launch Manager\MIXERUTL.DLL 11:36:48.0228 4812 C:\Program Files (x86)\Launch Manager\MIXERUTL.DLL - ok 11:36:48.0228 4812 [ CE7803953FE7314061B3F9188D310EB2 ] C:\Windows\SysWOW64\en-US\KernelBase.dll.mui 11:36:48.0228 4812 C:\Windows\SysWOW64\en-US\KernelBase.dll.mui - ok 11:36:48.0228 4812 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll 11:36:48.0228 4812 C:\Windows\System32\riched20.dll - ok 11:36:48.0244 4812 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\SysWOW64\drmv2clt.dll 11:36:48.0244 4812 C:\Windows\SysWOW64\drmv2clt.dll - ok 11:36:48.0244 4812 [ 1C794C31957D79FF217417788EDDAAE6 ] C:\Windows\SysWOW64\igdumdx32.dll 11:36:48.0244 4812 C:\Windows\SysWOW64\igdumdx32.dll - ok 11:36:48.0244 4812 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll 11:36:48.0244 4812 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok 11:36:48.0259 4812 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll 11:36:48.0259 4812 C:\Windows\System32\drmv2clt.dll - ok 11:36:48.0259 4812 [ A53F59BC46766CE79E407AB6F451100D ] C:\Program Files (x86)\Launch Manager\WND2FILE.DLL 11:36:48.0259 4812 C:\Program Files (x86)\Launch Manager\WND2FILE.DLL - ok 11:36:48.0259 4812 [ 8C22C6088057A00EAE7D963600F26EEB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll 11:36:48.0259 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok 11:36:48.0275 4812 [ 2DEDC3AFE3C49B5DAE717D0A9BEBF298 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll 11:36:48.0275 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok 11:36:48.0275 4812 [ C9D237B353F85EEDC5850BA91C890FB6 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll 11:36:48.0275 4812 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok 11:36:48.0275 4812 [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll 11:36:48.0275 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok 11:36:48.0290 4812 [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll 11:36:48.0290 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok 11:36:48.0290 4812 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll 11:36:48.0290 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok 11:36:48.0306 4812 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll 11:36:48.0306 4812 C:\Windows\System32\SensApi.dll - ok 11:36:48.0306 4812 [ 71FC112959B07D686E71541BD9D4F237 ] C:\Program Files (x86)\Launch Manager\PowerUtl.dll 11:36:48.0306 4812 C:\Program Files (x86)\Launch Manager\PowerUtl.dll - ok 11:36:48.0306 4812 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll 11:36:48.0306 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok 11:36:48.0322 4812 [ 8216632631FC5F7EFA1D0D9F34921522 ] C:\Windows\SysWOW64\igdumd32.dll 11:36:48.0322 4812 C:\Windows\SysWOW64\igdumd32.dll - ok 11:36:48.0322 4812 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL 11:36:48.0322 4812 C:\Windows\SysWOW64\wmploc.DLL - ok 11:36:48.0322 4812 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll 11:36:48.0322 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok 11:36:48.0337 4812 [ DD565DB0B1E3BDE45A7363137EEC4ABB ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\bdb1edb6d1f474a6c58d77ad9782de60\WindowsBase.ni.dll 11:36:48.0337 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\bdb1edb6d1f474a6c58d77ad9782de60\WindowsBase.ni.dll - ok 11:36:48.0337 4812 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll 11:36:48.0337 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok 11:36:48.0337 4812 [ 20D30D8717E9DFF90224B5AB37410D9D ] C:\Program Files (x86)\Launch Manager\OSDUTL2.DLL 11:36:48.0337 4812 C:\Program Files (x86)\Launch Manager\OSDUTL2.DLL - ok 11:36:48.0353 4812 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL 11:36:48.0353 4812 C:\Windows\System32\wmploc.DLL - ok 11:36:48.0353 4812 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll 11:36:48.0353 4812 C:\Windows\SysWOW64\mfplat.dll - ok 11:36:48.0353 4812 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll 11:36:48.0353 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok 11:36:48.0368 4812 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll 11:36:48.0368 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok 11:36:48.0368 4812 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll 11:36:48.0368 4812 C:\Windows\System32\wbem\wmiprov.dll - ok 11:36:48.0384 4812 [ FD5A0A28AAEA0421039242A9D592212B ] C:\Program Files (x86)\Launch Manager\SZUPFUTL.DLL 11:36:48.0384 4812 C:\Program Files (x86)\Launch Manager\SZUPFUTL.DLL - ok 11:36:48.0384 4812 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll 11:36:48.0384 4812 C:\Windows\System32\mfplat.dll - ok 11:36:48.0384 4812 [ BBA662DC6FCCCCDF8EC2C4B8AE60FD3E ] C:\Program Files (x86)\Launch Manager\RadioWndUtl.dll 11:36:48.0384 4812 C:\Program Files (x86)\Launch Manager\RadioWndUtl.dll - ok 11:36:48.0400 4812 [ 211A2E13715834F67F2CC8B559689751 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\9009e8d122b1f2e427c226b26416d0d9\PresentationCore.ni.dll 11:36:48.0400 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\9009e8d122b1f2e427c226b26416d0d9\PresentationCore.ni.dll - ok 11:36:48.0400 4812 [ 8A6B867FC26B9850D446D2D86E5DB071 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll 11:36:48.0400 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok 11:36:48.0400 4812 [ 4DE1EBB2314E2F10AC9EC83138193F8B ] C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll 11:36:48.0400 4812 C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll - ok 11:36:48.0415 4812 [ 57E8C7791AB2596AFB8EE1273C2DF1F8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll 11:36:48.0415 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok 11:36:48.0415 4812 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll 11:36:48.0415 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok 11:36:48.0415 4812 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 11:36:48.0415 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok 11:36:48.0431 4812 [ C3C8D359D1FCB72941F75F8A302BFBDE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 11:36:48.0431 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok 11:36:48.0431 4812 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll 11:36:48.0431 4812 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok 11:36:48.0446 4812 [ 99AF7D470D7290DD31C1FABC569509CD ] C:\Program Files\GIMP 2\bin\gimp-2.8.exe 11:36:48.0446 4812 C:\Program Files\GIMP 2\bin\gimp-2.8.exe - ok 11:36:48.0446 4812 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\SysWOW64\blackbox.dll 11:36:48.0446 4812 C:\Windows\SysWOW64\blackbox.dll - ok 11:36:48.0446 4812 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll 11:36:48.0446 4812 C:\Windows\System32\blackbox.dll - ok 11:36:48.0462 4812 [ 6A5D3AE77CA9145104ADC747777FF811 ] C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe 11:36:48.0462 4812 C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe - ok 11:36:48.0462 4812 [ 00B0ACE97EAA8A8F1CC1867E49B1FE74 ] C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe 11:36:48.0462 4812 C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe - ok 11:36:48.0462 4812 [ 107E580D33857A1A70ADB0D03AEAB675 ] C:\Users\Heavy Metal Miku\Desktop\PSO2_SETUP.exe 11:36:48.0462 4812 C:\Users\Heavy Metal Miku\Desktop\PSO2_SETUP.exe - ok 11:36:48.0478 4812 [ 38D845C642A072902E21D5F769E992A3 ] C:\Program Files (x86)\Launch Manager\aipflib.dll 11:36:48.0478 4812 C:\Program Files (x86)\Launch Manager\aipflib.dll - ok 11:36:48.0478 4812 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll 11:36:48.0478 4812 C:\Windows\SysWOW64\upnp.dll - ok 11:36:48.0493 4812 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll 11:36:48.0493 4812 C:\Windows\System32\upnp.dll - ok 11:36:48.0493 4812 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll 11:36:48.0493 4812 C:\Windows\SysWOW64\ssdpapi.dll - ok 11:36:48.0493 4812 [ B18B6ACD4793205929E41C3AE00B689A ] C:\Windows\SysWOW64\en-US\tzres.dll.mui 11:36:48.0493 4812 C:\Windows\SysWOW64\en-US\tzres.dll.mui - ok 11:36:48.0509 4812 [ A50E0D4F65C0116EE297E4BB898F8DF9 ] C:\Program Files (x86)\Launch Manager\MMDUtl.dll 11:36:48.0509 4812 C:\Program Files (x86)\Launch Manager\MMDUtl.dll - ok 11:36:48.0509 4812 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll 11:36:48.0509 4812 C:\Windows\System32\ssdpsrv.dll - ok 11:36:48.0509 4812 ============================================================ 11:36:48.0509 4812 Scan finished 11:36:48.0509 4812 ============================================================ 11:36:48.0524 0932 Detected object count: 2 11:36:48.0524 0932 Actual detected object count: 2 11:38:38.0723 0932 \Device\Harddisk0\DR0\# - copied to quarantine 11:38:38.0770 0932 \Device\Harddisk0\DR0 - copied to quarantine 11:38:38.0910 0932 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 11:38:39.0004 0932 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine 11:38:52.0233 0932 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine 11:38:58.0700 0932 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 11:38:58.0830 0932 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 11:38:58.0995 0932 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine 11:38:58.0999 0932 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine 11:38:59.0007 0932 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 11:38:59.0012 0932 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 11:38:59.0138 0932 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 11:38:59.0251 0932 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine 11:38:59.0255 0932 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine 11:38:59.0259 0932 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine 11:38:59.0345 0932 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot 11:38:59.0361 0932 \Device\Harddisk0\DR0 - ok 11:38:59.0593 0932 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure 11:38:59.0593 0932 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 11:38:59.0593 0932 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
  7. FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll 11:36:44.0656 4812 C:\Windows\SysWOW64\webio.dll - ok 11:36:44.0656 4812 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll 11:36:44.0656 4812 C:\Windows\SysWOW64\winhttp.dll - ok 11:36:44.0656 4812 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll 11:36:44.0656 4812 C:\Windows\SysWOW64\winnsi.dll - ok 11:36:44.0671 4812 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll 11:36:44.0671 4812 C:\Windows\SysWOW64\cfgmgr32.dll - ok 11:36:44.0671 4812 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll 11:36:44.0671 4812 C:\Windows\System32\schedsvc.dll - ok 11:36:44.0671 4812 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll 11:36:44.0671 4812 C:\Windows\SysWOW64\RpcRtRemote.dll - ok 11:36:44.0687 4812 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll 11:36:44.0687 4812 C:\Windows\SysWOW64\wscapi.dll - ok 11:36:44.0687 4812 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll 11:36:44.0687 4812 C:\Windows\SysWOW64\wscisvif.dll - ok 11:36:44.0687 4812 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll 11:36:44.0687 4812 C:\Windows\SysWOW64\credssp.dll - ok 11:36:44.0702 4812 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll 11:36:44.0702 4812 C:\Windows\SysWOW64\cryptsp.dll - ok 11:36:44.0702 4812 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll 11:36:44.0702 4812 C:\Windows\SysWOW64\mswsock.dll - ok 11:36:44.0702 4812 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL 11:36:44.0702 4812 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok 11:36:44.0718 4812 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll 11:36:44.0718 4812 C:\Windows\SysWOW64\wship6.dll - ok 11:36:44.0718 4812 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll 11:36:44.0718 4812 C:\Windows\System32\ktmw32.dll - ok 11:36:44.0718 4812 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll 11:36:44.0718 4812 C:\Windows\System32\fveapi.dll - ok 11:36:44.0718 4812 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll 11:36:44.0718 4812 C:\Windows\System32\tbs.dll - ok 11:36:44.0734 4812 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll 11:36:44.0734 4812 C:\Windows\System32\fvecerts.dll - ok 11:36:44.0734 4812 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll 11:36:44.0734 4812 C:\Windows\System32\wiarpc.dll - ok 11:36:44.0734 4812 [ CB2979C3F152BFE6C4F6AFA1A02695E6 ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswEngin.dll 11:36:44.0734 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswEngin.dll - ok 11:36:44.0749 4812 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll 11:36:44.0749 4812 C:\Windows\System32\taskcomp.dll - ok 11:36:44.0749 4812 [ 64790077F7574E0EB97F3CD2C7B46796 ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswCmnIS.dll 11:36:44.0749 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswCmnIS.dll - ok 11:36:44.0765 4812 [ 09C5CB1DEEFFB23C29FDF135C70E506E ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswCmnOS.dll 11:36:44.0765 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswCmnOS.dll - ok 11:36:44.0765 4812 [ 62378187B9E30A2DD5333E35D06A6C7D ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswCmnBS.dll 11:36:44.0765 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswCmnBS.dll - ok 11:36:44.0765 4812 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys 11:36:44.0765 4812 C:\Windows\System32\drivers\http.sys - ok 11:36:44.0780 4812 [ F4B53E84EBD4EDC4938E9B40B583D6FE ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswScan.dll 11:36:44.0780 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswScan.dll - ok 11:36:44.0780 4812 [ 631EAABB9F82ACEDF8DE3DD20FD5ACC6 ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswRep.dll 11:36:44.0780 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswRep.dll - ok 11:36:44.0796 4812 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe 11:36:44.0796 4812 C:\Windows\System32\spoolsv.exe - ok 11:36:44.0796 4812 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys 11:36:44.0796 4812 C:\Windows\System32\drivers\srvnet.sys - ok 11:36:44.0796 4812 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys 11:36:44.0796 4812 C:\Windows\System32\drivers\bowser.sys - ok 11:36:44.0812 4812 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys 11:36:44.0812 4812 C:\Windows\System32\drivers\mrxsmb.sys - ok 11:36:44.0812 4812 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys 11:36:44.0812 4812 C:\Windows\System32\drivers\mrxsmb10.sys - ok 11:36:44.0812 4812 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys 11:36:44.0812 4812 C:\Windows\System32\drivers\mrxsmb20.sys - ok 11:36:44.0827 4812 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys 11:36:44.0827 4812 C:\Windows\System32\drivers\srv2.sys - ok 11:36:44.0827 4812 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys 11:36:44.0827 4812 C:\Windows\System32\drivers\srv.sys - ok 11:36:44.0827 4812 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll 11:36:44.0827 4812 C:\Windows\System32\wkssvc.dll - ok 11:36:44.0827 4812 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll 11:36:44.0843 4812 C:\Windows\System32\srvsvc.dll - ok 11:36:44.0843 4812 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll 11:36:44.0843 4812 C:\Windows\System32\browser.dll - ok 11:36:44.0843 4812 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll 11:36:44.0843 4812 C:\Windows\System32\netmsg.dll - ok 11:36:44.0843 4812 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll 11:36:44.0843 4812 C:\Windows\System32\clusapi.dll - ok 11:36:44.0858 4812 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll 11:36:44.0858 4812 C:\Windows\System32\sscore.dll - ok 11:36:44.0858 4812 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll 11:36:44.0858 4812 C:\Windows\System32\resutils.dll - ok 11:36:44.0858 4812 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL 11:36:44.0858 4812 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok 11:36:44.0874 4812 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll 11:36:44.0874 4812 C:\Windows\System32\rasadhlp.dll - ok 11:36:44.0874 4812 [ 2399F8068E969D9C25A05B6F779A790A ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswFiDb.dll 11:36:44.0874 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswFiDb.dll - ok 11:36:44.0890 4812 [ BC7D2DE14AB9591FA1DE886C0C701646 ] C:\Program Files\AVAST Software\Avast\defs\13050600\algo.dll 11:36:44.0890 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\algo.dll - ok 11:36:44.0890 4812 [ 01345024BBD84AC68FF872FBB7B7F834 ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll 11:36:44.0890 4812 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok 11:36:44.0890 4812 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll 11:36:44.0890 4812 C:\Windows\SysWOW64\shell32.dll - ok 11:36:44.0905 4812 [ 1474F121C3DF1232D3E7239C03691EE6 ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe 11:36:44.0905 4812 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe - ok 11:36:44.0905 4812 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe 11:36:44.0905 4812 C:\Windows\System32\dllhost.exe - ok 11:36:44.0905 4812 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll 11:36:44.0905 4812 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok 11:36:44.0921 4812 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll 11:36:44.0921 4812 C:\Windows\System32\IDStore.dll - ok 11:36:44.0921 4812 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe 11:36:44.0921 4812 C:\Windows\System32\taskhost.exe - ok 11:36:44.0921 4812 [ 001D7099C3DB8E53A955FF4D66E25AA2 ] C:\Windows\System32\kbd101.dll 11:36:44.0921 4812 C:\Windows\System32\kbd101.dll - ok 11:36:44.0936 4812 [ A1D990022654CFE37E2561E540F0253B ] C:\Windows\System32\kbd106.dll 11:36:44.0936 4812 C:\Windows\System32\kbd106.dll - ok 11:36:44.0936 4812 [ 6D707786D7163383C64F07263BB9478E ] C:\Windows\System32\KBDJPN.DLL 11:36:44.0936 4812 C:\Windows\System32\KBDJPN.DLL - ok 11:36:44.0936 4812 [ 117865AD39587EB4DA218AAF2E559B8C ] C:\Windows\System32\kbdnec.dll 11:36:44.0936 4812 C:\Windows\System32\kbdnec.dll - ok 11:36:44.0952 4812 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe 11:36:44.0952 4812 C:\Windows\System32\AtBroker.exe - ok 11:36:44.0952 4812 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll 11:36:44.0952 4812 C:\Windows\System32\mpr.dll - ok 11:36:44.0952 4812 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll 11:36:44.0952 4812 C:\Windows\System32\localspl.dll - ok 11:36:44.0968 4812 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe 11:36:44.0968 4812 C:\Windows\System32\userinit.exe - ok 11:36:44.0968 4812 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe 11:36:44.0968 4812 C:\Windows\System32\dwm.exe - ok 11:36:44.0968 4812 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll 11:36:44.0968 4812 C:\Windows\System32\MsCtfMonitor.dll - ok 11:36:44.0983 4812 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll 11:36:44.0983 4812 C:\Windows\System32\spoolss.dll - ok 11:36:44.0983 4812 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll 11:36:44.0983 4812 C:\Windows\System32\dwmredir.dll - ok 11:36:44.0983 4812 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll 11:36:44.0983 4812 C:\Windows\System32\dwmcore.dll - ok 11:36:44.0999 4812 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll 11:36:44.0999 4812 C:\Windows\System32\d3d10_1.dll - ok 11:36:44.0999 4812 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll 11:36:44.0999 4812 C:\Windows\System32\d3d10_1core.dll - ok 11:36:44.0999 4812 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll 11:36:44.0999 4812 C:\Windows\System32\dxgi.dll - ok 11:36:44.0999 4812 [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll 11:36:44.0999 4812 C:\Windows\System32\d3d11.dll - ok 11:36:45.0014 4812 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe 11:36:45.0014 4812 C:\Windows\explorer.exe - ok 11:36:45.0014 4812 [ 6D006CAD0E10637BABDB81CC61A2ECE5 ] C:\Windows\System32\igd10umd64.dll 11:36:45.0014 4812 C:\Windows\System32\igd10umd64.dll - ok 11:36:45.0014 4812 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll 11:36:45.0014 4812 C:\Windows\System32\ExplorerFrame.dll - ok 11:36:45.0030 4812 [ 465133E1EEFACE2FCB15155ABC96C457 ] C:\Program Files\AVAST Software\Avast\ashShA64.dll 11:36:45.0030 4812 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok 11:36:45.0030 4812 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll 11:36:45.0030 4812 C:\Windows\System32\msi.dll - ok 11:36:45.0030 4812 [ 862586AD4B1355F7DCDE111EE0AAF350 ] C:\Windows\System32\d3dx10_40.dll 11:36:45.0030 4812 C:\Windows\System32\d3dx10_40.dll - ok 11:36:45.0046 4812 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll 11:36:45.0046 4812 C:\Windows\System32\uDWM.dll - ok 11:36:45.0046 4812 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll 11:36:45.0046 4812 C:\Windows\System32\EhStorShell.dll - ok 11:36:45.0046 4812 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll 11:36:45.0046 4812 C:\Windows\System32\ntshrui.dll - ok 11:36:45.0061 4812 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll 11:36:45.0061 4812 C:\Windows\System32\cscapi.dll - ok 11:36:45.0061 4812 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll 11:36:45.0061 4812 C:\Windows\System32\IconCodecService.dll - ok 11:36:45.0061 4812 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe 11:36:45.0061 4812 C:\Windows\System32\runonce.exe - ok 11:36:45.0077 4812 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll 11:36:45.0077 4812 C:\Windows\SysWOW64\secur32.dll - ok 11:36:45.0077 4812 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe 11:36:45.0077 4812 C:\Windows\SysWOW64\runonce.exe - ok 11:36:45.0077 4812 [ 232C0B9155F6A2C3736A9488F0C456DA ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\platform.DLL 11:36:45.0077 4812 C:\Program Files (x86)\Adobe\Elements 9 Organizer\platform.DLL - ok 11:36:45.0092 4812 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll 