| |
| |||||||
Log-Analyse und Auswertung: C:\Windows\SysWOW64\cleanmgr.exe wurde blockiertWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
01.01.2015, 21:46
| #1 |
 |  C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert Frohes neues Jahr! Guten Tag, mein Name ist Mathias. Ich bin neu hier und freue mich, wenn mir jemand helfen kann. Jede Minute gibt mir avast die Meldung: Prozess: C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert Url: hxxp://westringweb.com/guestbook.php?rnou=561ad52b Infektion: URL:MAL Angefangen hat alles mit der Öffnung einer Pdf, welche sich in einer Fakemail als Anhang befunden hat. Diverse Scans ergaben sehr viele Treffer. Allerdings keine Lösung. Hier erst einmal die verschiedenen Logs: (Frstlog ist zu groß) Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2015
Ran by ***** at 2015-01-01 16:53:48
Running from C:\Users\*****\Computer\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 4.0.8012 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 4.0.8012 - CyberLink Corp.) Hidden
Acer Arcade Movie (x32 Version: 9.0.6625 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.4.5 - Liteon)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0222.2010 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3002 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.05001 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.17.05001 - Alcor Micro Corp.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C1500}) (Version: 12.21.0.3946 - APN, LLC)
Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Free YouTube to MP3 Converter version 3.11.35.1031 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.35.1031 - DVDVideoSoft Ltd.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MediaShow Espresso (x32 Version: 5.5.1403_23691 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.630 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.630 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6636 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6636 - NewTech Infosystems) Hidden
Optical Drive Power Management (HKLM-x32\...\{AE09C972-EEB2-4DA5-8090-0FCF54576854}) (Version: 1.01.3007 - Acer Incorporated)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.1 - ***** Heindörfer, Philip Chinery)
pdfforge Toolbar v4.6 (HKLM-x32\...\{E6098043-1183-4580-89EF-423CBF807188}) (Version: 4.6 - Spigot, Inc.) <==== ATTENTION
PDF-to-Word 3.1 Demo (HKLM-x32\...\PDF-to-Word 3.1 Demo) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6156 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.12.0 - Synaptics Incorporated)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Vodafone Mobile Connect Lite (HKLM-x32\...\{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}) (Version: 9.4.3.17550 - Vodafone)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6000 - Broadcom Corporation)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
19-12-2014 07:25:41 Windows Update
20-12-2014 05:41:09 Windows Update
21-12-2014 21:59:31 Windows-Sicherung
23-12-2014 11:49:08 Windows Update
27-12-2014 00:59:56 Windows Update
29-12-2014 06:26:11 Windows-Sicherung
30-12-2014 07:05:34 Windows Update
30-12-2014 18:17:21 avast! antivirus system restore point
30-12-2014 18:28:05 avast! antivirus system restore point
31-12-2014 09:02:40 avast! antivirus system restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0EEE1967-449F-4EB0-8A9A-628EED4793EE} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {139077A8-42DD-4D77-8676-5B3E5A9D884A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {24E12C5B-1A05-40B7-A4A8-6631887538D3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11] (Adobe Systems Incorporated)
Task: {2D997341-9439-4CAE-B6A3-A51C2368A55F} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {354B9528-69A3-4DC5-AB0D-001A07F58B9D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {41A87547-DE3D-421E-A00A-FA79EA683FAA} - System32\Tasks\{BEB66998-81F3-4E8E-A85C-96B60D99FD0A} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.367&LastError=12007
Task: {68D4A5E8-0715-4710-A50E-3739459CD8EE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {AE4C0233-EE83-4B04-9922-C78EF31F6EA1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {AF53DB89-96CC-41EF-8DCF-43A146E7D323} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {B42E2709-57D9-4249-B3E8-38C7252ED1AD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-31] (AVAST Software)
Task: {CD1AA393-71F3-4AE1-8777-C3E2BC753FB9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
==================== Loaded Modules (whitelisted) =============
2011-07-11 10:16 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2010-06-25 09:08 - 2010-06-25 09:08 - 00173856 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2010-11-25 20:46 - 2010-02-03 09:37 - 00244904 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2013-08-28 21:52 - 2013-08-28 21:52 - 03233806 _____ () C:\Program Files (x86)\Tor\tor.exe
2014-12-31 09:05 - 2014-12-31 09:05 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-31 09:05 - 2014-12-31 09:05 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-01-01 13:02 - 2015-01-01 13:02 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\15010100\algo.dll
2014-12-31 09:05 - 2014-12-31 09:05 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2010-06-28 23:20 - 2010-06-28 23:20 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-09-08 03:37 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-12-31 09:05 - 2014-12-31 09:05 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-06-28 23:12 - 2010-06-28 23:12 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-12-31 16:11 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-12-31 16:11 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-12-31 16:11 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-12-31 16:11 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-12-31 16:11 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-12-09 11:51 - 2014-12-09 11:51 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-12-18 07:39 - 2014-12-18 07:39 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2010-09-08 02:52 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-1902139459-1109185879-2378804310-500 - Administrator - Disabled)
Gast (S-1-5-21-1902139459-1109185879-2378804310-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1902139459-1109185879-2378804310-1002 - Limited - Enabled)
***** (S-1-5-21-1902139459-1109185879-2378804310-1000 - Administrator - Enabled) => C:\Users\*****
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/01/2015 04:41:39 PM) (Source: MsiInstaller) (EventID: 10005) (User: *****-PC)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.