11:36:45.0092 4812 C:\Windows\System32\msutb.dll - ok 11:36:45.0092 4812 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv 11:36:45.0092 4812 C:\Windows\System32\winspool.drv - ok 11:36:45.0092 4812 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe 11:36:45.0092 4812 C:\Windows\System32\taskeng.exe - ok 11:36:45.0108 4812 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll 11:36:45.0108 4812 C:\Windows\System32\TSChannel.dll - ok 11:36:45.0108 4812 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll 11:36:45.0108 4812 C:\Windows\SysWOW64\profapi.dll - ok 11:36:45.0108 4812 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll 11:36:45.0108 4812 C:\Windows\SysWOW64\ntmarta.dll - ok 11:36:45.0124 4812 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll 11:36:45.0124 4812 C:\Windows\SysWOW64\Wldap32.dll - ok 11:36:45.0124 4812 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 11:36:45.0124 4812 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok 11:36:45.0124 4812 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll 11:36:45.0124 4812 C:\Windows\SysWOW64\wintrust.dll - ok 11:36:45.0139 4812 [ 78779EE07231C658B483B1F38B5088DF ] C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 11:36:45.0139 4812 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE - ok 11:36:45.0139 4812 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll 11:36:45.0139 4812 C:\Windows\SysWOW64\SensApi.dll - ok 11:36:45.0139 4812 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll 11:36:45.0139 4812 C:\Windows\SysWOW64\clbcatq.dll - ok 11:36:45.0155 4812 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll 11:36:45.0155 4812 C:\Windows\SysWOW64\msxml6.dll - ok 11:36:45.0155 4812 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll 11:36:45.0155 4812 C:\Windows\System32\cryptnet.dll - ok 11:36:45.0155 4812 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll 11:36:45.0155 4812 C:\Windows\System32\cryptsvc.dll - ok 11:36:45.0170 4812 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll 11:36:45.0170 4812 C:\Windows\System32\vssapi.dll - ok 11:36:45.0170 4812 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll 11:36:45.0170 4812 C:\Windows\SysWOW64\rsaenh.dll - ok 11:36:45.0170 4812 [ 4AB2A58816CC6BE771F1D8C768B804C5 ] C:\Program Files (x86)\Launch Manager\dsiwmis.exe 11:36:45.0170 4812 C:\Program Files (x86)\Launch Manager\dsiwmis.exe - ok 11:36:45.0186 4812 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll 11:36:45.0186 4812 C:\Windows\System32\dps.dll - ok 11:36:45.0186 4812 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll 11:36:45.0186 4812 C:\Windows\System32\taskschd.dll - ok 11:36:45.0186 4812 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll 11:36:45.0186 4812 C:\Windows\SysWOW64\wtsapi32.dll - ok 11:36:45.0202 4812 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll 11:36:45.0202 4812 C:\Windows\SysWOW64\setupapi.dll - ok 11:36:45.0202 4812 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll 11:36:45.0202 4812 C:\Windows\SysWOW64\userenv.dll - ok 11:36:45.0217 4812 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll 11:36:45.0217 4812 C:\Windows\System32\vsstrace.dll - ok 11:36:45.0217 4812 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll 11:36:45.0217 4812 C:\Windows\SysWOW64\devobj.dll - ok 11:36:45.0217 4812 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll 11:36:45.0217 4812 C:\Windows\SysWOW64\winmm.dll - ok 11:36:45.0217 4812 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll 11:36:45.0217 4812 C:\Windows\SysWOW64\winsta.dll - ok 11:36:45.0233 4812 [ 0203706E97B7286EDDBC62B1D16025C3 ] C:\Program Files (x86)\Launch Manager\LMworker.exe 11:36:45.0233 4812 C:\Program Files (x86)\Launch Manager\LMworker.exe - ok 11:36:45.0233 4812 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll 11:36:45.0233 4812 C:\Windows\System32\FXSMON.dll - ok 11:36:45.0233 4812 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll 11:36:45.0233 4812 C:\Windows\System32\PrintIsolationProxy.dll - ok 11:36:45.0248 4812 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll 11:36:45.0248 4812 C:\Windows\System32\tcpmon.dll - ok 11:36:45.0248 4812 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll 11:36:45.0248 4812 C:\Windows\SysWOW64\uxtheme.dll - ok 11:36:45.0248 4812 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll 11:36:45.0248 4812 C:\Windows\System32\snmpapi.dll - ok 11:36:45.0264 4812 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll 11:36:45.0264 4812 C:\Windows\System32\wsnmp32.dll - ok 11:36:45.0264 4812 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll 11:36:45.0264 4812 C:\Windows\System32\usbmon.dll - ok 11:36:45.0264 4812 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll 11:36:45.0264 4812 C:\Windows\System32\WSDMon.dll - ok 11:36:45.0280 4812 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll 11:36:45.0280 4812 C:\Windows\System32\WSDApi.dll - ok 11:36:45.0280 4812 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll 11:36:45.0280 4812 C:\Windows\System32\webservices.dll - ok 11:36:45.0280 4812 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll 11:36:45.0280 4812 C:\Windows\System32\fundisc.dll - ok 11:36:45.0280 4812 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll 11:36:45.0280 4812 C:\Windows\System32\fdPnp.dll - ok 11:36:45.0295 4812 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll 11:36:45.0295 4812 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok 11:36:45.0295 4812 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll 11:36:45.0295 4812 C:\Windows\System32\win32spl.dll - ok 11:36:45.0295 4812 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll 11:36:45.0295 4812 C:\Windows\System32\inetpp.dll - ok 11:36:45.0311 4812 [ 48425C93B6F36529707206E4FA680CF3 ] C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe 11:36:45.0311 4812 C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe - ok 11:36:45.0311 4812 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll 11:36:45.0311 4812 C:\Windows\System32\dbghelp.dll - ok 11:36:45.0311 4812 [ F29AA7284FBDD313AF9F423D49F9AC89 ] C:\Program Files\Acer\Acer ePower Management\PowerSettingControl.dll 11:36:45.0311 4812 C:\Program Files\Acer\Acer ePower Management\PowerSettingControl.dll - ok 11:36:45.0326 4812 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll 11:36:45.0326 4812 C:\Windows\System32\oleacc.dll - ok 11:36:45.0326 4812 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll 11:36:45.0326 4812 C:\Windows\System32\FDResPub.dll - ok 11:36:45.0326 4812 [ C9B2D1D3F86FD3673EF847DEF73B6F9E ] C:\Program Files (x86)\Acer\Registration\GREGsvc.exe 11:36:45.0326 4812 C:\Program Files (x86)\Acer\Registration\GREGsvc.exe - ok 11:36:45.0342 4812 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll 11:36:45.0342 4812 C:\Windows\SysWOW64\fltLib.dll - ok 11:36:45.0342 4812 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll 11:36:45.0342 4812 C:\Windows\SysWOW64\netapi32.dll - ok 11:36:45.0342 4812 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll 11:36:45.0342 4812 C:\Windows\SysWOW64\netutils.dll - ok 11:36:45.0358 4812 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll 11:36:45.0358 4812 C:\Windows\SysWOW64\srvcli.dll - ok 11:36:45.0358 4812 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll 11:36:45.0358 4812 C:\Windows\SysWOW64\wkscli.dll - ok 11:36:45.0358 4812 [ 93B73DED2BC688F140C6AE2FBAD45789 ] C:\Program Files\Acer\Acer Updater\UpdaterService.exe 11:36:45.0358 4812 C:\Program Files\Acer\Acer Updater\UpdaterService.exe - ok 11:36:45.0358 4812 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv 11:36:45.0358 4812 C:\Windows\SysWOW64\winspool.drv - ok 11:36:45.0373 4812 [ 65085456FD9A74D7F1A999520C299ECB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 11:36:45.0373 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok 11:36:45.0373 4812 [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll 11:36:45.0373 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok 11:36:45.0373 4812 [ 9275F02BEA644F43A459E316A932658F ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll 11:36:45.0373 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok 11:36:45.0389 4812 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 11:36:45.0389 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok 11:36:45.0389 4812 [ 80D8679BF84A9383BFF33E07D5D9FC35 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll 11:36:45.0389 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok 11:36:45.0389 4812 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll 11:36:45.0389 4812 C:\Windows\SysWOW64\mpr.dll - ok 11:36:45.0404 4812 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll 11:36:45.0404 4812 C:\Windows\System32\ncsi.dll - ok 11:36:45.0404 4812 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll 11:36:45.0404 4812 C:\Windows\System32\nlasvc.dll - ok 11:36:45.0404 4812 [ 1873214666F6F0A883742DF91FBC48C9 ] C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe 11:36:45.0404 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe - ok 11:36:45.0420 4812 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll 11:36:45.0420 4812 C:\Windows\System32\winhttp.dll - ok 11:36:45.0420 4812 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll 11:36:45.0420 4812 C:\Windows\SysWOW64\oleacc.dll - ok 11:36:45.0420 4812 [ 7DD3B82EABFCF8CB82E39E2E9547C0A1 ] C:\Program Files (x86)\NTI\Acer Backup Manager\Pehook.dll 11:36:45.0420 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\Pehook.dll - ok 11:36:45.0436 4812 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys 11:36:45.0436 4812 C:\Windows\System32\drivers\PEAuth.sys - ok 11:36:45.0436 4812 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll 11:36:45.0436 4812 C:\Windows\System32\pcasvc.dll - ok 11:36:45.0436 4812 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll 11:36:45.0436 4812 C:\Windows\System32\webio.dll - ok 11:36:45.0451 4812 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll 11:36:45.0451 4812 C:\Windows\SysWOW64\imagehlp.dll - ok 11:36:45.0451 4812 [ 5C304121590B578916B1B658707CD38A ] C:\Program Files (x86)\NTI\Acer Backup Manager\ISchedule.dll 11:36:45.0451 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\ISchedule.dll - ok 11:36:45.0467 4812 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll 11:36:45.0467 4812 C:\Windows\System32\aepic.dll - ok 11:36:45.0467 4812 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll 11:36:45.0467 4812 C:\Windows\System32\sfc.dll - ok 11:36:45.0467 4812 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll 11:36:45.0467 4812 C:\Windows\System32\sfc_os.dll - ok 11:36:45.0482 4812 [ 205E1B699FD3F2F9B036EEA2EC30C620 ] C:\Windows\SysWOW64\PnkBstrA.exe 11:36:45.0482 4812 C:\Windows\SysWOW64\PnkBstrA.exe - ok 11:36:45.0482 4812 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll 11:36:45.0482 4812 C:\Windows\System32\ssdpapi.dll - ok 11:36:45.0482 4812 [ 898617D27DD24D3E426F08D462521C9C ] C:\Program Files (x86)\NTI\Acer Backup Manager\SyncDll.dll 11:36:45.0482 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\SyncDll.dll - ok 11:36:45.0482 4812 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys 11:36:45.0482 4812 C:\Windows\System32\drivers\secdrv.sys - ok 11:36:45.0498 4812 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll 11:36:45.0498 4812 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok 11:36:45.0498 4812 [ C6CC9297BD53E5229653303E556AA539 ] C:\Windows\System32\drivers\Sftfslh.sys 11:36:45.0498 4812 C:\Windows\System32\drivers\Sftfslh.sys - ok 11:36:45.0514 4812 [ C3CDDD18F43D44AB713CF8C4916F7696 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 11:36:45.0514 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok 11:36:45.0514 4812 [ 390AA7BC52CEE43F6790CDEA1E776703 ] C:\Windows\System32\drivers\Sftplaylh.sys 11:36:45.0514 4812 C:\Windows\System32\drivers\Sftplaylh.sys - ok 11:36:45.0514 4812 [ 47DAACCB81F4FA958F4DE5855827DF22 ] C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll 11:36:45.0514 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll - ok 11:36:45.0529 4812 [ 0C1B2E3A897397738D9F81CD3D152AF0 ] C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 11:36:45.0529 4812 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok 11:36:45.0529 4812 [ 37B499357915EA3E7F958EA2FF826D4B ] C:\Program Files (x86)\NTI\Acer Backup Manager\agent_stub.dll 11:36:45.0529 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\agent_stub.dll - ok 11:36:45.0529 4812 [ E06E026FD9F20E8865E6A500E4726C45 ] C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll 11:36:45.0529 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll - ok 11:36:45.0545 4812 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll 11:36:45.0545 4812 C:\Windows\SysWOW64\dwmapi.dll - ok 11:36:45.0545 4812 [ 8B4DBEEF5D88009AF0CFF29DE6729951 ] C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookDispatch.dll 11:36:45.0545 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookDispatch.dll - ok 11:36:45.0545 4812 [ CAC95D2C86A75D78EF6E0E9382392E95 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll 11:36:45.0560 4812 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok 11:36:45.0560 4812 [ B96C4A4B84EA2CAA5E728B0373EE559E ] C:\Program Files\AVAST Software\Avast\AhResJs.dll 11:36:45.0560 4812 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok 11:36:45.0560 4812 [ C429C1E26B9F38CB7A5F4DF13A4BBC57 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll 11:36:45.0560 4812 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok 11:36:45.0576 4812 [ F50D3E9B6E2B457F2BFED8F5EB4ED59A ] C:\Program Files (x86)\Launch Manager\NTKCUtl.dll 11:36:45.0576 4812 C:\Program Files (x86)\Launch Manager\NTKCUtl.dll - ok 11:36:45.0576 4812 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll 11:36:45.0576 4812 C:\Windows\System32\HotStartUserAgent.dll - ok 11:36:45.0576 4812 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll 11:36:45.0576 4812 C:\Windows\System32\PlaySndSrv.dll - ok 11:36:45.0592 4812 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll 11:36:45.0592 4812 C:\Windows\System32\aeevts.dll - ok 11:36:45.0592 4812 [ 424E19980318AE562FFE3948649AFD65 ] C:\Program Files (x86)\Launch Manager\LMutilps32.exe 11:36:45.0592 4812 C:\Program Files (x86)\Launch Manager\LMutilps32.exe - ok 11:36:45.0592 4812 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll 11:36:45.0592 4812 C:\Windows\SysWOW64\samcli.dll - ok 11:36:45.0607 4812 [ 352CC5F802D8EDE1FAAE6D3E50664958 ] C:\Program Files (x86)\Launch Manager\LmSmbKel.dll 11:36:45.0607 4812 C:\Program Files (x86)\Launch Manager\LmSmbKel.dll - ok 11:36:45.0607 4812 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll 11:36:45.0607 4812 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok 11:36:45.0607 4812 [ 78F62B741B80433065EEC2DFDC273A55 ] C:\Program Files (x86)\NTI\Acer Backup Manager\BookmarkDLL.dll 11:36:45.0607 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\BookmarkDLL.dll - ok 11:36:45.0623 4812 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll 11:36:45.0623 4812 C:\Windows\SysWOW64\msimg32.dll - ok 11:36:45.0623 4812 [ 4514F3F5D641F7F3BC7C655B07DC67B0 ] C:\Program Files (x86)\NTI\Acer Backup Manager\WinSetDLL.dll 11:36:45.0623 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\WinSetDLL.dll - ok 11:36:45.0623 4812 [ 66F1BF58843E814AA0ACF586CFD8E94B ] C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll 11:36:45.0623 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll - ok 11:36:45.0623 4812 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll 11:36:45.0623 4812 C:\Windows\SysWOW64\mapi32.dll - ok 11:36:45.0638 4812 [ 021B54CF2CCA4AD82735E7CFBDC26DF8 ] C:\Program Files (x86)\NTI\Acer Backup Manager\VssAgent.dll 11:36:45.0638 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\VssAgent.dll - ok 11:36:45.0638 4812 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll 11:36:45.0638 4812 C:\Windows\SysWOW64\vssapi.dll - ok 11:36:45.0638 4812 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll 11:36:45.0638 4812 C:\Windows\SysWOW64\atl.dll - ok 11:36:45.0654 4812 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll 11:36:45.0654 4812 C:\Windows\SysWOW64\vsstrace.dll - ok 11:36:45.0654 4812 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL 11:36:45.0654 4812 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok 11:36:45.0654 4812 [ 2765C3512F3E320930018ECEC41785E5 ] C:\Program Files\AVAST Software\Avast\AhResMes.dll 11:36:45.0654 4812 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok 11:36:45.0670 4812 [ CCE5ECDA068BBFFA12F2140C2C42FF51 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll 11:36:45.0670 4812 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok 11:36:45.0670 4812 [ DF927212DA391CDD500CC9B3557154DE ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll 11:36:45.0670 4812 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok 11:36:45.0670 4812 [ 7C15061CD0372487903B07B9BB03AFAD ] C:\Program Files (x86)\Skype\Updater\Updater.exe 11:36:45.0670 4812 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok 11:36:45.0685 4812 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys 11:36:45.0685 4812 C:\Windows\System32\drivers\tcpipreg.sys - ok 11:36:45.0685 4812 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll 11:36:45.0685 4812 C:\Windows\System32\sysmain.dll - ok 11:36:45.0685 4812 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll 11:36:45.0685 4812 C:\Windows\System32\wiaservc.dll - ok 11:36:45.0701 4812 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll 11:36:45.0701 4812 C:\Windows\System32\wiatrace.dll - ok 11:36:45.0701 4812 [ 13693B6354DD6E72DC5131DA7D764B90 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 11:36:45.0701 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok 11:36:45.0701 4812 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll 11:36:45.0701 4812 C:\Windows\System32\trkwks.dll - ok 11:36:45.0716 4812 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll 11:36:45.0716 4812 C:\Windows\System32\wbem\WMIsvc.dll - ok 11:36:45.0716 4812 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll 11:36:45.0716 4812 C:\Windows\System32\wbemcomn.dll - ok 11:36:45.0716 4812 [ 6177E1A8F215576A56D437B48A00848B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll 11:36:45.0716 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok 11:36:45.0732 4812 [ 295E1F2BC1AFDAFD98FF426BCE524BA9 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll 11:36:45.0732 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok 11:36:45.0732 4812 [ A733CC986EB51F8FBF598B981DC19FBA ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll 11:36:45.0732 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok 11:36:45.0732 4812 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll 11:36:45.0732 4812 C:\Windows\System32\wbem\fastprox.dll - ok 11:36:45.0748 4812 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll 11:36:45.0748 4812 C:\Windows\System32\wbem\WinMgmtR.dll - ok 11:36:45.0748 4812 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll 11:36:45.0748 4812 C:\Windows\System32\wbem\WmiDcPrv.dll - ok 11:36:45.0748 4812 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll 11:36:45.0748 4812 C:\Windows\System32\ntdsapi.dll - ok 11:36:45.0763 4812 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll 11:36:45.0763 4812 C:\Windows\System32\wbem\wbemprox.dll - ok 11:36:45.0763 4812 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll 11:36:45.0763 4812 C:\Windows\System32\wbem\wbemcore.dll - ok 11:36:45.0763 4812 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll 11:36:45.0763 4812 C:\Windows\System32\wbem\esscli.dll - ok 11:36:45.0779 4812 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 11:36:45.0779 4812 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok 11:36:45.0779 4812 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll 11:36:45.0779 4812 C:\Windows\System32\wbem\wbemsvc.dll - ok 11:36:45.0779 4812 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll 11:36:45.0779 4812 C:\Windows\System32\wbem\wmiutils.dll - ok 11:36:45.0794 4812 [ 47427F7F6AB31CD8813737A08082BED6 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll 11:36:45.0794 4812 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok 11:36:45.0794 4812 [ 92CEF77A86B33BCBD80CB1E6849FBFE1 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll 11:36:45.0794 4812 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok 11:36:45.0794 4812 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll 11:36:45.0794 4812 C:\Windows\SysWOW64\dhcpcsvc.dll - ok 11:36:45.0810 4812 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll 11:36:45.0810 4812 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok 11:36:45.0810 4812 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll 11:36:45.0810 4812 C:\Windows\SysWOW64\wlanapi.dll - ok 11:36:45.0810 4812 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll 11:36:45.0810 4812 C:\Windows\SysWOW64\wlanutil.dll - ok 11:36:45.0810 4812 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:36:45.0810 4812 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok 11:36:45.0826 4812 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll 11:36:45.0826 4812 C:\Windows\System32\wbem\repdrvfs.dll - ok 11:36:45.0826 4812 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll 11:36:45.0826 4812 C:\Windows\SysWOW64\netshell.dll - ok 11:36:45.0826 4812 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll 11:36:45.0826 4812 C:\Windows\SysWOW64\nlaapi.dll - ok 11:36:45.0841 4812 [ 32BFCF1CA719F2A3A31C721BD5F90303 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll 11:36:45.0841 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok 11:36:45.0841 4812 [ 40EE4E67311F4019CCA2120D88C60576 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll 11:36:45.0841 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok 11:36:45.0841 4812 [ 09AB81CEE443569D9A3CC151DDF70444 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll 11:36:45.0841 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok 11:36:45.0857 4812 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll 11:36:45.0857 4812 C:\Windows\SysWOW64\logoncli.dll - ok 11:36:45.0857 4812 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll 11:36:45.0857 4812 C:\Windows\SysWOW64\msi.dll - ok 11:36:45.0857 4812 [ 617E29A0B0A2807466560D4C4E338D3E ] C:\Windows\System32\drivers\Sftredirlh.sys 11:36:45.0857 4812 C:\Windows\System32\drivers\Sftredirlh.sys - ok 11:36:45.0872 4812 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll 11:36:45.0872 4812 C:\Windows\SysWOW64\schannel.dll - ok 11:36:45.0872 4812 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll 11:36:45.0872 4812 C:\Windows\System32\dssenh.dll - ok 11:36:45.0872 4812 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll 11:36:45.0872 4812 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok 11:36:45.0888 4812 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll 11:36:45.0888 4812 C:\Windows\SysWOW64\cscapi.dll - ok 11:36:45.0888 4812 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll 11:36:45.0888 4812 C:\Windows\SysWOW64\dbghelp.dll - ok 11:36:45.0888 4812 [ EB5EBE7CC58C1E66AFAC1064FBD7DB21 ] C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe 11:36:45.0888 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe - ok 11:36:45.0888 4812 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll 11:36:45.0888 4812 C:\Windows\SysWOW64\propsys.dll - ok 11:36:45.0904 4812 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll 11:36:45.0904 4812 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok 11:36:45.0904 4812 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe 11:36:45.0904 4812 C:\Windows\SysWOW64\cmd.exe - ok 11:36:45.0904 4812 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll 11:36:45.0904 4812 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok 11:36:45.0919 4812 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll 11:36:45.0919 4812 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok 11:36:45.0919 4812 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll 11:36:45.0919 4812 C:\Windows\SysWOW64\winbrand.dll - ok 11:36:45.0919 4812 [ DFE118C95C6571B87D1923DAB3FA0A77 ] C:\Windows\SysWOW64\ieframe.dll 11:36:45.0919 4812 C:\Windows\SysWOW64\ieframe.dll - ok 11:36:45.0935 4812 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll 11:36:45.0935 4812 C:\Windows\SysWOW64\shdocvw.dll - ok 11:36:45.0935 4812 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll 11:36:45.0935 4812 C:\Windows\SysWOW64\bcrypt.dll - ok 11:36:45.0935 4812 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll 11:36:45.0935 4812 C:\Windows\SysWOW64\ncrypt.dll - ok 11:36:45.0950 4812 [ AAC3C0194EEBA939E18590411130CF43 ] C:\Program Files\AVAST Software\Avast\defs\13050600\ArPot.dll 11:36:45.0950 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\ArPot.dll - ok 11:36:45.0950 4812 [ 43983B7C77E9B9026A537CEA4A0BFAE7 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll 11:36:45.0950 4812 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok 11:36:45.0950 4812 [ 44BD658E0E4D21C42023AD9EBEFFDB90 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll 11:36:45.0950 4812 C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok 11:36:45.0966 4812 [ D1D5DAB39DCB4BE0359943738D87409B ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 11:36:45.0966 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok 11:36:45.0966 4812 [ 27858FC69699525E36F8810498C304CA ] C:\Program Files\AVAST Software\Avast\snxhk.dll 11:36:45.0966 4812 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok 11:36:45.0966 4812 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll 11:36:45.0966 4812 C:\Windows\SysWOW64\drprov.dll - ok 11:36:45.0966 4812 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll 11:36:45.0966 4812 C:\Windows\SysWOW64\ntlanman.dll - ok 11:36:45.0982 4812 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll 11:36:45.0982 4812 C:\Windows\SysWOW64\davclnt.dll - ok 11:36:45.0982 4812 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll 11:36:45.0982 4812 C:\Windows\SysWOW64\davhlpr.dll - ok 11:36:45.0982 4812 [ 72794D112CBAFF3BC0C29BF7350D4741 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE 11:36:45.0982 4812 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok 11:36:45.0997 4812 [ C797D1677BA81306AFBB9FA8A9A8F483 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL 11:36:45.0997 4812 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok 11:36:45.0997 4812 [ 0AF30ECA4206132935F3F657B5C7E290 ] C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe 11:36:45.0997 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe - ok 11:36:45.0997 4812 [ B5B06B8CBF0BFDA9B124492A85073AFC ] C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\Common\CLRCEngine3.dll 11:36:46.0013 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\Common\CLRCEngine3.dll - ok 11:36:46.0013 4812 [ 2F0C9E130774CE34EB7F16A2C74BEABE ] C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe 11:36:46.0013 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe - ok 11:36:46.0013 4812 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll 11:36:46.0013 4812 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok 11:36:46.0028 4812 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll 11:36:46.0028 4812 C:\Windows\SysWOW64\bcryptprimitives.dll - ok 11:36:46.0028 4812 [ 8ED6DA45BAB5CFC809229F26D4D4A2CE ] C:\Program Files\AVAST Software\Avast\libeay32.dll 11:36:46.0028 4812 C:\Program Files\AVAST Software\Avast\libeay32.dll - ok 11:36:46.0028 4812 [ 08BF8C83B5F3DD9D0707E7B9CD7F66F1 ] C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll 11:36:46.0028 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll - ok 11:36:46.0044 4812 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\SysWOW64\msvcp60.dll 11:36:46.0044 4812 C:\Windows\SysWOW64\msvcp60.dll - ok 11:36:46.0044 4812 [ 681929C57401E17844C1D2E8D88A3EF2 ] C:\Program Files (x86)\Acer\clear.fi Client\ExtractDeviceIcon.exe 11:36:46.0044 4812 C:\Program Files (x86)\Acer\clear.fi Client\ExtractDeviceIcon.exe - ok 11:36:46.0044 4812 [ 96699C339746C19108DABF5B2B17FC49 ] C:\Program Files\AVAST Software\Avast\snxhk64.dll 11:36:46.0044 4812 C:\Program Files\AVAST Software\Avast\snxhk64.dll - ok 11:36:46.0060 4812 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll 11:36:46.0060 4812 C:\Windows\System32\mscoree.dll - ok 11:36:46.0060 4812 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll 11:36:46.0060 4812 C:\Windows\SysWOW64\dnsapi.dll - ok 11:36:46.0060 4812 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL 11:36:46.0060 4812 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok 11:36:46.0075 4812 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll 11:36:46.0075 4812 C:\Windows\SysWOW64\NapiNSP.dll - ok 11:36:46.0075 4812 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll 11:36:46.0075 4812 C:\Windows\SysWOW64\pnrpnsp.dll - ok 11:36:46.0075 4812 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll 11:36:46.0075 4812 C:\Windows\SysWOW64\winrnr.dll - ok 11:36:46.0091 4812 [ 73F759AB981CF1BC760EE5F81AB608AF ] C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetShow.dll 11:36:46.0091 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetShow.dll - ok 11:36:46.0091 4812 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll 11:36:46.0091 4812 C:\Windows\SysWOW64\ddraw.dll - ok 11:36:46.0091 4812 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll 11:36:46.0091 4812 C:\Windows\SysWOW64\dciman32.dll - ok 11:36:46.0091 4812 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll 11:36:46.0091 4812 C:\Windows\SysWOW64\d3d9.dll - ok 11:36:46.0106 4812 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll 11:36:46.0106 4812 C:\Windows\SysWOW64\d3d8thk.dll - ok 11:36:46.0106 4812 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll 11:36:46.0106 4812 C:\Windows\SysWOW64\powrprof.dll - ok 11:36:46.0106 4812 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe 11:36:46.0106 4812 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok 11:36:46.0122 4812 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll 11:36:46.0122 4812 C:\Windows\SysWOW64\mstask.dll - ok 11:36:46.0122 4812 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Heavy Metal Miku\AppData\Local\Temp\85EC8E08-E7AC-4DC1-B0A5-5E51E5B3F32A.exe 11:36:46.0122 4812 C:\Users\Heavy Metal Miku\AppData\Local\Temp\85EC8E08-E7AC-4DC1-B0A5-5E51E5B3F32A.exe - ok 11:36:46.0122 4812 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll 11:36:46.0122 4812 C:\Windows\System32\wbem\WmiPrvSD.dll - ok 11:36:46.0138 4812 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll 11:36:46.0138 4812 C:\Windows\SysWOW64\credui.dll - ok 11:36:46.0138 4812 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll 11:36:46.0138 4812 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok 11:36:46.0138 4812 [ 565A30B70BE8A9B171839003F2D69683 ] C:\Windows\SysWOW64\hlink.dll 11:36:46.0138 4812 C:\Windows\SysWOW64\hlink.dll - ok 11:36:46.0153 4812 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe 11:36:46.0153 4812 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok 11:36:46.0153 4812 [ 9CAC9FC922033852385AAB75F1E26D52 ] C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLHttpDownload.dll 11:36:46.0153 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLHttpDownload.dll - ok 11:36:46.0153 4812 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll 11:36:46.0153 4812 C:\Windows\SysWOW64\olepro32.dll - ok 11:36:46.0153 4812 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll 11:36:46.0153 4812 C:\Windows\SysWOW64\shfolder.dll - ok 11:36:46.0169 4812 [ 8FF0D395C366ECF8A10C56353591BCC2 ] C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DeviceStage.exe 11:36:46.0169 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DeviceStage.exe - ok 11:36:46.0169 4812 [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll 11:36:46.0169 4812 C:\Windows\SysWOW64\WindowsCodecs.dll - ok 11:36:46.0184 4812 [ 74AF1FFCAFD60DA88A386AE161F56438 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll 11:36:46.0184 4812 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok 11:36:46.0184 4812 [ B08E3476F0874DBAD672D0AC4FB2580B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll 11:36:46.0184 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok 11:36:46.0184 4812 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll 11:36:46.0184 4812 C:\Windows\SysWOW64\cryptdll.dll - ok 11:36:46.0200 4812 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll 11:36:46.0200 4812 C:\Windows\SysWOW64\msv1_0.dll - ok 11:36:46.0200 4812 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll 11:36:46.0200 4812 C:\Windows\SysWOW64\msxml3.dll - ok 11:36:46.0200 4812 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL 11:36:46.0200 4812 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok 11:36:46.0200 4812 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll 11:36:46.0200 4812 C:\Windows\SysWOW64\gpapi.dll - ok 11:36:46.0216 4812 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll 11:36:46.0216 4812 C:\Windows\SysWOW64\cryptnet.dll - ok 11:36:46.0216 4812 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll 11:36:46.0216 4812 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok 11:36:46.0216 4812 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll 11:36:46.0216 4812 C:\Windows\SysWOW64\ncobjapi.dll - ok 11:36:46.0231 4812 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll 11:36:46.0231 4812 C:\Windows\System32\ncobjapi.dll - ok 11:36:46.0231 4812 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll 11:36:46.0231 4812 C:\Windows\System32\wbem\wbemess.dll - ok 11:36:46.0231 4812 [ 2CEFF13ACE25A40BD8D97654944297CD ] C:\Windows\svchost.exe 11:36:46.0231 4812 C:\Windows\svchost.exe - ok 11:36:46.0247 4812 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll 11:36:46.0247 4812 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok 11:36:46.0247 4812 [ 3AA429543931CF75D2FA9A4BEFD1E7F8 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe 11:36:46.0247 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe - ok 11:36:46.0247 4812 [ B6D90C99A72044AEF85A2B7D78FEBEF4 ] C:\Program Files\AVAST Software\Avast\defs\13050600\exts.dll 11:36:46.0247 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\exts.dll - ok 11:36:46.0262 4812 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll 11:36:46.0262 4812 C:\Windows\System32\netman.dll - ok 11:36:46.0262 4812 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\SysWOW64\wdi.dll 11:36:46.0262 4812 C:\Windows\SysWOW64\wdi.dll - ok 11:36:46.0262 4812 [ 835EC12A0ACD88FF3BB03DEC19329191 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll 11:36:46.0262 4812 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok 11:36:46.0278 4812 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll 11:36:46.0278 4812 C:\Windows\System32\wdi.dll - ok 11:36:46.0278 4812 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll 11:36:46.0278 4812 C:\Windows\System32\wpdbusenum.dll - ok 11:36:46.0278 4812 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll 11:36:46.0278 4812 C:\Windows\System32\diagperf.dll - ok 11:36:46.0278 4812 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll 11:36:46.0278 4812 C:\Windows\SysWOW64\EhStorShell.dll - ok 11:36:46.0294 4812 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll 11:36:46.0294 4812 C:\Windows\System32\wdiasqmmodule.dll - ok 11:36:46.0294 4812 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll 11:36:46.0294 4812 C:\Windows\System32\NapiNSP.dll - ok 11:36:46.0294 4812 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll 11:36:46.0294 4812 C:\Windows\System32\pnpts.dll - ok 11:36:46.0309 4812 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll 11:36:46.0309 4812 C:\Windows\SysWOW64\dimsjob.dll - ok 11:36:46.0309 4812 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\SysWOW64\radardt.dll 11:36:46.0309 4812 C:\Windows\SysWOW64\radardt.dll - ok 11:36:46.0309 4812 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll 11:36:46.0309 4812 C:\Windows\System32\dimsjob.dll - ok 11:36:46.0325 4812 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll 11:36:46.0325 4812 C:\Windows\System32\radardt.dll - ok 11:36:46.0325 4812 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll 11:36:46.0325 4812 C:\Windows\SysWOW64\taskschd.dll - ok 11:36:46.0325 4812 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll 11:36:46.0325 4812 C:\Windows\SysWOW64\wscproxystub.dll - ok 11:36:46.0325 4812 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll 11:36:46.0325 4812 C:\Windows\System32\pnrpnsp.dll - ok 11:36:46.0340 4812 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll 11:36:46.0340 4812 C:\Windows\System32\perftrack.dll - ok 11:36:46.0340 4812 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll 11:36:46.0340 4812 C:\Windows\SysWOW64\rasadhlp.dll - ok 11:36:46.0340 4812 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll 11:36:46.0340 4812 C:\Windows\SysWOW64\netprofm.dll - ok 11:36:46.0356 4812 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll 11:36:46.0356 4812 C:\Windows\SysWOW64\security.dll - ok 11:36:46.0356 4812 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll 11:36:46.0356 4812 C:\Windows\SysWOW64\wer.dll - ok 11:36:46.0356 4812 [ 0527485EFC678169D052D25E02FD8880 ] C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll 11:36:46.0356 4812 C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll - ok 11:36:46.0372 4812 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll 11:36:46.0372 4812 C:\Windows\SysWOW64\sfc.dll - ok 11:36:46.0372 4812 [ 2FFBCD4394E60013EAF45427EC4E6A1E ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswAR.dll 11:36:46.0372 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswAR.dll - ok 11:36:46.0372 4812 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll 11:36:46.0372 4812 C:\Windows\SysWOW64\sfc_os.dll - ok 11:36:46.0387 4812 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll 11:36:46.0387 4812 C:\Windows\System32\winrnr.dll - ok 11:36:46.0387 4812 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll 11:36:46.0387 4812 C:\Windows\SysWOW64\npmproxy.dll - ok 11:36:46.0387 4812 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll 11:36:46.0387 4812 C:\Windows\System32\npmproxy.dll - ok 11:36:46.0387 4812 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll 11:36:46.0387 4812 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok 11:36:46.0403 4812 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll 11:36:46.0403 4812 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok 11:36:46.0403 4812 [ F1E7FDAA31D4B49361F2F2BDF38BC3A0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\4c8e27730d1ef243f56c76b06bcc10c6\mscorlib.ni.dll 11:36:46.0403 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\4c8e27730d1ef243f56c76b06bcc10c6\mscorlib.ni.dll - ok 11:36:46.0403 4812 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll 11:36:46.0403 4812 C:\Windows\System32\aelupsvc.dll - ok 11:36:46.0418 4812 [ 9EC1D983086E5FA14FFB3518B7E3B596 ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswRawFS.dll 11:36:46.0418 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswRawFS.dll - ok 11:36:46.0418 4812 [ E872F6B6693EF5319BA38D4352023868 ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll 11:36:46.0418 4812 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok 11:36:46.0418 4812 [ 112EEF699F3E5EFBE13EDDB50AEDE249 ] C:\Program Files\AVAST Software\Avast\defs\13050600\swhealthex.dll 11:36:46.0418 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\swhealthex.dll - ok 11:36:46.0434 4812 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll 11:36:46.0434 4812 C:\Windows\SysWOW64\samlib.dll - ok 11:36:46.0434 4812 [ 6F5386A655598F71BAAB2D6B63A69D6A ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe 11:36:46.0434 4812 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok 11:36:46.0434 4812 [ 60EDF8622CAD337A3629E9E6561EAC73 ] C:\Program Files (x86)\VideoLAN\VLC\vlc.exe 11:36:46.0434 4812 C:\Program Files (x86)\VideoLAN\VLC\vlc.exe - ok 11:36:46.0450 4812 [ 4E9592BB2C100E571F82640E59E9ECD5 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 11:36:46.0450 4812 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok 11:36:46.0450 4812 [ 32732CEDE2A1106B736EF3D84054EE04 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe 11:36:46.0450 4812 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok 11:36:46.0450 4812 [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll 11:36:46.0450 4812 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok 11:36:46.0465 4812 [ B96F045D571747F8700CB43E8C458FF0 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe 11:36:46.0465 4812 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok 11:36:46.0465 4812 [ 87F3BC6C29A532AFC707C3426381842C ] C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll 11:36:46.0465 4812 C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll - ok 11:36:46.0465 4812 [ BD3165A325F222F642F743B6CF2937ED ] C:\Program Files (x86)\WinRAR\WinRAR.exe 11:36:46.0465 4812 C:\Program Files (x86)\WinRAR\WinRAR.exe - ok 11:36:46.0481 4812 [ 04F4D7D7B97C616C33DC3EFFD48875E0 ] C:\Program Files (x86)\Java\jre7\bin\java.exe 11:36:46.0481 4812 C:\Program Files (x86)\Java\jre7\bin\java.exe - ok 11:36:46.0481 4812 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll 11:36:46.0481 4812 C:\Windows\SysWOW64\ntshrui.dll - ok