Error: (01/01/2015 04:40:16 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (01/01/2015 01:55:39 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (01/01/2015 11:16:21 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: NT-AUTORITÄT)
Description: Die Anwendung oder der Dienst "Spybot-S&D 2 Scanner Service" konnte nicht heruntergefahren werden.
Error: (01/01/2015 08:57:51 AM) (Source: MsiInstaller) (EventID: 10005) (User: *****-PC)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.
Error: (01/01/2015 08:55:53 AM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (12/31/2014 04:10:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/31/2014 04:10:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/31/2014 03:02:46 PM) (Source: MsiInstaller) (EventID: 10005) (User: *****-PC)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.
Error: (12/31/2014 03:01:50 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
System errors:
=============
Error: (01/01/2015 04:38:59 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist eventuell nicht installiert.
Error: (01/01/2015 01:57:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%-2147024882
Error: (01/01/2015 01:55:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/01/2015 01:55:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (01/01/2015 01:54:22 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist eventuell nicht installiert.
Error: (01/01/2015 11:14:28 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (01/01/2015 11:13:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst NlaSvc erreicht.
Error: (01/01/2015 08:55:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/01/2015 08:55:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (01/01/2015 08:54:55 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist eventuell nicht installiert.
Microsoft Office Sessions:
=========================
Error: (01/01/2015 04:41:39 PM) (Source: MsiInstaller) (EventID: 10005) (User: *****-PC)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (01/01/2015 04:40:16 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (01/01/2015 01:55:39 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (01/01/2015 11:16:21 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: NT-AUTORITÄT)
Description: 0C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exeSpybot-S&D 2 Scanner Service0302621614048143003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C0053007000790062006F00740020002D002000530065006100720063006800200026002000440065007300740072006F007900200032005C00610076005C006200640063006F00720065002E0064006C006C000000
Error: (01/01/2015 08:57:51 AM) (Source: MsiInstaller) (EventID: 10005) (User: *****-PC)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (01/01/2015 08:55:53 AM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (12/31/2014 04:10:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\*****\Computer\Downloads\esetsmartinstaller_deu.exe
Error: (12/31/2014 04:10:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\*****\Computer\Downloads\esetsmartinstaller_deu.exe
Error: (12/31/2014 03:02:46 PM) (Source: MsiInstaller) (EventID: 10005) (User: *****-PC)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/31/2014 03:01:50 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 55%
Total physical RAM: 3766.76 MB
Available physical RAM: 1691.37 MB
Total Pagefile: 7531.7 MB
Available Pagefile: 5145.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:283.99 GB) (Free:134.79 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1012CD43)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=284 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Viele liebe Grüße, danke im Voraus Mathias Gmer.txt Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2015-01-01 17:08:52 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.01.0 298,09GB Running: Gmer-19357.exe; Driver: C:\Users\*****\AppData\Local\Temp\kgdiafoc.sys ---- Kernel code sections - GMER 2.1 ---- INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80002fba000 45 bytes [00, 00, 10, 02, 4E, 74, 66, ...] INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff80002fba02f 29 bytes [00, 01, 00, 06, 00, 00, 00, ...] ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[2844] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077801465 2 bytes [80, 77] .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[2844] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000778014bb 2 bytes [80, 77] .text ... * 2 .text C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe[2988] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077801465 2 bytes [80, 77] .text C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe[2988] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000778014bb 2 bytes [80, 77] .text ... * 2 .text C:\Windows\SysWOW64\RunDll32.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077801465 2 bytes [80, 77] .text C:\Windows\SysWOW64\RunDll32.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000778014bb 2 bytes [80, 77] .text ... * 2 .text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077801465 2 bytes [80, 77] .text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000778014bb 2 bytes [80, 77] .text ... * 2 .text C:\Program Files (x86)\Launch Manager\LManager.exe[2920] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077801465 2 bytes [80, 77] .text C:\Program Files (x86)\Launch Manager\LManager.exe[2920] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000778014bb 2 bytes [80, 77] .text ... * 2 .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3328] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077801465 2 bytes [80, 77] .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3328] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000778014bb 2 bytes [80, 77] .text ... * 2 .text C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe[3460] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077801465 2 bytes [80, 77] .text C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe[3460] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000778014bb 2 bytes [80, 77] .text ... * 2 .text C:\Program Files\AVAST Software\Avast\AvastUI.exe[3508] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000076d78791 8 bytes [31, C0, C2, 04, 00, 90, 90, ...] .text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[3628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077801465 2 bytes [80, 77] .text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[3628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000778014bb 2 bytes [80, 77] .text ... * 2 .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3764] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000077801465 2 bytes [80, 77] .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3764] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000778014bb 2 bytes [80, 77] .text ... * 2 .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[3776] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077801465 2 bytes [80, 77] .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[3776] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000778014bb 2 bytes [80, 77] .text ... * 2 .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3968] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000077801465 2 bytes [80, 77] .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3968] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000778014bb 2 bytes [80, 77] .text ... * 2 ---- Threads - GMER 2.1 ---- Thread C:\Windows\SysWOW64\dllhost.exe [2808:1300] 000000007ef90000 Thread C:\Windows\SysWOW64\dllhost.exe [2808:1512] 000000007ef919ee Thread C:\Windows\SysWOW64\dllhost.exe [2808:2172] 000000007ef967f4 Thread C:\Windows\SysWOW64\dllhost.exe [2808:2552] 000000007ef95779 Thread C:\Windows\SysWOW64\cleanmgr.exe [1108:484] 000000007ef97c32 Thread C:\Windows\SysWOW64\cleanmgr.exe [1108:800] 000000007ef97be4 Thread C:\Windows\SysWOW64\cleanmgr.exe [1108:116] 000000007ef991d3 Thread C:\Windows\SysWOW64\cleanmgr.exe [1108:2876] 000000007ef9dc0c ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\18f46ae01c3b Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\18f46ae01c3b (not active ControlSet) ---- EOF - GMER 2.1 ---- Code:
ATTFilter Search results from Spybot - Search & Destroy
01.01.2015 12:52:15
Scan took 01:34:31.
369 items found.