  8. 11:36:41.0972 4812 ================ Scan global =============================== 11:36:42.0004 4812 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 11:36:42.0050 4812 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 11:36:42.0066 4812 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 11:36:42.0144 4812 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 11:36:42.0222 4812 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 11:36:42.0238 4812 [Global] - ok 11:36:42.0238 4812 ================ Scan MBR ================================== 11:36:42.0253 4812 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 11:36:42.0253 4812 Suspicious mbr (Forged): \Device\Harddisk0\DR0 11:36:42.0316 4812 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected 11:36:42.0316 4812 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0) 11:36:42.0487 4812 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 11:36:42.0487 4812 \Device\Harddisk0\DR0 - detected TDSS File System (1) 11:36:42.0487 4812 ================ Scan VBR ================================== 11:36:42.0487 4812 [ 7103A60FABD7341C428C935A77B488FA ] \Device\Harddisk0\DR0\Partition1 11:36:42.0503 4812 \Device\Harddisk0\DR0\Partition1 - ok 11:36:42.0518 4812 [ 67070D6EC98CE25FD39F4931AAD47DF3 ] \Device\Harddisk0\DR0\Partition2 11:36:42.0518 4812 \Device\Harddisk0\DR0\Partition2 - ok 11:36:42.0518 4812 ================ Scan active images ======================== 11:36:42.0534 4812 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys 11:36:42.0534 4812 C:\Windows\System32\drivers\crashdmp.sys - ok 11:36:42.0534 4812 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys 11:36:42.0534 4812 C:\Windows\System32\drivers\dumpfve.sys - ok 11:36:42.0534 4812 [ 53CC5BF8B5A219119953C7ABB19A7705 ] C:\Windows\System32\drivers\iaStor.sys 11:36:42.0534 4812 C:\Windows\System32\drivers\iaStor.sys - ok 11:36:42.0550 4812 [ 46571ED73AE84469DCA53081D33CF3C8 ] C:\Windows\System32\drivers\dtsoftbus01.sys 11:36:42.0550 4812 C:\Windows\System32\drivers\dtsoftbus01.sys - ok 11:36:42.0550 4812 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys 11:36:42.0550 4812 C:\Windows\System32\drivers\cdrom.sys - ok 11:36:42.0565 4812 [ 9237BE2AB3C7D611F1F8FB7018691BAC ] C:\Windows\System32\drivers\aswSnx.sys 11:36:42.0565 4812 C:\Windows\System32\drivers\aswSnx.sys - ok 11:36:42.0565 4812 [ C009123B206C56854F4E88596035231D ] C:\Windows\System32\drivers\mwlPSDFilter.sys 11:36:42.0565 4812 C:\Windows\System32\drivers\mwlPSDFilter.sys - ok 11:36:42.0581 4812 [ 8ACBB0D11A99EF06BFFD09C5B4DF0925 ] C:\Windows\System32\drivers\4170085drv.sys 11:36:42.0581 4812 C:\Windows\System32\drivers\4170085drv.sys - ok 11:36:42.0581 4812 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys 11:36:42.0581 4812 C:\Windows\System32\drivers\beep.sys - ok 11:36:42.0596 4812 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys 11:36:42.0596 4812 C:\Windows\System32\drivers\null.sys - ok 11:36:42.0596 4812 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys 11:36:42.0596 4812 C:\Windows\System32\drivers\msfs.sys - ok 11:36:42.0596 4812 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys 11:36:42.0596 4812 C:\Windows\System32\drivers\npfs.sys - ok 11:36:42.0612 4812 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys 11:36:42.0612 4812 C:\Windows\System32\drivers\RDPCDD.sys - ok 11:36:42.0612 4812 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys 11:36:42.0612 4812 C:\Windows\System32\drivers\RDPENCDD.sys - ok 11:36:42.0628 4812 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys 11:36:42.0628 4812 C:\Windows\System32\drivers\RDPREFMP.sys - ok 11:36:42.0628 4812 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys 11:36:42.0628 4812 C:\Windows\System32\drivers\vga.sys - ok 11:36:42.0643 4812 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys 11:36:42.0643 4812 C:\Windows\System32\drivers\videoprt.sys - ok 11:36:42.0643 4812 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys 11:36:42.0643 4812 C:\Windows\System32\drivers\watchdog.sys - ok 11:36:42.0643 4812 [ 3D9BA0EF6C5847E4482FC01ABCD26683 ] C:\Windows\System32\drivers\aswTdi.sys 11:36:42.0643 4812 C:\Windows\System32\drivers\aswTdi.sys - ok 11:36:42.0659 4812 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys 11:36:42.0659 4812 C:\Windows\System32\drivers\tdi.sys - ok 11:36:42.0659 4812 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys 11:36:42.0659 4812 C:\Windows\System32\drivers\tdx.sys - ok 11:36:42.0674 4812 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys 11:36:42.0674 4812 C:\Windows\System32\drivers\netbt.sys - ok 11:36:42.0674 4812 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys 11:36:42.0674 4812 C:\Windows\System32\drivers\afd.sys - ok 11:36:42.0674 4812 [ A4C94945B8A1FFE449A500C2CF0B5882 ] C:\Windows\System32\drivers\aswRdr2.sys 11:36:42.0674 4812 C:\Windows\System32\drivers\aswRdr2.sys - ok 11:36:42.0690 4812 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys 11:36:42.0690 4812 C:\Windows\System32\drivers\pacer.sys - ok 11:36:42.0690 4812 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys 11:36:42.0690 4812 C:\Windows\System32\drivers\wfplwf.sys - ok 11:36:42.0706 4812 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys 11:36:42.0706 4812 C:\Windows\System32\drivers\netbios.sys - ok 11:36:42.0706 4812 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys 11:36:42.0706 4812 C:\Windows\System32\drivers\vwififlt.sys - ok 11:36:42.0706 4812 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys 11:36:42.0706 4812 C:\Windows\System32\drivers\wanarp.sys - ok 11:36:42.0721 4812 [ BF3739EEB9F008B1DEBAC115089A53F8 ] C:\Windows\System32\drivers\mwlPSDNserv.sys 11:36:42.0721 4812 C:\Windows\System32\drivers\mwlPSDNserv.sys - ok 11:36:42.0721 4812 [ 38DD143D95E7A01B86F219DDA9C28779 ] C:\Windows\System32\drivers\mwlPSDVDisk.sys 11:36:42.0721 4812 C:\Windows\System32\drivers\mwlPSDVDisk.sys - ok 11:36:42.0737 4812 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys 11:36:42.0737 4812 C:\Windows\System32\drivers\nsiproxy.sys - ok 11:36:42.0737 4812 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys 11:36:42.0737 4812 C:\Windows\System32\drivers\rdbss.sys - ok 11:36:42.0752 4812 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys 11:36:42.0752 4812 C:\Windows\System32\drivers\termdd.sys - ok 11:36:42.0752 4812 [ D8FEC7F7BFE1BAD685DC8D1EF384693D ] C:\Windows\System32\drivers\aswSP.sys 11:36:42.0752 4812 C:\Windows\System32\drivers\aswSP.sys - ok 11:36:42.0752 4812 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys 11:36:42.0752 4812 C:\Windows\System32\drivers\blbdrive.sys - ok 11:36:42.0768 4812 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys 11:36:42.0768 4812 C:\Windows\System32\drivers\dfsc.sys - ok 11:36:42.0768 4812 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys 11:36:42.0768 4812 C:\Windows\System32\drivers\discache.sys - ok 11:36:42.0784 4812 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys 11:36:42.0784 4812 C:\Windows\System32\drivers\mssmbios.sys - ok 11:36:42.0784 4812 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys 11:36:42.0784 4812 C:\Windows\System32\drivers\tunnel.sys - ok 11:36:42.0784 4812 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll 11:36:42.0784 4812 C:\Windows\System32\ntdll.dll - ok 11:36:42.0799 4812 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe 11:36:42.0799 4812 C:\Windows\System32\smss.exe - ok 11:36:42.0799 4812 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe 11:36:42.0799 4812 C:\Windows\System32\autochk.exe - ok 11:36:42.0815 4812 [ 978D876A581D57E0DE6437674EB0014D ] C:\Windows\System32\drivers\igdkmd64.sys 11:36:42.0815 4812 C:\Windows\System32\drivers\igdkmd64.sys - ok 11:36:42.0815 4812 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys 11:36:42.0815 4812 C:\Windows\System32\drivers\dxgkrnl.sys - ok 11:36:42.0815 4812 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys 11:36:42.0815 4812 C:\Windows\System32\drivers\dxgmms1.sys - ok 11:36:42.0830 4812 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys 11:36:42.0830 4812 C:\Windows\System32\drivers\HECIx64.sys - ok 11:36:42.0830 4812 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys 11:36:42.0830 4812 C:\Windows\System32\drivers\usbport.sys - ok 11:36:42.0846 4812 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys 11:36:42.0846 4812 C:\Windows\System32\drivers\hdaudbus.sys - ok 11:36:42.0846 4812 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys 11:36:42.0846 4812 C:\Windows\System32\drivers\usbehci.sys - ok 11:36:42.0846 4812 [ 85111026F1C5A1C4CCE3697F0DA7BC1A ] C:\Windows\System32\drivers\BCMWL664.SYS 11:36:42.0846 4812 C:\Windows\System32\drivers\BCMWL664.SYS - ok 11:36:42.0862 4812 [ BD63E1904D19B624291C9F313A7B0ABB ] C:\Windows\System32\drivers\k57nd60a.sys 11:36:42.0862 4812 C:\Windows\System32\drivers\k57nd60a.sys - ok 11:36:42.0862 4812 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys 11:36:42.0862 4812 C:\Windows\System32\drivers\vwifibus.sys - ok 11:36:42.0877 4812 [ 2618E15514736FB469B105CE729B6D9D ] C:\Windows\System32\drivers\b57xdbd.sys 11:36:42.0877 4812 C:\Windows\System32\drivers\b57xdbd.sys - ok 11:36:42.0877 4812 [ FF7AA31BFFDC6C6870F64EAF8DEFE930 ] C:\Windows\System32\drivers\bScsiMSa.sys 11:36:42.0877 4812 C:\Windows\System32\drivers\bScsiMSa.sys - ok 11:36:42.0893 4812 [ E6CC56662F6C6B787A1FBEA4CD247AE0 ] C:\Windows\System32\drivers\bScsiSDa.sys 11:36:42.0893 4812 C:\Windows\System32\drivers\bScsiSDa.sys - ok 11:36:42.0893 4812 [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys 11:36:42.0893 4812 C:\Windows\System32\drivers\scsiport.sys - ok 11:36:42.0893 4812 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys 11:36:42.0893 4812 C:\Windows\System32\drivers\CmBatt.sys - ok 11:36:42.0908 4812 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys 11:36:42.0908 4812 C:\Windows\System32\drivers\i8042prt.sys - ok 11:36:42.0908 4812 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys 11:36:42.0908 4812 C:\Windows\System32\drivers\kbdclass.sys - ok 11:36:42.0924 4812 [ 57B534A913E81E7CF91C3D5854D2F80E ] C:\Windows\System32\drivers\SynTP.sys 11:36:42.0924 4812 C:\Windows\System32\drivers\SynTP.sys - ok 11:36:42.0924 4812 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys 11:36:42.0924 4812 C:\Windows\System32\drivers\usbd.sys - ok 11:36:42.0924 4812 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys 11:36:42.0924 4812 C:\Windows\System32\drivers\mouclass.sys - ok 11:36:42.0940 4812 [ EE3BA1024594D5D09E314F206B94069E ] C:\Windows\System32\drivers\NTIDrvr.sys 11:36:42.0940 4812 C:\Windows\System32\drivers\NTIDrvr.sys - ok 11:36:42.0940 4812 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] C:\Windows\System32\drivers\UBHelper.sys 11:36:42.0940 4812 C:\Windows\System32\drivers\UBHelper.sys - ok 11:36:42.0955 4812 [ 0FAD70B541338024A667AA5858BCFE62 ] \Device\1125141284 11:36:42.0955 4812 \Device\1125141284 - ok 11:36:42.0955 4812 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys 11:36:42.0955 4812 C:\Windows\System32\drivers\agilevpn.sys - ok 11:36:42.0955 4812 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys 11:36:42.0955 4812 C:\Windows\System32\drivers\CompositeBus.sys - ok 11:36:42.0971 4812 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys 11:36:42.0971 4812 C:\Windows\System32\drivers\intelppm.sys - ok 11:36:42.0971 4812 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys 11:36:42.0971 4812 C:\Windows\System32\drivers\wmiacpi.sys - ok 11:36:42.0971 4812 [ 5C2F352A4E961D72518261257AAE204B ] C:\Windows\System32\drivers\bridge.sys 11:36:42.0971 4812 C:\Windows\System32\drivers\bridge.sys - ok 11:36:42.0986 4812 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys 11:36:42.0986 4812 C:\Windows\System32\drivers\ndistapi.sys - ok 11:36:42.0986 4812 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys 11:36:42.0986 4812 C:\Windows\System32\drivers\ndiswan.sys - ok 11:36:43.0002 4812 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys 11:36:43.0002 4812 C:\Windows\System32\drivers\rasl2tp.sys - ok 11:36:43.0002 4812 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys 11:36:43.0002 4812 C:\Windows\System32\drivers\ks.sys - ok 11:36:43.0018 4812 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys 11:36:43.0018 4812 C:\Windows\System32\drivers\raspppoe.sys - ok 11:36:43.0018 4812 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys 11:36:43.0018 4812 C:\Windows\System32\drivers\raspptp.sys - ok 11:36:43.0018 4812 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys 11:36:43.0018 4812 C:\Windows\System32\drivers\rassstp.sys - ok 11:36:43.0033 4812 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys 11:36:43.0033 4812 C:\Windows\System32\drivers\swenum.sys - ok 11:36:43.0033 4812 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys 11:36:43.0033 4812 C:\Windows\System32\drivers\umbus.sys - ok 11:36:43.0049 4812 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys 11:36:43.0049 4812 C:\Windows\System32\drivers\usbhub.sys - ok 11:36:43.0049 4812 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll 11:36:43.0049 4812 C:\Windows\System32\gdi32.dll - ok 11:36:43.0049 4812 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll 11:36:43.0049 4812 C:\Windows\System32\comdlg32.dll - ok 11:36:43.0064 4812 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll 11:36:43.0064 4812 C:\Windows\System32\Wldap32.dll - ok 11:36:43.0064 4812 [ 8D4DEA45FCDF9FCFD9E31232A07E6EF9 ] C:\Windows\System32\iertutil.dll 11:36:43.0064 4812 C:\Windows\System32\iertutil.dll - ok 11:36:43.0080 4812 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll 11:36:43.0080 4812 C:\Windows\System32\clbcatq.dll - ok 11:36:43.0080 4812 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll 11:36:43.0080 4812 C:\Windows\System32\shell32.dll - ok 11:36:43.0080 4812 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll 11:36:43.0080 4812 C:\Windows\System32\sechost.dll - ok 11:36:43.0096 4812 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll 11:36:43.0096 4812 C:\Windows\System32\imagehlp.dll - ok 11:36:43.0096 4812 [ A4F6142CABA82FB7293ECE5FF864B440 ] C:\Windows\System32\wininet.dll 11:36:43.0096 4812 C:\Windows\System32\wininet.dll - ok 11:36:43.0111 4812 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll 11:36:43.0111 4812 C:\Windows\System32\oleaut32.dll - ok 11:36:43.0111 4812 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll 11:36:43.0111 4812 C:\Windows\System32\lpk.dll - ok 11:36:43.0111 4812 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll 11:36:43.0111 4812 C:\Windows\System32\msvcrt.dll - ok 11:36:43.0127 4812 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll 11:36:43.0127 4812 C:\Windows\System32\psapi.dll - ok 11:36:43.0127 4812 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll 11:36:43.0127 4812 C:\Windows\System32\rpcrt4.dll - ok 11:36:43.0142 4812 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll 11:36:43.0142 4812 C:\Windows\System32\user32.dll - ok 11:36:43.0142 4812 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys 11:36:43.0142 4812 C:\Windows\System32\drivers\ndproxy.sys - ok 11:36:43.0142 4812 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys 11:36:43.0142 4812 C:\Windows\System32\drivers\drmk.sys - ok 11:36:43.0158 4812 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys 11:36:43.0158 4812 C:\Windows\System32\drivers\portcls.sys - ok 11:36:43.0158 4812 [ 98F4E841EA43ED5A442F0DC60CAB4326 ] C:\Windows\System32\drivers\RTKVHD64.sys 11:36:43.0158 4812 C:\Windows\System32\drivers\RTKVHD64.sys - ok 11:36:43.0174 4812 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys 11:36:43.0174 4812 C:\Windows\System32\drivers\ksthunk.sys - ok 11:36:43.0174 4812 [ 36E1383019695CB722E685083C005FDD ] C:\Windows\System32\drivers\TotRec8.sys 11:36:43.0174 4812 C:\Windows\System32\drivers\TotRec8.sys - ok 11:36:43.0174 4812 [ BABA4F0E2978B69B4E0B260EF7150DD6 ] C:\Windows\System32\drivers\b57xdmp.sys 11:36:43.0174 4812 C:\Windows\System32\drivers\b57xdmp.sys - ok 11:36:43.0189 4812 [ AE594CC17C33AC146739494615E14851 ] C:\Windows\System32\drivers\IntcDAud.sys 11:36:43.0189 4812 C:\Windows\System32\drivers\IntcDAud.sys - ok 11:36:43.0189 4812 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll 11:36:43.0189 4812 C:\Windows\System32\nsi.dll - ok 11:36:43.0205 4812 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll 11:36:43.0205 4812 C:\Windows\System32\setupapi.dll - ok 11:36:43.0205 4812 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll 11:36:43.0205 4812 C:\Windows\System32\ole32.dll - ok 11:36:43.0205 4812 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys 11:36:43.0205 4812 C:\Windows\System32\drivers\usbccgp.sys - ok 11:36:43.0220 4812 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys 11:36:43.0220 4812 C:\Windows\System32\drivers\usbvideo.sys - ok 11:36:43.0220 4812 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll 11:36:43.0220 4812 C:\Windows\System32\ws2_32.dll - ok 11:36:43.0236 4812 [ D3A6792AED4841B4D055C7C80C815BB7 ] C:\Windows\System32\urlmon.dll 11:36:43.0236 4812 C:\Windows\System32\urlmon.dll - ok 11:36:43.0236 4812 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll 11:36:43.0236 4812 C:\Windows\System32\shlwapi.dll - ok 11:36:43.0236 4812 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll 11:36:43.0236 4812 C:\Windows\System32\kernel32.dll - ok 11:36:43.0236 4812 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll 11:36:43.0236 4812 C:\Windows\System32\msctf.dll - ok 11:36:43.0252 4812 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll 11:36:43.0252 4812 C:\Windows\System32\difxapi.dll - ok 11:36:43.0252 4812 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll 11:36:43.0252 4812 C:\Windows\System32\advapi32.dll - ok 11:36:43.0252 4812 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll 11:36:43.0252 4812 C:\Windows\System32\usp10.dll - ok 11:36:43.0267 4812 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll 11:36:43.0267 4812 C:\Windows\System32\imm32.dll - ok 11:36:43.0267 4812 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll 11:36:43.0267 4812 C:\Windows\System32\normaliz.dll - ok 11:36:43.0283 4812 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll 11:36:43.0283 4812 C:\Windows\System32\crypt32.dll - ok 11:36:43.0283 4812 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll 11:36:43.0283 4812 C:\Windows\System32\KernelBase.dll - ok 11:36:43.0283 4812 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll 11:36:43.0283 4812 C:\Windows\System32\cfgmgr32.dll - ok 11:36:43.0298 4812 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll 11:36:43.0298 4812 C:\Windows\System32\comctl32.dll - ok 11:36:43.0298 4812 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll 11:36:43.0298 4812 C:\Windows\System32\devobj.dll - ok 11:36:43.0298 4812 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll 11:36:43.0298 4812 C:\Windows\System32\wintrust.dll - ok 11:36:43.0314 4812 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll 11:36:43.0314 4812 C:\Windows\System32\msasn1.dll - ok 11:36:43.0314 4812 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll 11:36:43.0314 4812 C:\Windows\SysWOW64\normaliz.dll - ok 11:36:43.0330 4812 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys 11:36:43.0330 4812 C:\Windows\System32\drivers\dxapi.sys - ok 11:36:43.0330 4812 [ 86F96630D28523F1C402C783F046DEF1 ] C:\Windows\System32\win32k.sys 11:36:43.0330 4812 C:\Windows\System32\win32k.sys - ok 11:36:43.0330 4812 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll 11:36:43.0330 4812 C:\Windows\System32\csrsrv.dll - ok 11:36:43.0345 4812 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe 11:36:43.0345 4812 C:\Windows\System32\csrss.exe - ok 11:36:43.0345 4812 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll 11:36:43.0345 4812 C:\Windows\System32\basesrv.dll - ok 11:36:43.0345 4812 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll 11:36:43.0345 4812 C:\Windows\System32\winsrv.dll - ok 11:36:43.0361 4812 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys 11:36:43.0361 4812 C:\Windows\System32\drivers\monitor.sys - ok 11:36:43.0361 4812 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll 11:36:43.0361 4812 C:\Windows\System32\sxssrv.dll - ok 11:36:43.0361 4812 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll 11:36:43.0361 4812 C:\Windows\System32\tsddd.dll - ok 11:36:43.0376 4812 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe 11:36:43.0376 4812 C:\Windows\System32\wininit.exe - ok 11:36:43.0376 4812 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL 11:36:43.0376 4812 C:\Windows\System32\KBDUS.DLL - ok 11:36:43.0376 4812 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll 11:36:43.0376 4812 C:\Windows\System32\profapi.dll - ok 11:36:43.0392 4812 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll 11:36:43.0392 4812 C:\Windows\System32\RpcRtRemote.dll - ok 11:36:43.0392 4812 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll 11:36:43.0392 4812 C:\Windows\System32\cdd.dll - ok 11:36:43.0392 4812 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll 11:36:43.0392 4812 C:\Windows\System32\sxs.dll - ok 11:36:43.0408 4812 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll 11:36:43.0408 4812 C:\Windows\System32\WlS0WndH.dll - ok 11:36:43.0408 4812 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll 11:36:43.0408 4812 C:\Windows\System32\cryptbase.dll - ok 11:36:43.0408 4812 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll 11:36:43.0423 4812 C:\Windows\System32\apphelp.dll - ok 11:36:43.0423 4812 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe 11:36:43.0423 4812 C:\Windows\System32\services.exe - ok 11:36:43.0423 4812 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe 11:36:43.0423 4812 C:\Windows\System32\lsass.exe - ok 11:36:43.0439 4812 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe 11:36:43.0439 4812 C:\Windows\System32\lsm.exe - ok 11:36:43.0439 4812 [ 8784236EED5079493DA9FC95B28B89F8 ] C:\Windows\System32\WerFault.exe 11:36:43.0439 4812 C:\Windows\System32\WerFault.exe - ok 11:36:43.0439 4812 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe 11:36:43.0439 4812 C:\Windows\System32\winlogon.exe - ok 11:36:43.0454 4812 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll 11:36:43.0454 4812 C:\Windows\System32\sspisrv.dll - ok 11:36:43.0454 4812 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll 11:36:43.0454 4812 C:\Windows\System32\lsasrv.dll - ok 11:36:43.0454 4812 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll 11:36:43.0454 4812 C:\Windows\System32\sspicli.dll - ok 11:36:43.0470 4812 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll 11:36:43.0470 4812 C:\Windows\System32\sysntfy.dll - ok 11:36:43.0470 4812 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll 11:36:43.0470 4812 C:\Windows\System32\wer.dll - ok 11:36:43.0470 4812 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll 11:36:43.0470 4812 C:\Windows\System32\winsta.dll - ok 11:36:43.0486 4812 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll 11:36:43.0486 4812 C:\Windows\System32\wmsgapi.dll - ok 11:36:43.0486 4812 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll 11:36:43.0486 4812 C:\Windows\System32\samsrv.dll - ok 11:36:43.0486 4812 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll 11:36:43.0486 4812 C:\Windows\System32\scesrv.dll - ok 11:36:43.0501 4812 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll 11:36:43.0501 4812 C:\Windows\System32\scext.dll - ok 11:36:43.0501 4812 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll 11:36:43.0501 4812 C:\Windows\System32\secur32.dll - ok 11:36:43.0501 4812 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll 11:36:43.0501 4812 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok 11:36:43.0517 4812 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll 11:36:43.0517 4812 C:\Windows\System32\srvcli.dll - ok 11:36:43.0517 4812 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll 11:36:43.0517 4812 C:\Windows\System32\cryptdll.dll - ok 11:36:43.0532 4812 [ F152755F131ADFE452D534F4E9383590 ] C:\Windows\System32\Faultrep.dll 11:36:43.0532 4812 C:\Windows\System32\Faultrep.dll - ok 11:36:43.0532 4812 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll 11:36:43.0532 4812 C:\Windows\System32\wevtapi.dll - ok 11:36:43.0532 4812 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll 11:36:43.0532 4812 C:\Windows\System32\authz.dll - ok 11:36:43.0548 4812 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll 11:36:43.0548 4812 C:\Windows\System32\cngaudit.dll - ok 11:36:43.0548 4812 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll 11:36:43.0548 4812 C:\Windows\System32\wkscli.dll - ok 11:36:43.0548 4812 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll 11:36:43.0548 4812 C:\Windows\System32\ncrypt.dll - ok 11:36:43.0564 4812 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll 11:36:43.0564 4812 C:\Windows\System32\bcrypt.dll - ok 11:36:43.0564 4812 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll 11:36:43.0564 4812 C:\Windows\System32\msprivs.dll - ok 11:36:43.0564 4812 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll 11:36:43.0564 4812 C:\Windows\System32\negoexts.dll - ok 11:36:43.0579 4812 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll 11:36:43.0579 4812 C:\Windows\System32\netjoin.dll - ok 11:36:43.0579 4812 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll 11:36:43.0579 4812 C:\Windows\System32\kerberos.dll - ok 11:36:43.0579 4812 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll 11:36:43.0579 4812 C:\Windows\System32\cryptsp.dll - ok 11:36:43.0595 4812 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll 11:36:43.0595 4812 C:\Windows\System32\mswsock.dll - ok 11:36:43.0595 4812 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll 11:36:43.0595 4812 C:\Windows\System32\msv1_0.dll - ok 11:36:43.0595 4812 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll 11:36:43.0595 4812 C:\Windows\System32\wship6.dll - ok 11:36:43.0610 4812 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll 11:36:43.0610 4812 C:\Windows\System32\netlogon.dll - ok 11:36:43.0610 4812 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll 11:36:43.0610 4812 C:\Windows\System32\dnsapi.dll - ok 11:36:43.0626 4812 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll 11:36:43.0626 4812 C:\Windows\System32\logoncli.dll - ok 11:36:43.0626 4812 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll 11:36:43.0626 4812 C:\Windows\System32\schannel.dll - ok 11:36:43.0626 4812 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll 11:36:43.0626 4812 C:\Windows\System32\wdigest.dll - ok 11:36:43.0642 4812 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll 11:36:43.0642 4812 C:\Windows\System32\rsaenh.dll - ok 11:36:43.0642 4812 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll 11:36:43.0642 4812 C:\Windows\System32\TSpkg.dll - ok 11:36:43.0642 4812 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll 11:36:43.0642 4812 C:\Windows\System32\pku2u.dll - ok 11:36:43.0657 4812 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL 11:36:43.0657 4812 C:\Windows\System32\LIVESSP.DLL - ok 11:36:43.0657 4812 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll 11:36:43.0657 4812 C:\Windows\System32\bcryptprimitives.dll - ok 11:36:43.0657 4812 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll 11:36:43.0657 4812 C:\Windows\System32\credssp.dll - ok 11:36:43.0673 4812 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll 11:36:43.0673 4812 C:\Windows\System32\efslsaext.dll - ok 11:36:43.0673 4812 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll 11:36:43.0673 4812 C:\Windows\System32\scecli.dll - ok 11:36:43.0673 4812 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll 11:36:43.0673 4812 C:\Windows\System32\ubpm.dll - ok 11:36:43.0688 4812 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll 11:36:43.0688 4812 C:\Windows\System32\netutils.dll - ok 11:36:43.0688 4812 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe 11:36:43.0688 4812 C:\Windows\System32\svchost.exe - ok 11:36:43.0688 4812 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll 11:36:43.0688 4812 C:\Windows\System32\umpnpmgr.dll - ok 11:36:43.0704 4812 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll 11:36:43.0704 4812 C:\Windows\System32\SPInf.dll - ok 11:36:43.0704 4812 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll 11:36:43.0704 4812 C:\Windows\System32\devrtl.dll - ok 11:36:43.0704 4812 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll 11:36:43.0704 4812 C:\Windows\System32\gpapi.dll - ok 11:36:43.0720 4812 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll 11:36:43.0720 4812 C:\Windows\System32\userenv.dll - ok 11:36:43.0720 4812 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll 11:36:43.0720 4812 C:\Windows\System32\pcwum.dll - ok 11:36:43.0735 4812 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll 11:36:43.0735 4812 C:\Windows\System32\umpo.dll - ok 11:36:43.0735 4812 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll 11:36:43.0735 4812 C:\Windows\System32\powrprof.dll - ok 11:36:43.0735 4812 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys 11:36:43.0735 4812 C:\Windows\System32\drivers\luafv.sys - ok 11:36:43.0751 4812 [ F3F5F2FDE0DEABA4F2CE336E9454FAE2 ] C:\Windows\System32\drivers\aswFsBlk.sys 11:36:43.0751 4812 C:\Windows\System32\drivers\aswFsBlk.sys - ok 11:36:43.0751 4812 [ 90980D5291F8E725700272E4B64EDA10 ] C:\Windows\System32\drivers\aswMonFlt.sys 11:36:43.0751 4812 C:\Windows\System32\drivers\aswMonFlt.sys - ok 11:36:43.0751 4812 [ 0BB97D43299910CBFBA59C461B99B910 ] C:\Windows\System32\drivers\mbam.sys 11:36:43.0751 4812 C:\Windows\System32\drivers\mbam.sys - ok 11:36:43.0766 4812 [ 8F571F016FA1976F445147E9E6C8AE9B ] C:\Windows\System32\drivers\Sftvollh.sys 11:36:43.0766 4812 C:\Windows\System32\drivers\Sftvollh.sys - ok 11:36:43.0766 4812 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll 11:36:43.0766 4812 C:\Windows\System32\rpcss.dll - ok 11:36:43.0766 4812 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll 11:36:43.0766 4812 C:\Windows\System32\RpcEpMap.dll - ok 11:36:43.0782 4812 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL 11:36:43.0782 4812 C:\Windows\System32\WSHTCPIP.DLL - ok 11:36:43.0782 4812 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll 11:36:43.0782 4812 C:\Windows\System32\wshqos.dll - ok 11:36:43.0782 4812 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll 11:36:43.0782 4812 C:\Windows\System32\FirewallAPI.dll - ok 11:36:43.0798 4812 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe 11:36:43.0798 4812 C:\Windows\System32\LogonUI.exe - ok 11:36:43.0798 4812 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll 11:36:43.0798 4812 C:\Windows\System32\authui.dll - ok 11:36:43.0798 4812 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll 11:36:43.0798 4812 C:\Windows\System32\version.dll - ok 11:36:43.0813 4812 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll 11:36:43.0813 4812 C:\Windows\System32\wevtsvc.dll - ok 11:36:43.0813 4812 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll 11:36:43.0813 4812 C:\Windows\System32\cryptui.dll - ok 11:36:43.0829 4812 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll 11:36:43.0829 4812 C:\Windows\System32\shacct.dll - ok 11:36:43.0829 4812 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll 11:36:43.0829 4812 C:\Windows\System32\samlib.dll - ok 11:36:43.0829 4812 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll 11:36:43.0829 4812 C:\Windows\System32\netprofm.dll - ok 11:36:43.0844 4812 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll 11:36:43.0844 4812 C:\Windows\System32\propsys.dll - ok 11:36:43.0844 4812 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll 11:36:43.0844 4812 C:\Windows\System32\audiosrv.dll - ok 11:36:43.0844 4812 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll 11:36:43.0844 4812 C:\Windows\System32\FntCache.dll - ok 11:36:43.0860 4812 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll 11:36:43.0860 4812 C:\Windows\System32\avrt.dll - ok 11:36:43.0860 4812 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll 11:36:43.0860 4812 C:\Windows\System32\mmcss.dll - ok 11:36:43.0860 4812 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll 11:36:43.0860 4812 C:\Windows\System32\adtschema.dll - ok 11:36:43.0860 4812 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll 11:36:43.0860 4812 C:\Windows\System32\MMDevAPI.dll - ok 11:36:43.0876 4812 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll 11:36:43.0876 4812 C:\Windows\System32\uxtheme.dll - ok 11:36:43.0876 4812 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll 11:36:43.0876 4812 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok 11:36:43.0876 4812 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll 11:36:43.0876 4812 C:\Windows\System32\wlansvc.dll - ok 11:36:43.0891 4812 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe 11:36:43.0891 4812 C:\Windows\System32\audiodg.exe - ok 11:36:43.0891 4812 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll 11:36:43.0891 4812 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok 11:36:43.0907 4812 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys 11:36:43.0907 4812 C:\Windows\System32\drivers\fltMgr.sys - ok 11:36:43.0907 4812 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll 11:36:43.0907 4812 C:\Windows\System32\ntmarta.dll - ok 11:36:43.0907 4812 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL 11:36:43.0907 4812 C:\Windows\System32\PSHED.DLL - ok 11:36:43.0922 4812 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll 11:36:43.0922 4812 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok 11:36:43.0922 4812 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll 11:36:43.0922 4812 C:\Windows\System32\dui70.dll - ok 11:36:43.0922 4812 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll 11:36:43.0922 4812 C:\Windows\System32\gpsvc.dll - ok 11:36:43.0922 4812 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll 11:36:43.0922 4812 C:\Windows\System32\duser.dll - ok 11:36:43.0938 4812 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll 11:36:43.0938 4812 C:\Windows\System32\winmm.dll - ok 11:36:43.0938 4812 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll 11:36:43.0938 4812 C:\Windows\System32\nlaapi.dll - ok 11:36:43.0954 4812 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll 11:36:43.0954 4812 C:\Windows\System32\profsvc.dll - ok 11:36:43.0954 4812 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll 11:36:43.0954 4812 C:\Windows\System32\SndVolSSO.dll - ok 11:36:43.0954 4812 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll 11:36:43.0954 4812 C:\Windows\System32\atl.dll - ok 11:36:43.0954 4812 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll 11:36:43.0954 4812 C:\Windows\System32\hid.dll - ok 11:36:43.0969 4812 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv 11:36:43.0969 4812 C:\Windows\System32\wdmaud.drv - ok 11:36:43.0969 4812 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll 11:36:43.0969 4812 C:\Windows\System32\dsrole.dll - ok 11:36:43.0969 4812 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll 11:36:43.0969 4812 C:\Windows\System32\ksuser.dll - ok 11:36:43.0985 4812 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll 11:36:43.0985 4812 C:\Windows\System32\slc.dll - ok 11:36:43.0985 4812 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll 11:36:43.0985 4812 C:\Windows\System32\themeservice.dll - ok 11:36:43.0985 4812 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll 11:36:43.0985 4812 C:\Windows\System32\dwmapi.dll - ok 11:36:44.0000 4812 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll 11:36:44.0000 4812 C:\Windows\System32\es.dll - ok 11:36:44.0000 4812 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll 11:36:44.0000 4812 C:\Windows\System32\xmllite.dll - ok 11:36:44.0000 4812 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll 11:36:44.0000 4812 C:\Windows\System32\comres.dll - ok 11:36:44.0016 4812 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll 11:36:44.0016 4812 C:\Windows\System32\Sens.dll - ok 11:36:44.0016 4812 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys 11:36:44.0016 4812 C:\Windows\System32\drivers\lltdio.sys - ok 11:36:44.0016 4812 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys 11:36:44.0016 4812 C:\Windows\System32\drivers\nwifi.sys - ok 11:36:44.0032 4812 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll 11:36:44.0032 4812 C:\Windows\System32\uxsms.dll - ok 11:36:44.0032 4812 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll 11:36:44.0032 4812 C:\Windows\System32\wtsapi32.dll - ok 11:36:44.0032 4812 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll 11:36:44.0032 4812 C:\Windows\System32\AudioSes.dll - ok 11:36:44.0047 4812 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys 11:36:44.0047 4812 C:\Windows\System32\drivers\ndisuio.sys - ok 11:36:44.0047 4812 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys 11:36:44.0047 4812 C:\Windows\System32\drivers\rspndr.sys - ok 11:36:44.0047 4812 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL 11:36:44.0047 4812 C:\Windows\System32\IPHLPAPI.DLL - ok 11:36:44.0063 4812 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll 11:36:44.0063 4812 C:\Windows\System32\lmhsvc.dll - ok 11:36:44.0063 4812 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll 11:36:44.0063 4812 C:\Windows\System32\nsisvc.dll - ok 11:36:44.0063 4812 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll 11:36:44.0063 4812 C:\Windows\System32\dhcpcore.dll - ok 11:36:44.0078 4812 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll 11:36:44.0078 4812 C:\Windows\System32\nrpsrv.dll - ok 11:36:44.0078 4812 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll 11:36:44.0078 4812 C:\Windows\System32\winnsi.dll - ok 11:36:44.0078 4812 [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll 11:36:44.0078 4812 C:\Windows\System32\WindowsCodecs.dll - ok 11:36:44.0094 4812 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll 11:36:44.0094 4812 C:\Windows\System32\dhcpcore6.dll - ok 11:36:44.0094 4812 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll 11:36:44.0094 4812 C:\Windows\System32\dnsrslvr.dll - ok 11:36:44.0094 4812 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll 11:36:44.0094 4812 C:\Windows\System32\eapphost.dll - ok 11:36:44.0110 4812 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll 11:36:44.0110 4812 C:\Windows\System32\eapsvc.dll - ok 11:36:44.0110 4812 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll 11:36:44.0110 4812 C:\Windows\System32\keyiso.dll - ok 11:36:44.0110 4812 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv 11:36:44.0110 4812 C:\Windows\System32\msacm32.drv - ok 11:36:44.0125 4812 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll 11:36:44.0125 4812 C:\Windows\System32\msacm32.dll - ok 11:36:44.0125 4812 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL 11:36:44.0125 4812 C:\Windows\System32\FWPUCLNT.DLL - ok 11:36:44.0125 4812 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll 11:36:44.0125 4812 C:\Windows\System32\midimap.dll - ok 11:36:44.0141 4812 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll 11:36:44.0141 4812 C:\Windows\System32\umb.dll - ok 11:36:44.0141 4812 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll 11:36:44.0141 4812 C:\Windows\System32\dnsext.dll - ok 11:36:44.0141 4812 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll 11:36:44.0141 4812 C:\Windows\System32\wlanmsm.dll - ok 11:36:44.0156 4812 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll 11:36:44.0156 4812 C:\Windows\System32\AudioEng.dll - ok 11:36:44.0156 4812 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll 11:36:44.0156 4812 C:\Windows\System32\dhcpcsvc.dll - ok 11:36:44.0156 4812 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll 11:36:44.0156 4812 C:\Windows\System32\dhcpcsvc6.dll - ok 11:36:44.0172 4812 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll 11:36:44.0172 4812 C:\Windows\System32\wlansec.dll - ok 11:36:44.0172 4812 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll 11:36:44.0172 4812 C:\Windows\System32\winbrand.dll - ok 11:36:44.0172 4812 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll 11:36:44.0172 4812 C:\Windows\System32\VaultCredProvider.dll - ok 11:36:44.0188 4812 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll 11:36:44.0188 4812 C:\Windows\System32\onex.dll - ok 11:36:44.0188 4812 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll 11:36:44.0188 4812 C:\Windows\System32\AUDIOKSE.dll - ok 11:36:44.0188 4812 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll 11:36:44.0188 4812 C:\Windows\System32\eappprxy.dll - ok 11:36:44.0203 4812 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll 11:36:44.0203 4812 C:\Windows\System32\SmartcardCredentialProvider.dll - ok 11:36:44.0203 4812 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll 11:36:44.0203 4812 C:\Windows\System32\eappcfg.dll - ok 11:36:44.0203 4812 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll 11:36:44.0203 4812 C:\Windows\System32\BioCredProv.dll - ok 11:36:44.0219 4812 [ 448E073D8FA3016DBA69EF2421B6F9D9 ] C:\Windows\System32\RtkAPO64.dll 11:36:44.0219 4812 C:\Windows\System32\RtkAPO64.dll - ok 11:36:44.0219 4812 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll 11:36:44.0219 4812 C:\Windows\System32\winbio.dll - ok 11:36:44.0219 4812 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll 11:36:44.0219 4812 C:\Windows\System32\credui.dll - ok 11:36:44.0234 4812 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll 11:36:44.0234 4812 C:\Windows\System32\wlgpclnt.dll - ok 11:36:44.0234 4812 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll 11:36:44.0234 4812 C:\Windows\System32\l2gpstore.dll - ok 11:36:44.0234 4812 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll 11:36:44.0234 4812 C:\Windows\System32\WinSCard.dll - ok 11:36:44.0250 4812 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll 11:36:44.0250 4812 C:\Windows\System32\wlanutil.dll - ok 11:36:44.0250 4812 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll 11:36:44.0250 4812 C:\Windows\System32\netapi32.dll - ok 11:36:44.0250 4812 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll 11:36:44.0250 4812 C:\Windows\System32\vaultcli.dll - ok 11:36:44.0266 4812 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll 11:36:44.0266 4812 C:\Windows\System32\samcli.dll - ok 11:36:44.0266 4812 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll 11:36:44.0266 4812 C:\Windows\System32\msxml6.dll - ok 11:36:44.0266 4812 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll 11:36:44.0266 4812 C:\Windows\System32\certCredProvider.dll - ok 11:36:44.0281 4812 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL 11:36:44.0281 4812 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok 11:36:44.0281 4812 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll 11:36:44.0281 4812 C:\Windows\System32\rasplap.dll - ok 11:36:44.0281 4812 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll 11:36:44.0281 4812 C:\Windows\System32\rasapi32.dll - ok 11:36:44.0297 4812 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll 11:36:44.0297 4812 C:\Windows\System32\rasman.dll - ok 11:36:44.0297 4812 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll 11:36:44.0297 4812 C:\Windows\System32\rtutils.dll - ok 11:36:44.0297 4812 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll 11:36:44.0297 4812 C:\Windows\System32\UXInit.dll - ok 11:36:44.0312 4812 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe 11:36:44.0312 4812 C:\Windows\System32\wlanext.exe - ok 11:36:44.0312 4812 [ 6F702A7EA2D5F2B55CC90C333FBE9978 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe 11:36:44.0312 4812 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok 11:36:44.0312 4812 [ B90443404596E62B2E60A9EEA5FAF5CA ] C:\Windows\System32\R4EED64A.dll 11:36:44.0312 4812 C:\Windows\System32\R4EED64A.dll - ok 11:36:44.0328 4812 [ E0B4052B55114ACD0BFE627AE050E751 ] C:\Windows\System32\R4EEL64A.dll 11:36:44.0328 4812 C:\Windows\System32\R4EEL64A.dll - ok 11:36:44.0328 4812 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll 11:36:44.0328 4812 C:\Windows\System32\imageres.dll - ok 11:36:44.0328 4812 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll 11:36:44.0328 4812 C:\Windows\SysWOW64\ntdll.dll - ok 11:36:44.0344 4812 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe 11:36:44.0344 4812 C:\Windows\System32\conhost.exe - ok 11:36:44.0344 4812 [ C815DC37FF8DC0F2F3FD5DA3174373D8 ] C:\Windows\System32\bcmihvsrv64.dll 11:36:44.0344 4812 C:\Windows\System32\bcmihvsrv64.dll - ok 11:36:44.0344 4812 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll 11:36:44.0344 4812 C:\Windows\System32\wow64.dll - ok 11:36:44.0359 4812 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll 11:36:44.0359 4812 C:\Windows\System32\wow64win.dll - ok 11:36:44.0359 4812 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll 11:36:44.0359 4812 C:\Windows\System32\wow64cpu.dll - ok 11:36:44.0359 4812 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll 11:36:44.0359 4812 C:\Windows\SysWOW64\kernel32.dll - ok 11:36:44.0375 4812 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll 11:36:44.0375 4812 C:\Windows\SysWOW64\KernelBase.dll - ok 11:36:44.0375 4812 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll 11:36:44.0375 4812 C:\Windows\SysWOW64\msvcrt.dll - ok 11:36:44.0375 4812 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll 11:36:44.0375 4812 C:\Windows\SysWOW64\ws2_32.dll - ok 11:36:44.0390 4812 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll 11:36:44.0390 4812 C:\Windows\System32\wlanapi.dll - ok 11:36:44.0390 4812 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll 11:36:44.0390 4812 C:\Windows\SysWOW64\rpcrt4.dll - ok 11:36:44.0390 4812 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll 11:36:44.0390 4812 C:\Windows\SysWOW64\cryptbase.dll - ok 11:36:44.0406 4812 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll 11:36:44.0406 4812 C:\Windows\SysWOW64\nsi.dll - ok 11:36:44.0406 4812 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll 11:36:44.0406 4812 C:\Windows\SysWOW64\sechost.dll - ok 11:36:44.0406 4812 