Delta.Toolbar: [SBI $44F06F05] User settings (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Internet Explorer\Protect Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975}
Delta.Toolbar: [SBI $04AEAE14] User settings (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow
Delta.Toolbar: [SBI $0760E887] User settings (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome
Widgi.Toolbar: [SBI $DABAA047] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\Installer\UpgradeCodes\504D229B31D6B2A4EA98800A03AD4420
Widgi.Toolbar: [SBI $DABAA047] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\Installer\UpgradeCodes\504D229B31D6B2A4EA98800A03AD4420
Widgi.Toolbar: [SBI $EECF060A] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\504D229B31D6B2A4EA98800A03AD4420
Widgi.Toolbar: [SBI $16C3A07B] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files (x86)\Common Files\Spigot\
Widgi.Toolbar: [SBI $000389AB] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files (x86)\Common Files\Spigot\Search Settings\
Widgi.Toolbar: [SBI $1E14509F] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files (x86)\Common Files\Spigot\Search Settings\Res\
Widgi.Toolbar: [SBI $E1F050EF] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files (x86)\pdfforge Toolbar\
Widgi.Toolbar: [SBI $03E18DB3] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files (x86)\pdfforge Toolbar\IE\
Widgi.Toolbar: [SBI $60A6F1DA] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files (x86)\pdfforge Toolbar\Res\
Widgi.Toolbar: [SBI $E4808FA3] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files (x86)\Application Updater\
Tuguu.VAFPlayer: [SBI $76F6A96F] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VafPlayer
Tuguu.VAFPlayer: [SBI $76F6A96F] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VafPlayer
Tuguu.VAFPlayer: [SBI $96752782] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files (x86)\Tuguu SL\
Tuguu.VAFPlayer: [SBI $ABF0D615] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files (x86)\Tuguu SL\VAFPlayer\
Tuguu.VAFPlayer: [SBI $C4882D2E] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\
Tuguu.VAFPlayer: [SBI $AD693880] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.3g2\VafPlayer
Tuguu.VAFPlayer: [SBI $AD693880] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.3g2\VafPlayer
Tuguu.VAFPlayer: [SBI $07007C2B] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.3gp2\VafPlayer
Tuguu.VAFPlayer: [SBI $07007C2B] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.3gp2\VafPlayer
Tuguu.VAFPlayer: [SBI $657DB6C7] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.3gpp\VafPlayer
Tuguu.VAFPlayer: [SBI $657DB6C7] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.3gpp\VafPlayer
Tuguu.VAFPlayer: [SBI $CF14F26C] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.3gp\VafPlayer
Tuguu.VAFPlayer: [SBI $CF14F26C] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.3gp\VafPlayer
Tuguu.VAFPlayer: [SBI $57B102F0] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.aac\VafPlayer
Tuguu.VAFPlayer: [SBI $57B102F0] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.aac\VafPlayer
Tuguu.VAFPlayer: [SBI $5E88C3A1] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ac3\VafPlayer
Tuguu.VAFPlayer: [SBI $5E88C3A1] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ac3\VafPlayer
Tuguu.VAFPlayer: [SBI $5C5DBF1F] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.alac\VafPlayer
Tuguu.VAFPlayer: [SBI $5C5DBF1F] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.alac\VafPlayer
Tuguu.VAFPlayer: [SBI $0D0A959F] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.amr\VafPlayer
Tuguu.VAFPlayer: [SBI $0D0A959F] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.amr\VafPlayer
Tuguu.VAFPlayer: [SBI $8776F0FC] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.amv\VafPlayer
Tuguu.VAFPlayer: [SBI $8776F0FC] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.amv\VafPlayer
Tuguu.VAFPlayer: [SBI $3D04790D] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ape\VafPlayer
Tuguu.VAFPlayer: [SBI $3D04790D] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ape\VafPlayer
Tuguu.VAFPlayer: [SBI $4B766E62] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.apl\VafPlayer
Tuguu.VAFPlayer: [SBI $4B766E62] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.apl\VafPlayer
Tuguu.VAFPlayer: [SBI $2B60B90D] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.avi\VafPlayer
Tuguu.VAFPlayer: [SBI $2B60B90D] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.avi\VafPlayer
Tuguu.VAFPlayer: [SBI $CD41CD2E] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.divx\VafPlayer
Tuguu.VAFPlayer: [SBI $CD41CD2E] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.divx\VafPlayer
Tuguu.VAFPlayer: [SBI $7B0392BB] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.dts\VafPlayer
Tuguu.VAFPlayer: [SBI $7B0392BB] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.dts\VafPlayer
Tuguu.VAFPlayer: [SBI $7A924A30] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.evo\VafPlayer
Tuguu.VAFPlayer: [SBI $7A924A30] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.evo\VafPlayer
Tuguu.VAFPlayer: [SBI $BD73B57B] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.flac\VafPlayer