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll 11:36:44.0406 4812 C:\Windows\SysWOW64\sspicli.dll - ok 11:36:44.0422 4812 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll 11:36:44.0422 4812 C:\Windows\System32\netcfgx.dll - ok 11:36:44.0422 4812 [ E98E2320D1F9054A0DEF120424370731 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll 11:36:44.0422 4812 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok 11:36:44.0422 4812 [ 1A9C97986CCC3B2175C1FB5AA2E6C723 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll 11:36:44.0422 4812 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok 11:36:44.0437 4812 [ 35C32583274ECD29D1E8ACE82B26B86D ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll 11:36:44.0437 4812 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok 11:36:44.0437 4812 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll 11:36:44.0437 4812 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok 11:36:44.0437 4812 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll 11:36:44.0437 4812 C:\Windows\SysWOW64\user32.dll - ok 11:36:44.0453 4812 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll 11:36:44.0453 4812 C:\Windows\SysWOW64\gdi32.dll - ok 11:36:44.0453 4812 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll 11:36:44.0453 4812 C:\Windows\SysWOW64\lpk.dll - ok 11:36:44.0453 4812 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll 11:36:44.0453 4812 C:\Windows\SysWOW64\usp10.dll - ok 11:36:44.0468 4812 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll 11:36:44.0468 4812 C:\Windows\SysWOW64\advapi32.dll - ok 11:36:44.0468 4812 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll 11:36:44.0468 4812 C:\Windows\SysWOW64\ole32.dll - ok 11:36:44.0468 4812 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll 11:36:44.0468 4812 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok 11:36:44.0484 4812 [ 63EAA3A49AC370CCD93C7469991EC8CE ] C:\Program Files\AVAST Software\Avast\ashBase.dll 11:36:44.0484 4812 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok 11:36:44.0484 4812 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll 11:36:44.0484 4812 C:\Windows\SysWOW64\wsock32.dll - ok 11:36:44.0484 4812 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll 11:36:44.0484 4812 C:\Windows\SysWOW64\version.dll - ok 11:36:44.0500 4812 [ 3E3D34F70C026755069F97FB94DA44F3 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll 11:36:44.0500 4812 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok 11:36:44.0500 4812 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll 11:36:44.0500 4812 C:\Windows\SysWOW64\crypt32.dll - ok 11:36:44.0500 4812 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll 11:36:44.0500 4812 C:\Windows\SysWOW64\psapi.dll - ok 11:36:44.0515 4812 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll 11:36:44.0515 4812 C:\Windows\SysWOW64\msasn1.dll - ok 11:36:44.0515 4812 [ C5B6468422DB1C8AA36C32CBB0197E5E ] C:\Windows\SysWOW64\wininet.dll 11:36:44.0515 4812 C:\Windows\SysWOW64\wininet.dll - ok 11:36:44.0515 4812 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll 11:36:44.0515 4812 C:\Windows\SysWOW64\shlwapi.dll - ok 11:36:44.0531 4812 [ 9BDDA34DC4890169DE5BA21134B33EFB ] C:\Windows\SysWOW64\iertutil.dll 11:36:44.0531 4812 C:\Windows\SysWOW64\iertutil.dll - ok 11:36:44.0531 4812 [ 4E7F83E1F6AEFA38E270EA7353D6911E ] C:\Windows\SysWOW64\urlmon.dll 11:36:44.0531 4812 C:\Windows\SysWOW64\urlmon.dll - ok 11:36:44.0531 4812 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll 11:36:44.0531 4812 C:\Windows\SysWOW64\oleaut32.dll - ok 11:36:44.0546 4812 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll 11:36:44.0546 4812 C:\Windows\SysWOW64\imm32.dll - ok 11:36:44.0546 4812 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll 11:36:44.0546 4812 C:\Windows\SysWOW64\msctf.dll - ok 11:36:44.0546 4812 [ BD5FA21C26EBB59CB600200A8671227A ] C:\Program Files\AVAST Software\Avast\avBugReport.exe 11:36:44.0546 4812 C:\Program Files\AVAST Software\Avast\avBugReport.exe - ok 11:36:44.0562 4812 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll 11:36:44.0562 4812 C:\Windows\SysWOW64\apphelp.dll - ok 11:36:44.0562 4812 [ 5C5E3AFD499E5146FEF1DA5EF8A23205 ] C:\Program Files\AVAST Software\Avast\dbghelp.dll 11:36:44.0562 4812 C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok 11:36:44.0562 4812 [ A5D89E141E45EF43ECBDCE542DA4756D ] C:\Program Files\AVAST Software\Avast\1033\Base.dll 11:36:44.0562 4812 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok 11:36:44.0562 4812 [ 71B8796EFAD104E0ED00FC3F9BB6420D ] C:\Program Files\AVAST Software\Avast\ashServ.dll 11:36:44.0562 4812 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok 11:36:44.0578 4812 [ A61AF2CB66DE554C66707B9BECB25514 ] C:\Program Files\AVAST Software\Avast\aswAux.dll 11:36:44.0578 4812 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok 11:36:44.0578 4812 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll 11:36:44.0578 4812 C:\Windows\System32\shsvcs.dll - ok 11:36:44.0578 4812 [ 5FF1382716DED97328800ACF723735F1 ] C:\Program Files\AVAST Software\Avast\ashTask.dll 11:36:44.0578 4812 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok 11:36:44.0593 4812 [ A8A18342AFADD0FF96F574B1584183E5 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll 11:36:44.0593 4812 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok 11:36:44.0593 4812 [ 84197F4A9771F1449AECD875ABBD1714 ] C:\Program Files\AVAST Software\Avast\aswLog.dll 11:36:44.0593 4812 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok 11:36:44.0609 4812 [ 2BE7DE09FAFB15D63B0B29CCADAE45F0 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll 11:36:44.0609 4812 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok 11:36:44.0609 4812 [ DA78BBCACDC47DA176EF73B873F56E5B ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll 11:36:44.0609 4812 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok 11:36:44.0609 4812 [ 140160C67EE2CDCFD519B4E748D0D647 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll 11:36:44.0609 4812 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok 11:36:44.0624 4812 [ 2F6762E0EFA2DB10FC1BD016E5173633 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll 11:36:44.0624 4812 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok 11:36:44.0624 4812 [ 62D4ECAE2F624C79CED6FB1616EA0F63 ] C:\Program Files\AVAST Software\Avast\avastIP.dll 11:36:44.0624 4812 C:\Program Files\AVAST Software\Avast\avastIP.dll - ok 11:36:44.0624 4812 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL 11:36:44.0624 4812 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok 11:36:44.0640 4812 [ FE7C897B1D6C7C1EB1C6D6E012861F03 ] C:\Program Files\AVAST Software\Avast\aswDld.dll 11:36:44.0640 4812 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok 11:36:44.0640 4812 [ 0D16A422EF8C031796B602D7A6B57B3C ] C:\Program Files\AVAST Software\Avast\aswIdle.dll 11:36:44.0640 4812 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok 11:36:44.0640 4812 [ 88A5CA827BEFFC6B47EEEE2BD277E092 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll 11:36:44.0640 4812 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
  9. 11:34:05.0541 2980 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 11:34:07.0491 2980 ============================================================ 11:34:07.0491 2980 Current date / time: 2013/05/06 11:34:07.0491 11:34:07.0491 2980 SystemInfo: 11:34:07.0491 2980 11:34:07.0491 2980 OS Version: 6.1.7601 ServicePack: 1.0 11:34:07.0491 2980 Product type: Workstation 11:34:07.0491 2980 ComputerName: 誓いのメタル・ 11:34:07.0491 2980 UserName: Heavy Metal Miku 11:34:07.0491 2980 Windows directory: C:\Windows 11:34:07.0491 2980 System windows directory: C:\Windows 11:34:07.0491 2980 Running under WOW64 11:34:07.0491 2980 Processor architecture: Intel x64 11:34:07.0491 2980 Number of processors: 2 11:34:07.0491 2980 Page size: 0x1000 11:34:07.0491 2980 Boot type: Normal boot 11:34:07.0491 2980 ============================================================ 11:34:08.0286 2980 BG loaded 11:34:09.0955 2980 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:34:09.0955 2980 ============================================================ 11:34:09.0955 2980 \Device\Harddisk0\DR0: 11:34:09.0955 2980 MBR partitions: 11:34:09.0955 2980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x203A800, BlocksNum 0x32000 11:34:09.0955 2980 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x206C800, BlocksNum 0x38319000 11:34:09.0955 2980 ============================================================ 11:34:10.0143 2980 C: <-> \Device\Harddisk0\DR0\Partition2 11:34:10.0143 2980 ============================================================ 11:34:10.0143 2980 Initialize success 11:34:10.0143 2980 ============================================================ 11:34:54.0660 4812 ============================================================ 11:34:54.0660 4812 Scan started 11:34:54.0675 4812 Mode: Manual; SigCheck; TDLFS; 11:34:54.0675 4812 ============================================================ 11:35:06.0469 4812 ================ Scan system memory ======================== 11:35:06.0469 4812 System memory - ok 11:35:06.0469 4812 ================ Scan services ============================= 11:35:07.0857 4812 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 11:35:09.0199 4812 1394ohci - ok 11:35:10.0182 4812 [ 8ACBB0D11A99EF06BFFD09C5B4DF0925 ] 4170085drv C:\Windows\system32\DRIVERS\4170085drv.sys 11:35:10.0260 4812 4170085drv - ok 11:35:10.0650 4812 [ E656FE10D6D27794AFA08136685A69E8 ] 93093138 C:\Windows\system32\DRIVERS\93093138.sys 11:35:10.0712 4812 93093138 - ok 11:35:10.0837 4812 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 11:35:10.0899 4812 ACPI - ok 11:35:11.0040 4812 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 11:35:12.0381 4812 AcpiPmi - ok 11:35:13.0177 4812 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe 11:35:13.0208 4812 AdobeActiveFileMonitor9.0 - ok 11:35:13.0723 4812 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 11:35:13.0770 4812 AdobeARMservice - ok 11:35:14.0347 4812 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 11:35:14.0378 4812 AdobeFlashPlayerUpdateSvc - ok 11:35:14.0659 4812 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 11:35:14.0721 4812 adp94xx - ok 11:35:14.0955 4812 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 11:35:15.0002 4812 adpahci - ok 11:35:15.0127 4812 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 11:35:15.0158 4812 adpu320 - ok 11:35:15.0564 4812 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 11:35:15.0689 4812 AeLookupSvc - ok 11:35:16.0016 4812 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 11:35:16.0687 4812 AFD - ok 11:35:17.0030 4812 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 11:35:17.0186 4812 agp440 - ok 11:35:17.0311 4812 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 11:35:17.0810 4812 ALG - ok 11:35:17.0997 4812 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 11:35:18.0060 4812 aliide - ok 11:35:18.0185 4812 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 11:35:18.0231 4812 amdide - ok 11:35:18.0372 4812 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 11:35:18.0528 4812 AmdK8 - ok 11:35:18.0684 4812 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 11:35:18.0809 4812 AmdPPM - ok 11:35:18.0933 4812 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 11:35:18.0965 4812 amdsata - ok 11:35:19.0136 4812 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 11:35:19.0183 4812 amdsbs - ok 11:35:19.0230 4812 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 11:35:19.0277 4812 amdxata - ok 11:35:19.0401 4812 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 11:35:19.0589 4812 AppID - ok 11:35:19.0823 4812 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 11:35:20.0041 4812 AppIDSvc - ok 11:35:20.0197 4812 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 11:35:20.0415 4812 Appinfo - ok 11:35:20.0509 4812 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 11:35:20.0556 4812 arc - ok 11:35:20.0759 4812 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 11:35:20.0790 4812 arcsas - ok 11:35:20.0946 4812 [ F3F5F2FDE0DEABA4F2CE336E9454FAE2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys 11:35:21.0102 4812 aswFsBlk - ok 11:35:21.0242 4812 [ 90980D5291F8E725700272E4B64EDA10 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 11:35:21.0273 4812 aswMonFlt - ok 11:35:21.0398 4812 [ A4C94945B8A1FFE449A500C2CF0B5882 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys 11:35:21.0445 4812 aswRdr - ok 11:35:21.0476 4812 [ A06E330475C1957C50C13B483D41F2BD ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys 11:35:21.0523 4812 aswRvrt - ok 11:35:21.0929 4812 [ 9237BE2AB3C7D611F1F8FB7018691BAC ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 11:35:22.0007 4812 aswSnx - ok 11:35:22.0100 4812 [ D8FEC7F7BFE1BAD685DC8D1EF384693D ] aswSP C:\Windows\system32\drivers\aswSP.sys 11:35:22.0163 4812 aswSP - ok 11:35:22.0194 4812 [ 3D9BA0EF6C5847E4482FC01ABCD26683 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys 11:35:22.0225 4812 aswTdi - ok 11:35:22.0334 4812 [ 3C7D772F6059C142991D00FE3AB61D40 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys 11:35:22.0381 4812 aswVmm - ok 11:35:22.0443 4812 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 11:35:22.0646 4812 AsyncMac - ok 11:35:22.0740 4812 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 11:35:22.0787 4812 atapi - ok 11:35:23.0099 4812 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 11:35:23.0255 4812 AudioEndpointBuilder - ok 11:35:23.0270 4812 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 11:35:23.0395 4812 AudioSrv - ok 11:35:23.0832 4812 [ 6F702A7EA2D5F2B55CC90C333FBE9978 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 11:35:23.0879 4812 avast! Antivirus - ok 11:35:24.0113 4812 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 11:35:24.0253 4812 AxInstSV - ok 11:35:24.0549 4812 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 11:35:24.0627 4812 b06bdrv - ok 11:35:24.0939 4812 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 11:35:25.0049 4812 b57nd60a - ok 11:35:25.0127 4812 [ 2618E15514736FB469B105CE729B6D9D ] b57xdbd C:\Windows\system32\DRIVERS\b57xdbd.sys 11:35:25.0173 4812 b57xdbd - ok 11:35:25.0220 4812 [ BABA4F0E2978B69B4E0B260EF7150DD6 ] b57xdmp C:\Windows\system32\DRIVERS\b57xdmp.sys 11:35:25.0267 4812 b57xdmp - ok 11:35:25.0439 4812 [ 87F3BCF82A63E900AF896CD930BF7E05 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 11:35:25.0485 4812 BBSvc - ok 11:35:25.0517 4812 [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 11:35:25.0563 4812 BBUpdate - ok 11:35:26.0094 4812 [ 85111026F1C5A1C4CCE3697F0DA7BC1A ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys 11:35:26.0312 4812 BCM43XX - ok 11:35:26.0390 4812 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 11:35:26.0468 4812 BDESVC - ok 11:35:26.0562 4812 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 11:35:26.0749 4812 Beep - ok 11:35:26.0843 4812 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 11:35:26.0921 4812 blbdrive - ok 11:35:26.0983 4812 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 11:35:27.0077 4812 bowser - ok 11:35:27.0108 4812 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 11:35:27.0217 4812 BrFiltLo - ok 11:35:27.0233 4812 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 11:35:27.0295 4812 BrFiltUp - ok 11:35:27.0389 4812 [ 5C2F352A4E961D72518261257AAE204B ] Bridge C:\Windows\system32\DRIVERS\bridge.sys 11:35:27.0545 4812 Bridge - ok 11:35:27.0607 4812 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 11:35:27.0716 4812 BridgeMP - ok 11:35:27.0779 4812 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 11:35:27.0872 4812 Browser - ok 11:35:27.0935 4812 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 11:35:28.0028 4812 Brserid - ok 11:35:28.0106 4812 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 11:35:28.0200 4812 BrSerWdm - ok 11:35:28.0247 4812 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 11:35:28.0325 4812 BrUsbMdm - ok 11:35:28.0371 4812 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 11:35:28.0465 4812 BrUsbSer - ok 11:35:28.0543 4812 [ FF7AA31BFFDC6C6870F64EAF8DEFE930 ] bScsiMSa C:\Windows\system32\DRIVERS\bScsiMSa.sys 11:35:28.0574 4812 bScsiMSa - ok 11:35:28.0637 4812 [ E6CC56662F6C6B787A1FBEA4CD247AE0 ] bScsiSDa C:\Windows\system32\DRIVERS\bScsiSDa.sys 11:35:28.0668 4812 bScsiSDa - ok 11:35:28.0699 4812 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 11:35:28.0808 4812 BTHMODEM - ok 11:35:28.0902 4812 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 11:35:29.0073 4812 bthserv - ok 11:35:29.0136 4812 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 11:35:29.0276 4812 cdfs - ok 11:35:29.0354 4812 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 11:35:29.0432 4812 cdrom - ok 11:35:29.0479 4812 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 11:35:29.0635 4812 CertPropSvc - ok 11:35:29.0651 4812 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 11:35:29.0729 4812 circlass - ok 11:35:29.0775 4812 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 11:35:29.0838 4812 CLFS - ok 11:35:30.0197 4812 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 11:35:30.0243 4812 clr_optimization_v2.0.50727_32 - ok 11:35:30.0477 4812 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 11:35:30.0509 4812 clr_optimization_v2.0.50727_64 - ok 11:35:30.0633 4812 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 11:35:30.0743 4812 clr_optimization_v4.0.30319_32 - ok 11:35:30.0821 4812 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 11:35:30.0867 4812 clr_optimization_v4.0.30319_64 - ok 11:35:30.0930 4812 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 11:35:31.0008 4812 CmBatt - ok 11:35:31.0039 4812 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 11:35:31.0070 4812 cmdide - ok 11:35:31.0179 4812 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 11:35:31.0257 4812 CNG - ok 11:35:31.0304 4812 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 11:35:31.0351 4812 Compbatt - ok 11:35:31.0382 4812 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 11:35:31.0460 4812 CompositeBus - ok 11:35:31.0491 4812 COMSysApp - ok 11:35:31.0523 4812 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 11:35:31.0554 4812 crcdisk - ok 11:35:31.0616 4812 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 11:35:31.0694 4812 CryptSvc - ok 11:35:31.0866 4812 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 11:35:31.0928 4812 cvhsvc - ok 11:35:32.0006 4812 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 11:35:32.0162 4812 DcomLaunch - ok 11:35:32.0240 4812 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 11:35:32.0396 4812 defragsvc - ok 11:35:32.0443 4812 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 11:35:32.0583 4812 DfsC - ok 11:35:32.0661 4812 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 11:35:32.0755 4812 Dhcp - ok 11:35:32.0833 4812 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 11:35:32.0958 4812 discache - ok 11:35:33.0083 4812 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 11:35:33.0161 4812 Disk - ok 11:35:33.0207 4812 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 11:35:33.0301 4812 Dnscache - ok 11:35:33.0379 4812 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 11:35:33.0519 4812 dot3svc - ok 11:35:33.0582 4812 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 11:35:33.0722 4812 DPS - ok 11:35:33.0769 4812 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 11:35:33.0863 4812 drmkaud - ok 11:35:33.0956 4812 [ 4AB2A58816CC6BE771F1D8C768B804C5 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe 11:35:34.0003 4812 DsiWMIService - ok 11:35:34.0065 4812 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys 11:35:34.0097 4812 dtsoftbus01 - ok 11:35:34.0206 4812 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 11:35:34.0268 4812 DXGKrnl - ok 11:35:34.0362 4812 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 11:35:34.0487 4812 EapHost - ok 11:35:35.0001 4812 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 11:35:35.0189 4812 ebdrv - ok 11:35:35.0267 4812 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 11:35:35.0407 4812 EFS - ok 11:35:35.0516 4812 [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe 11:35:35.0547 4812 EgisTec Ticket Service - ok 11:35:35.0797 4812 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 11:35:35.0922 4812 ehRecvr - ok 11:35:35.0937 4812 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 11:35:36.0000 4812 ehSched - ok 11:35:36.0795 4812 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 11:35:36.0889 4812 elxstor - ok 11:35:37.0217 4812 [ 48425C93B6F36529707206E4FA680CF3 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe 11:35:37.0295 4812 ePowerSvc - ok 11:35:37.0388 4812 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 11:35:37.0575 4812 ErrDev - ok 11:35:37.0794 4812 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 11:35:38.0012 4812 EventSystem - ok 11:35:38.0075 4812 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 11:35:38.0215 4812 exfat - ok 11:35:38.0246 4812 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 11:35:38.0387 4812 fastfat - ok 11:35:38.0465 4812 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 11:35:38.0558 4812 Fax - ok 11:35:38.0667 4812 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 11:35:38.0745 4812 fdc - ok 11:35:38.0823 4812 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 11:35:38.0979 4812 fdPHost - ok 11:35:39.0026 4812 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 11:35:39.0182 4812 FDResPub - ok 11:35:39.0307 4812 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 11:35:39.0338 4812 FileInfo - ok 11:35:39.0385 4812 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 11:35:39.0650 4812 Filetrace - ok 11:35:39.0900 4812 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 11:35:39.0947 4812 FLEXnet Licensing Service - ok 11:35:40.0087 4812 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 11:35:40.0149 4812 flpydisk - ok 11:35:40.0165 4812 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 11:35:40.0212 4812 FltMgr - ok 11:35:40.0430 4812 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 11:35:40.0493 4812 FontCache - ok 11:35:40.0586 4812 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 11:35:40.0617 4812 FontCache3.0.0.0 - ok 11:35:40.0695 4812 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 11:35:40.0727 4812 FsDepends - ok 11:35:40.0851 4812 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 11:35:40.0883 4812 Fs_Rec - ok 11:35:41.0070 4812 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 11:35:41.0117 4812 fvevol - ok 11:35:41.0163 4812 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 11:35:41.0210 4812 gagp30kx - ok 11:35:41.0351 4812 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 11:35:41.0397 4812 GamesAppService - ok 11:35:41.0553 4812 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 11:35:41.0663 4812 gpsvc - ok 11:35:41.0756 4812 [ C9B2D1D3F86FD3673EF847DEF73B6F9E ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe 11:35:41.0772 4812 GREGService - ok 11:35:42.0021 4812 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:35:42.0053 4812 gupdate - ok 11:35:42.0053 4812 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:35:42.0084 4812 gupdatem - ok 11:35:42.0209 4812 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 11:35:42.0255 4812 gusvc - ok 11:35:42.0318 4812 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 11:35:42.0380 4812 hcw85cir - ok 11:35:42.0443 4812 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 11:35:42.0536 4812 HdAudAddService - ok 11:35:42.0583 4812 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 11:35:42.0677 4812 HDAudBus - ok 11:35:42.0692 4812 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 11:35:42.0817 4812 HidBatt - ok 11:35:42.0833 4812 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 11:35:42.0957 4812 HidBth - ok 11:35:43.0067 4812 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 11:35:43.0113 4812 HidIr - ok 11:35:43.0207 4812 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 11:35:43.0332 4812 hidserv - ok 11:35:43.0394 4812 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 11:35:43.0441 4812 HidUsb - ok 11:35:43.0566 4812 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 11:35:43.0769 4812 hkmsvc - ok 11:35:43.0878 4812 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 11:35:43.0956 4812 HomeGroupListener - ok 11:35:44.0049 4812 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 11:35:44.0127 4812 HomeGroupProvider - ok 11:35:44.0190 4812 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 11:35:44.0237 4812 HpSAMD - ok 11:35:44.0471 4812 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 11:35:44.0673 4812 HTTP - ok 11:35:44.0720 4812 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 11:35:44.0767 4812 hwpolicy - ok 11:35:44.0829 4812 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 11:35:44.0876 4812 i8042prt - ok 11:35:44.0970 4812 [ 53CC5BF8B5A219119953C7ABB19A7705 ] iaStor C:\Windows\system32\drivers\iaStor.sys 11:35:45.0017 4812 iaStor - ok 11:35:45.0079 4812 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 11:35:45.0141 4812 iaStorV - ok 11:35:45.0391 4812 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 11:35:45.0469 4812 idsvc - ok 11:35:46.0187 4812 [ 978D876A581D57E0DE6437674EB0014D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 11:35:46.0639 4812 igfx - ok 11:35:46.0717 4812 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 11:35:46.0764 4812 iirsp - ok 11:35:46.0920 4812 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 11:35:47.0091 4812 IKEEXT - ok 11:35:47.0871 4812 [ 98F4E841EA43ED5A442F0DC60CAB4326 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 11:35:48.0027 4812 IntcAzAudAddService - ok 11:35:48.0199 4812 [ AE594CC17C33AC146739494615E14851 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 11:35:48.0293 4812 IntcDAud - ok 11:35:48.0371 4812 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 11:35:48.0402 4812 intelide - ok 11:35:48.0464 4812 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 11:35:48.0542 4812 intelppm - ok 11:35:48.0589 4812 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 11:35:48.0729 4812 IPBusEnum - ok 11:35:48.0792 4812 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:35:48.0901 4812 IpFilterDriver - ok 11:35:48.0932 4812 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 11:35:49.0010 4812 IPMIDRV - ok 11:35:49.0088 4812 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 11:35:49.0244 4812 IPNAT - ok 11:35:49.0307 4812 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 11:35:49.0385 4812 IRENUM - ok 11:35:49.0447 4812 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 11:35:49.0494 4812 isapnp - ok 11:35:49.0634 4812 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 11:35:49.0697 4812 iScsiPrt - ok 11:35:49.0915 4812 [ BD63E1904D19B624291C9F313A7B0ABB ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys 11:35:50.0055 4812 k57nd60a - ok 11:35:50.0133 4812 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 11:35:50.0180 4812 kbdclass - ok 11:35:50.0243 4812 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 11:35:50.0321 4812 kbdhid - ok 11:35:50.0352 4812 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 11:35:50.0399 4812 KeyIso - ok 11:35:50.0461 4812 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 11:35:50.0492 4812 KSecDD - ok 11:35:50.0570 4812 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 11:35:50.0617 4812 KSecPkg - ok 11:35:50.0726 4812 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 11:35:50.0851 4812 ksthunk - ok 11:35:50.0991 4812 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 11:35:51.0163 4812 KtmRm - ok 11:35:51.0210 4812 [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys 11:35:51.0257 4812 L1E - ok 11:35:51.0413 4812 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 11:35:51.0569 4812 LanmanServer - ok 11:35:51.0647 4812 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 11:35:51.0803 4812 LanmanWorkstation - ok 11:35:52.0130 4812 [ 93B73DED2BC688F140C6AE2FBAD45789 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe 11:35:52.0177 4812 Live Updater Service - ok 11:35:52.0255 4812 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 11:35:52.0380 4812 lltdio - ok 11:35:52.0505 4812 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 11:35:52.0661 4812 lltdsvc - ok 11:35:52.0723 4812 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 11:35:52.0848 4812 lmhosts - ok 11:35:53.0066 4812 [ E7859BA062DB5E23C6DD34AD66B09F50 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 11:35:53.0113 4812 LMS - ok 11:35:53.0175 4812 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 11:35:53.0222 4812 LSI_FC - ok 11:35:53.0253 4812 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 11:35:53.0300 4812 LSI_SAS - ok 11:35:53.0394 4812 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 11:35:53.0441 4812 LSI_SAS2 - ok 11:35:53.0487 4812 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 11:35:53.0534 4812 LSI_SCSI - ok 11:35:53.0565 4812 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 11:35:53.0706 4812 luafv - ok 11:35:53.0799 4812 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 11:35:53.0846 4812 MBAMProtector - ok 11:35:54.0111 4812 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 11:35:54.0158 4812 MBAMScheduler - ok 11:35:54.0392 4812 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 11:35:54.0455 4812 MBAMService - ok 11:35:54.0501 4812 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 11:35:54.0579 4812 Mcx2Svc - ok 11:35:54.0642 4812 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 11:35:54.0673 4812 megasas - ok 11:35:54.0767 4812 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 11:35:54.0813 4812 MegaSR - ok 11:35:54.0907 4812 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 11:35:54.0938 4812 MEIx64 - ok 11:35:55.0047 4812 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 11:35:55.0172 4812 MMCSS - ok 11:35:55.0203 4812 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 11:35:55.0344 4812 Modem - ok 11:35:55.0437 4812 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 11:35:55.0500 4812 monitor - ok 11:35:55.0609 4812 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 11:35:55.0640 4812 mouclass - ok 11:35:55.0781 4812 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 11:35:55.0843 4812 mouhid - ok 11:35:55.0874 4812 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 11:35:55.0921 4812 mountmgr - ok 11:35:56.0093 4812 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 11:35:56.0139 4812 MozillaMaintenance - ok 11:35:56.0217 4812 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 11:35:56.0249 4812 mpio - ok 11:35:56.0295 4812 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 11:35:56.0405 4812 mpsdrv - ok 11:35:56.0451 4812 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 11:35:56.0545 4812 MRxDAV - ok 11:35:56.0654 4812 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 11:35:56.0732 4812 mrxsmb - ok 11:35:56.0841 4812 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:35:56.0904 4812 mrxsmb10 - ok 11:35:56.0935 4812 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:35:56.0982 4812 mrxsmb20 - ok 11:35:57.0060 4812 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 11:35:57.0091 4812 msahci - ok 11:35:57.0153 4812 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 11:35:57.0200 4812 msdsm - ok 11:35:57.0263 4812 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 11:35:57.0341 4812 MSDTC - ok 11:35:57.0387 4812 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 11:35:57.0481 4812 Msfs - ok 11:35:57.0543 4812 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 11:35:57.0684 4812 mshidkmdf - ok 11:35:57.0715 4812 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 11:35:57.0762 4812 msisadrv - ok 11:35:57.0871 4812 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 11:35:58.0027 4812 MSiSCSI - ok 11:35:58.0027 4812 msiserver - ok 11:35:58.0121 4812 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 11:35:58.0246 4812 MSKSSRV - ok 11:35:58.0308 4812 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 11:35:58.0448 4812 MSPCLOCK - ok 11:35:58.0480 4812 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 11:35:58.0604 4812 MSPQM - ok 11:35:58.0714 4812 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 11:35:58.0776 4812 MsRPC - ok 11:35:58.0807 4812 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 11:35:58.0838 4812 mssmbios - ok 11:35:58.0885 4812 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 11:35:59.0026 4812 MSTEE - ok 11:35:59.0088 4812 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 11:35:59.0135 4812 MTConfig - ok 11:35:59.0197 4812 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 11:35:59.0244 4812 Mup - ok 11:35:59.0322 4812 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 11:35:59.0353 4812 mwlPSDFilter - ok 11:35:59.0384 4812 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 11:35:59.0431 4812 mwlPSDNServ - ok 11:35:59.0447 4812 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 11:35:59.0478 4812 mwlPSDVDisk - ok 11:35:59.0650 4812 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 11:35:59.0821 4812 napagent - ok 11:36:00.0040 4812 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 11:36:00.0133 4812 NativeWifiP - ok 11:36:00.0617 4812 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 11:36:00.0695 4812 NDIS - ok 11:36:00.0788 4812 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 11:36:00.0929 4812 NdisCap - ok 11:36:00.0976 4812 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 11:36:01.0085 4812 NdisTapi - ok 11:36:01.0163 4812 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 11:36:01.0303 4812 Ndisuio - ok 11:36:01.0366 4812 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 11:36:01.0490 4812 NdisWan - ok 11:36:01.0537 4812 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 11:36:01.0646 4812 NDProxy - ok 11:36:01.0724 4812 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 11:36:01.0865 4812 NetBIOS - ok 11:36:01.0958 4812 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 11:36:02.0068 4812 NetBT - ok 11:36:02.0114 4812 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 11:36:02.0161 4812 Netlogon - ok 11:36:02.0317 4812 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 11:36:02.0458 4812 Netman - ok 11:36:02.0629 4812 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 11:36:02.0770 4812 netprofm - ok 11:36:02.0832 4812 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 11:36:02.0863 4812 NetTcpPortSharing - ok 11:36:02.0988 4812 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 11:36:03.0019 4812 nfrd960 - ok 11:36:03.0128 4812 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 11:36:03.0238 4812 NlaSvc - ok 11:36:03.0284 4812 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 11:36:03.0394 4812 Npfs - ok 11:36:03.0409 4812 npggsvc - ok 11:36:03.0503 4812 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 11:36:03.0674 4812 nsi - ok 11:36:03.0752 4812 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 11:36:03.0924 4812 nsiproxy - ok 11:36:04.0408 4812 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 11:36:04.0517 4812 Ntfs - ok 11:36:04.0720 4812 [ 1873214666F6F0A883742DF91FBC48C9 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe 11:36:04.0751 4812 NTI IScheduleSvc - ok 11:36:04.0829 4812 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys 11:36:04.0860 4812 NTIDrvr - ok 11:36:04.0938 4812 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 11:36:05.0047 4812 Null - ok 11:36:05.0125 4812 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 11:36:05.0172 4812 nvraid - ok 11:36:05.0250 4812 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 11:36:05.0297 4812 nvstor - ok 11:36:05.0344 4812 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 11:36:05.0390 4812 nv_agp - ok 11:36:05.0406 4812 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 11:36:05.0453 4812 ohci1394 - ok 11:36:05.0749 4812 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 11:36:05.0796 4812 ose - ok 11:36:07.0340 4812 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 11:36:07.0746 4812 osppsvc - ok 11:36:07.0886 4812 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 11:36:07.0964 4812 p2pimsvc - ok 11:36:08.0136 4812 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 11:36:08.0198 4812 p2psvc - ok 11:36:08.0261 4812 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 11:36:08.0323 4812 Parport - ok 11:36:08.0370 4812 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 11:36:08.0401 4812 partmgr - ok 11:36:08.0479 4812 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 11:36:08.0588 4812 PcaSvc - ok 11:36:08.0666 4812 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 11:36:08.0713 4812 pci - ok 11:36:08.0729 4812 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 11:36:08.0776 4812 pciide - ok 11:36:08.0838 4812 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 11:36:08.0885 4812 pcmcia - ok 11:36:08.0916 4812 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 11:36:08.0947 4812 pcw - ok 11:36:08.0994 4812 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 11:36:09.0150 4812 PEAUTH - ok 11:36:10.0211 4812 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 11:36:10.0304 4812 PerfHost - ok 11:36:10.0523 4812 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 11:36:10.0741 4812 pla - ok 11:36:10.0850 4812 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 11:36:10.0944 4812 PlugPlay - ok 11:36:11.0006 4812 PnkBstrA - ok 11:36:11.0069 4812 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 11:36:11.0147 4812 PNRPAutoReg - ok 11:36:11.0225 4812 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 11:36:11.0287 4812 PNRPsvc - ok 11:36:11.0365 4812 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 11:36:11.0521 4812 PolicyAgent - ok 11:36:11.0584 4812 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 11:36:11.0755 4812 Power - ok 11:36:11.0833 4812 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 11:36:11.0974 4812 PptpMiniport - ok 11:36:12.0052 4812 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 11:36:12.0130 4812 Processor - ok 11:36:12.0239 4812 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 11:36:12.0332 4812 ProfSvc - ok 11:36:12.0364 4812 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 11:36:12.0410 4812 ProtectedStorage - ok 11:36:12.0473 4812 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 11:36:12.0613 4812 Psched - ok 11:36:12.0691 4812 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 11:36:12.0738 4812 PxHlpa64 - ok 11:36:12.0894 4812 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 11:36:13.0050 4812 ql2300 - ok 11:36:13.0066 4812 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 11:36:13.0097 4812 ql40xx - ok 11:36:13.0175 4812 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 11:36:13.0253 4812 QWAVE - ok 11:36:13.0268 4812 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 11:36:13.0362 4812 QWAVEdrv - ok 11:36:13.0409 4812 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 11:36:13.0565 4812 RasAcd - ok 11:36:13.0643 4812 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 11:36:13.0736 4812 RasAgileVpn - ok 11:36:13.0799 4812 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 11:36:13.0939 4812 RasAuto - ok 11:36:13.0970 4812 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 11:36:14.0111 4812 Rasl2tp - ok 11:36:14.0189 4812 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 11:36:14.0360 4812 RasMan - ok 11:36:14.0392 4812 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 11:36:14.0532 4812 RasPppoe - ok 11:36:14.0563 4812 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 11:36:14.0704 4812 RasSstp - ok 11:36:14.0875 4812 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 11:36:15.0031 4812 rdbss - ok 11:36:15.0125 4812 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 11:36:15.0234 4812 rdpbus - ok 11:36:15.0296 4812 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 11:36:15.0437 4812 RDPCDD - ok 11:36:15.0515 4812 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 11:36:15.0655 4812 RDPENCDD - ok 11:36:15.0733 4812 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 11:36:15.0827 4812 RDPREFMP - ok 11:36:15.0967 4812 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 11:36:16.0030 4812 RDPWD - ok 11:36:16.0061 4812 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 11:36:16.0108 4812 rdyboost - ok 11:36:16.0186 4812 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 11:36:16.0326 4812 RemoteAccess - ok 11:36:16.0388 4812 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 11:36:16.0513 4812 RemoteRegistry - ok 11:36:16.0607 4812 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys 11:36:16.0638 4812 RimUsb - ok 11:36:16.0747 4812 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 11:36:16.0919 4812 RpcEptMapper - ok 11:36:17.0012 4812 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 11:36:17.0059 4812 RpcLocator - ok 11:36:17.0246 4812 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 11:36:17.0371 4812 RpcSs - ok 11:36:17.0480 4812 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 11:36:17.0605 4812 rspndr - ok 11:36:17.0668 4812 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 11:36:17.0714 4812 SamSs - ok 11:36:17.0761 4812 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 11:36:17.0808 4812 sbp2port - ok 11:36:17.0886 4812 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 11:36:18.0011 4812 SCardSvr - ok 11:36:18.0042 4812 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 11:36:18.0214 4812 scfilter - ok 11:36:18.0463 4812 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 11:36:18.0650 4812 Schedule - ok 11:36:18.0728 4812 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 11:36:18.0822 4812 SCPolicySvc - ok 11:36:18.0916 4812 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 11:36:19.0009 4812 sdbus - ok 11:36:19.0040 4812 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 11:36:19.0134 4812 SDRSVC - ok 11:36:19.0196 4812 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 11:36:19.0337 4812 secdrv - ok 11:36:19.0384 4812 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 11:36:19.0493 4812 seclogon - ok 11:36:19.0540 4812 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 11:36:19.0680 4812 SENS - ok 11:36:19.0711 4812 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 11:36:19.0789 4812 SensrSvc - ok 11:36:19.0836 4812 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 11:36:19.0914 4812 Serenum - ok 11:36:19.0976 4812 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 11:36:20.0039 4812 Serial - ok 11:36:20.0086 4812 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 11:36:20.0164 4812 sermouse - ok 11:36:20.0210 4812 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 11:36:20.0366 4812 SessionEnv - ok 11:36:20.0398 4812 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 11:36:20.0444 4812 sffdisk - ok 11:36:20.0476 4812 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 11:36:20.0554 4812 sffp_mmc - ok 11:36:20.0600 4812 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 11:36:20.0694 4812 sffp_sd - ok 11:36:20.0756 4812 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 11:36:20.0788 4812 sfloppy - ok 11:36:20.0897 4812 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 11:36:20.0959 4812 Sftfs - ok 11:36:21.0193 4812 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 11:36:21.0224 4812 sftlist - ok 11:36:21.0302 4812 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 11:36:21.0334 4812 Sftplay - ok 11:36:21.0380 4812 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 11:36:21.0396 4812 Sftredir - ok 11:36:21.0443 4812 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 11:36:21.0474 4812 Sftvol - ok 11:36:21.0614 4812 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 11:36:21.0661 4812 sftvsa - ok 11:36:21.0770 4812 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 11:36:21.0926 4812 ShellHWDetection - ok 11:36:21.0989 4812 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 11:36:22.0036 4812 SiSRaid2 - ok 11:36:22.0051 4812 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 11:36:22.0098 4812 SiSRaid4 - ok 11:36:22.0753 4812 [ 0C1B2E3A897397738D9F81CD3D152AF0 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 11:36:22.0925 4812 Skype C2C Service - ok 11:36:23.0081 4812 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 11:36:23.0112 4812 SkypeUpdate - ok 11:36:23.0190 4812 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 11:36:23.0330 4812 Smb - ok 11:36:23.0393 4812 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 11:36:23.0502 4812 SNMPTRAP - ok 11:36:23.0533 4812 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 11:36:23.0580 4812 spldr - ok 11:36:23.0720 4812 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 11:36:23.0783 4812 Spooler - ok 11:36:24.0298 4812 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 11:36:24.0532 4812 sppsvc - ok 11:36:24.0578 4812 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 11:36:24.0688 4812 sppuinotify - ok 11:36:24.0844 4812 [ D6AB7C13FCDD2E4CAC35244D2C172D9A ] sptd C:\Windows\System32\Drivers\sptd.sys 11:36:24.0906 4812 sptd - ok 11:36:24.0953 4812 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 11:36:25.0062 4812 srv - ok 11:36:25.0156 4812 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 11:36:25.0249 4812 srv2 - ok 11:36:25.0343 4812 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 11:36:25.0390 4812 srvnet - ok 11:36:25.0468 4812 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 11:36:25.0608 4812 SSDPSRV - ok 11:36:25.0655 4812 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 11:36:25.0764 4812 SstpSvc - ok 11:36:25.0811 4812 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 11:36:25.0858 4812 stexstor - ok 11:36:25.0920 4812 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 11:36:25.0998 4812 stisvc - ok 11:36:26.0045 4812 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 11:36:26.0076 4812 swenum - ok 11:36:26.0279 4812 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 11:36:26.0435 4812 swprv - ok 11:36:26.0528 4812 [ 57B534A913E81E7CF91C3D5854D2F80E ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 11:36:26.0575 4812 SynTP - ok 11:36:26.0716 4812 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 11:36:26.0872 4812 SysMain - ok 11:36:26.0965 4812 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 11:36:27.0028 4812 TabletInputService - ok 11:36:27.0168 4812 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 11:36:27.0308 4812 TapiSrv - ok 11:36:27.0386 4812 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 11:36:27.0496 4812 TBS - ok 11:36:27.0636 4812 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 11:36:27.0839 4812 Tcpip - ok 11:36:27.0917 4812 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 11:36:28.0026 4812 TCPIP6 - ok 11:36:28.0104 4812 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 11:36:28.0135 4812 tcpipreg - ok 11:36:28.0229 4812 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 11:36:28.0322 4812 TDPIPE - ok 11:36:28.0400 4812 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 11:36:28.0510 4812 TDTCP - ok 11:36:28.0541 4812 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 11:36:28.0650 4812 tdx - ok 11:36:28.0697 4812 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 11:36:28.0744 4812 TermDD - ok 11:36:28.0837 4812 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 11:36:29.0024 4812 TermService - ok 11:36:29.0056 4812 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 11:36:29.0118 4812 Themes - ok 11:36:29.0212 4812 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 11:36:29.0321 4812 THREADORDER - ok 11:36:29.0399 4812 [ 36E1383019695CB722E685083C005FDD ] TotRec8 C:\Windows\system32\drivers\TotRec8.sys 11:36:29.0430 4812 TotRec8 - ok 11:36:29.0461 4812 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 11:36:29.0633 4812 TrkWks - ok 11:36:29.0820 4812 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 11:36:29.0992 4812 TrustedInstaller - ok 11:36:30.0085 4812 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 11:36:30.0226 4812 tssecsrv - ok 11:36:30.0304 4812 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 11:36:30.0350 4812 TsUsbFlt - ok 11:36:30.0382 4812 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 11:36:30.0460 4812 TsUsbGD - ok 11:36:30.0522 4812 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 11:36:30.0662 4812 tunnel - ok 11:36:30.0694 4812 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 11:36:30.0725 4812 uagp35 - ok 11:36:30.0818 4812 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys 11:36:30.0850 4812 UBHelper - ok 11:36:30.0896 4812 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 11:36:31.0068 4812 udfs - ok 11:36:31.0115 4812 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 11:36:31.0193 4812 UI0Detect - ok 11:36:31.0271 4812 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 11:36:31.0302 4812 uliagpkx - ok 11:36:31.0364 4812 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 11:36:31.0442 4812 umbus - ok 11:36:31.0505 4812 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 11:36:31.0567 4812 UmPass - ok 11:36:32.0254 4812 [ E91F8AFBD7FB96C94B266579D6BFA77A ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 11:36:32.0394 4812 UNS - ok 11:36:32.0581 4812 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 11:36:32.0737 4812 upnphost - ok 11:36:32.0800 4812 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 11:36:32.0846 4812 usbccgp - ok 11:36:32.0893 4812 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 11:36:32.0940 4812 usbcir - ok 11:36:32.0971 4812 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys 11:36:33.0049 4812 usbehci - ok 11:36:33.0112 4812 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 11:36:33.0190 4812 usbhub - ok 11:36:33.0236 4812 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 11:36:33.0299 4812 usbohci - ok 11:36:33.0346 4812 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys 11:36:33.0424 4812 usbprint - ok 11:36:33.0470 4812 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:36:33.0548 4812 USBSTOR - ok 11:36:33.0595 4812 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 11:36:33.0658 4812 usbuhci - ok 11:36:33.0704 4812 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 11:36:33.0782 4812 usbvideo - ok 11:36:33.0845 4812 [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys 11:36:33.0892 4812 usb_rndisx - ok 11:36:33.0938 4812 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 11:36:34.0079 4812 UxSms - ok 11:36:34.0126 4812 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 11:36:34.0172 4812 VaultSvc - ok 11:36:34.0235 4812 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 11:36:34.0282 4812 vdrvroot - ok 11:36:34.0328 4812 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 11:36:34.0531 4812 vds - ok 11:36:34.0562 4812 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 11:36:34.0609 4812 vga - ok 11:36:34.0656 4812 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 11:36:34.0781 4812 VgaSave - ok 11:36:34.0859 4812 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 11:36:34.0906 4812 vhdmp - ok 11:36:34.0921 4812 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 11:36:34.0968 4812 viaide - ok 11:36:34.0999 4812 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 11:36:35.0046 4812 volmgr - ok 11:36:35.0093 4812 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 11:36:35.0140 4812 volmgrx - ok 11:36:35.0186 4812 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 11:36:35.0233 4812 volsnap - ok 11:36:35.0280 4812 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 11:36:35.0327 4812 vsmraid - ok 11:36:35.0639 4812 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 11:36:35.0826 4812 VSS - ok 11:36:35.0857 4812 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 11:36:35.0935 4812 vwifibus - ok 11:36:36.0013 4812 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 11:36:36.0122 4812 vwififlt - ok 11:36:36.0169 4812 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 11:36:36.0294 4812 W32Time - ok 11:36:36.0403 4812 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 11:36:36.0466 4812 WacomPen - ok 11:36:36.0528 4812 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 11:36:36.0668 4812 WANARP - ok 11:36:36.0700 4812 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 11:36:36.0809 4812 Wanarpv6 - ok 11:36:36.0902 4812 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 11:36:37.0012 4812 WatAdminSvc - ok 11:36:37.0370 4812 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 11:36:37.0511 4812 wbengine - ok 11:36:37.0589 4812 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 11:36:37.0667 4812 WbioSrvc - ok 11:36:37.0714 4812 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 11:36:37.0823 4812 wcncsvc - ok 11:36:37.0870 4812 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 11:36:37.0916 4812 WcsPlugInService - ok 11:36:37.0979 4812 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 11:36:38.0010 4812 Wd - ok 11:36:38.0275 4812 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 11:36:38.0338 4812 Wdf01000 - ok 11:36:38.0431 4812 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 11:36:38.0525 4812 WdiServiceHost - ok 11:36:38.0540 4812 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 11:36:38.0603 4812 WdiSystemHost - ok 11:36:38.0665 4812 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 11:36:38.0774 4812 WebClient - ok 11:36:38.0868 4812 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 11:36:38.0993 4812 Wecsvc - ok 11:36:39.0024 4812 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 11:36:39.0118 4812 wercplsupport - ok 11:36:39.0180 4812 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 11:36:39.0274 4812 WerSvc - ok 11:36:39.0320 4812 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 11:36:39.0398 4812 WfpLwf - ok 11:36:39.0430 4812 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 11:36:39.0461 4812 WIMMount - ok 11:36:39.0476 4812 WinHttpAutoProxySvc - ok 11:36:39.0648 4812 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 11:36:39.0726 4812 Winmgmt - ok 11:36:40.0038 4812 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 11:36:40.0163 4812 WinRM - ok 11:36:40.0256 4812 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 11:36:40.0288 4812 WinUsb - ok 11:36:40.0334 4812 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 11:36:40.0428 4812 Wlansvc - ok 11:36:40.0522 4812 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 11:36:40.0553 4812 wlcrasvc - ok 11:36:40.0880 4812 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 11:36:40.0974 4812 wlidsvc - ok 11:36:41.0005 4812 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 11:36:41.0068 4812 WmiAcpi - ok 11:36:41.0130 4812 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 11:36:41.0192 4812 wmiApSrv - ok 11:36:41.0255 4812 WMPNetworkSvc - ok 11:36:41.0286 4812 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 11:36:41.0317 4812 WPCSvc - ok 11:36:41.0333 4812 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 11:36:41.0380 4812 WPDBusEnum - ok 11:36:41.0426 4812 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 11:36:41.0551 4812 ws2ifsl - ok 11:36:41.0567 4812 WSearch - ok 11:36:41.0614 4812 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 11:36:41.0723 4812 WudfPf - ok 11:36:41.0770 4812 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 11:36:41.0816 4812 wudfsvc - ok 11:36:41.0848 4812 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 11:36:41.0926 4812 WwanSvc - ok
  10. Tried to post the text but it is too long, so I will post each separated
  11. Oh, wow meant step 4. But here's the Report RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Heavy Metal Miku [Admin rights] Mode : Scan -- Date : 05/06/2013 11:22:11 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 11 ¤¤¤ [services][ROGUE ST] HKLM\[...]\ControlSet001\Services\93093138 (C:\Windows\system32\DRIVERS\93093138.sys) -> FOUND [services][ROGUE ST] HKLM\[...]\ControlSet002\Services\93093138 (C:\Windows\system32\DRIVERS\93093138.sys) -> FOUND [HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-479844974-4173024955-3454779408-1001\$b4c2ce1b1ce475eb38a4e4641f633395\n.) [x] -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-18\$b4c2ce1b1ce475eb38a4e4641f633395\@ [-] --> FOUND [ZeroAccess][FOLDER] U : C:\$recycle.bin\S-1-5-18\$b4c2ce1b1ce475eb38a4e4641f633395\U --> FOUND [ZeroAccess][FOLDER] L : C:\$recycle.bin\S-1-5-18\$b4c2ce1b1ce475eb38a4e4641f633395\L --> FOUND [ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_32\Desktop.ini [-] --> FOUND [ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_64\Desktop.ini [-] --> FOUND ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD5000BPVT-22HXZT3 +++++ --- User --- [MBR] ab5b2a2178d934e46a097392fc74a492 [bSP] d91e5613f8f4ccd2c154d597635b8a24 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 16500 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 33794048 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 33998848 | Size: 460338 Mo User != LL1 ... KO! --- LL1 --- [MBR] 0a91a12480876a3bc554aa6f828d13ad [bSP] d91e5613f8f4ccd2c154d597635b8a24 : Windows 7/8 MBR Code Partition table: 1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 16500 Mo 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 33794048 | Size: 100 Mo 3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 33998848 | Size: 460338 Mo User != LL2 ... KO! --- LL2 --- [MBR] 0a91a12480876a3bc554aa6f828d13ad [bSP] d91e5613f8f4ccd2c154d597635b8a24 : Windows 7/8 MBR Code Partition table: 1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 16500 Mo 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 33794048 | Size: 100 Mo 3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 33998848 | Size: 460338 Mo Finished : << RKreport[1]_S_05062013_02d1122.txt >> RKreport[1]_S_05062013_02d1122.txt
  12. I hope this will succeed.. But I'll take my chances, but I'm still going to change my passwords on my other computer.. Alright, I'll be taking step 5..
  13. Wow, that isn't good do I still follow the steps?? Here's step 3 if you want it, I will go to other my computer and start changing all passwords.. Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.05.06.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Heavy Metal Miku :: 誓いのメタル・ [administrator] Protection: Enabled 5/6/2013 10:41:22 AM mbam-log-2013-05-06 (10-41-22).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 298617 Time elapsed: 13 minute(s), 23 second(s) Memory Processes Detected: 1 C:\Windows\svchost.exe (Trojan.Agent) -> 2452 -> Delete on reboot. Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 3 C:\Users\Heavy Metal Miku\AppData\Local\Temp\HyKM4Qkb.zip.part (Trojan.Zbot.ED) -> Quarantined and deleted successfully. C:\Users\Heavy Metal Miku\AppData\Local\Temp\pCHVuKIN.zip.part (Trojan.Zbot.ED) -> Quarantined and deleted successfully. C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot. (end)
  14. Here is the JRT text! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.3 (04.29.2013:2) OS: Windows 7 Home Premium x64 Ran by Heavy Metal Miku on 05/06/2013 Mon at 10:19:37.92 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-479844974-4173024955-3454779408-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escort.dll Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT2801948 Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} ~~~ Files Successfully deleted: [File] C:\Windows\syswow64\sho1ED4.tmp Successfully deleted: [File] C:\Windows\syswow64\sho3C80.tmp Successfully deleted: [File] C:\Windows\syswow64\sho4329.tmp Successfully deleted: [File] C:\Windows\syswow64\sho7A78.tmp Failed to delete [File] C:\Windows\svchost.exe [Check for TDL4 Rootkit!] ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\babylon" Successfully deleted: [Folder] "C:\ProgramData\wecarereminder" Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\AppData\Roaming\babylon" Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\AppData\Roaming\baidu" Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\AppData\Roaming\opencandy" Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\AppData\Roaming\strongvault" Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\appdata\local\babylon" Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\appdata\local\conduit" Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\appdata\local\wondershare" Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\appdata\locallow\conduit" Successfully deleted: [Folder] "C:\Program Files (x86)\conduit" Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\Wondershare" Successfully deleted: [Folder] "C:\ai_recyclebin" Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin" Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{0800F0A8-08B6-4304-8EE6-0840E779318F} Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{11D0B9CD-7BD6-4DFD-8BD7-1EB13ED1DC6D} Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{26560385-02D2-47AF-97DF-4D309624C21B} Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{387F7F51-BC03-4070-815F-4422A720C5BA} Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{516B79A3-6293-4289-86C2-B8234E583CA8} Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{835EE899-F484-4D65-A0FD-E733FA0CF628} Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{8C4115E3-9998-4508-ABA0-EF009F2C05D0} Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{9E55457D-5A43-41BD-ADD1-30E6C561BA4C} Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{A04673CF-EFDA-4A9F-A563-34BC962BD041} Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{A32AB2C5-429B-4F6F-B854-D0145B2E2FD6} Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{CB7014D9-CF8D-4D96-9B1B-4FD179ECCAA2} Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{E35DD305-54C1-4059-81E6-CC285C9AD82E} Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{E69A2327-65EB-4989-84CD-04E2F30C87B2} Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{E8779472-A470-430D-8A00-CEE2AAFA337B} Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{EE53C263-CB5D-4643-AE96-7BCA0016C577} ~~~ FireFox Successfully deleted: [File] C:\user.js Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" Successfully deleted: [File] C:\Users\Heavy Metal Miku\AppData\Roaming\mozilla\firefox\profiles\dll6rgnn.default\user.js Successfully deleted: [File] C:\Users\Heavy Metal Miku\AppData\Roaming\mozilla\firefox\profiles\dll6rgnn.default\extensions\mvmfepyiej@mvmfepyiej.org.xpi [Tracur] Successfully deleted: [File] "C:\Users\Heavy Metal Miku\AppData\Roaming\mozilla\firefox\profiles\dll6rgnn.default\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi" Successfully deleted: [Folder] C:\Users\Heavy Metal Miku\AppData\Roaming\mozilla\firefox\profiles\dll6rgnn.default\jetpack Successfully deleted: [Folder] C:\Users\Heavy Metal Miku\AppData\Roaming\mozilla\firefox\profiles\dll6rgnn.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack Successfully deleted the following from C:\Users\Heavy Metal Miku\AppData\Roaming\mozilla\firefox\profiles\dll6rgnn.default\prefs.js user_pref("CT2801948.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fjapanese.about.com%2Flibrary%2Fweekly%2Faa021101a.htm\",\"EB_MAIN_FRAME_TITLE\":\"I%20love% user_pref("CT2801948_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1355940855747,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0} user_pref("Smartbar.ConduitHomepagesList", ""); user_pref("Smartbar.ConduitSearchEngineList", "NCH EN Customized Web Search"); user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOLD1SB&ctid=CT2801948&SearchSource=2&q="); user_pref("Smartbar.keywordURLSelectedCTID", "CT2801948"); user_pref("browser.search.selectedEngine", "NCH EN Customized Web Search"); user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109935&tt=050412_30b"); user_pref("extensions.BabylonToolbar_i.hardId", "c04b0e1e000000000000226a8a6a60b1"); user_pref("extensions.BabylonToolbar_i.id", "c04b0e1e000000000000226a8a6a60b1"); user_pref("extensions.BabylonToolbar_i.instlDay", "15437"); user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.175:06:43"); user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOLD1SB&ctid=CT2801948&SearchSource=2&q="); Emptied folder: C:\Users\Heavy Metal Miku\AppData\Roaming\mozilla\firefox\profiles\dll6rgnn.default\minidumps [127 files] ~~~ Chrome Dumping contents of C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\aadbdigcgfgbdjdcgfggdgdddedjdedd C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\Extensions C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\Preferences C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\Web Data C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\aadbdigcgfgbdjdcgfggdgdddedjdedd\background.html C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\aadbdigcgfgbdjdcgfggdgdddedjdedd\ContentScript.js C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\aadbdigcgfgbdjdcgfggdgdddedjdedd\manifest.json C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\Extensions\gclijllifhfpomppedeljakfegbcpojn Successfully deleted: [Folder] C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 05/06/2013 Mon at 10:34:00.72 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  15. Oh, sorry when my laptop came on, and the Avast did it automatic I didnt want to mess with it but I'll skip it and proceed to the next steps
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.