Tuguu.VAFPlayer: [SBI $BD73B57B] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.flac\VafPlayer
Tuguu.VAFPlayer: [SBI $098C1D26] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.flv\VafPlayer
Tuguu.VAFPlayer: [SBI $098C1D26] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.flv\VafPlayer
Tuguu.VAFPlayer: [SBI $753083B6] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.hdmov\VafPlayer
Tuguu.VAFPlayer: [SBI $753083B6] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.hdmov\VafPlayer
Tuguu.VAFPlayer: [SBI $C5E9817C] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.it\VafPlayer
Tuguu.VAFPlayer: [SBI $C5E9817C] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.it\VafPlayer
Tuguu.VAFPlayer: [SBI $7D158301] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.m1v\VafPlayer
Tuguu.VAFPlayer: [SBI $7D158301] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.m1v\VafPlayer
Tuguu.VAFPlayer: [SBI $7627E301] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.m2p\VafPlayer
Tuguu.VAFPlayer: [SBI $7627E301] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.m2p\VafPlayer
Tuguu.VAFPlayer: [SBI $938BBECD] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.m2ts\VafPlayer
Tuguu.VAFPlayer: [SBI $938BBECD] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.m2ts\VafPlayer
Tuguu.VAFPlayer: [SBI $FC5B8662] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.m2t\VafPlayer
Tuguu.VAFPlayer: [SBI $FC5B8662] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.m2t\VafPlayer
Tuguu.VAFPlayer: [SBI $54DD37F3] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.m2v\VafPlayer
Tuguu.VAFPlayer: [SBI $54DD37F3] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.m2v\VafPlayer
Tuguu.VAFPlayer: [SBI $D82FCE42] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.m4a\VafPlayer
Tuguu.VAFPlayer: [SBI $D82FCE42] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.m4a\VafPlayer
Tuguu.VAFPlayer: [SBI $074C5E17] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.m4v\VafPlayer
Tuguu.VAFPlayer: [SBI $074C5E17] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.m4v\VafPlayer
Tuguu.VAFPlayer: [SBI $9E9C611C] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mka\VafPlayer
Tuguu.VAFPlayer: [SBI $9E9C611C] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mka\VafPlayer
Tuguu.VAFPlayer: [SBI $41FFF149] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mkv\VafPlayer
Tuguu.VAFPlayer: [SBI $41FFF149] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mkv\VafPlayer
Tuguu.VAFPlayer: [SBI $6CB27838] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mo3\VafPlayer
Tuguu.VAFPlayer: [SBI $6CB27838] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mo3\VafPlayer
Tuguu.VAFPlayer: [SBI $792A9310] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mod\VafPlayer
Tuguu.VAFPlayer: [SBI $792A9310] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mod\VafPlayer
Tuguu.VAFPlayer: [SBI $95CEBDCE] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mov\VafPlayer
Tuguu.VAFPlayer: [SBI $95CEBDCE] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mov\VafPlayer
Tuguu.VAFPlayer: [SBI $54996A6B] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mp2v\VafPlayer
Tuguu.VAFPlayer: [SBI $54996A6B] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mp2v\VafPlayer
Tuguu.VAFPlayer: [SBI $047F219C] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mp3\VafPlayer
Tuguu.VAFPlayer: [SBI $047F219C] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mp3\VafPlayer
Tuguu.VAFPlayer: [SBI $0708038F] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mp4v\VafPlayer
Tuguu.VAFPlayer: [SBI $0708038F] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mp4v\VafPlayer
Tuguu.VAFPlayer: [SBI $9F7E2E86] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mp4\VafPlayer
Tuguu.VAFPlayer: [SBI $9F7E2E86] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mp4\VafPlayer
Tuguu.VAFPlayer: [SBI $8AE6C5AE] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mpc\VafPlayer
Tuguu.VAFPlayer: [SBI $8AE6C5AE] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mpc\VafPlayer
Tuguu.VAFPlayer: [SBI $9CA01EDD] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mpeg\VafPlayer
Tuguu.VAFPlayer: [SBI $9CA01EDD] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mpeg\VafPlayer
Tuguu.VAFPlayer: [SBI $A81C115C] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mpe\VafPlayer
Tuguu.VAFPlayer: [SBI $A81C115C] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mpe\VafPlayer
Tuguu.VAFPlayer: [SBI $009AA0CD] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mpg\VafPlayer
Tuguu.VAFPlayer: [SBI $009AA0CD] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mpg\VafPlayer
Tuguu.VAFPlayer: [SBI $EE51CE08] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mpv2\VafPlayer
Tuguu.VAFPlayer: [SBI $EE51CE08] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mpv2\VafPlayer
Tuguu.VAFPlayer: [SBI $CCAB1AFA] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mpv4\VafPlayer
Tuguu.VAFPlayer: [SBI $CCAB1AFA] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mpv4\VafPlayer
Tuguu.VAFPlayer: [SBI $B3A4915C] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mtm\VafPlayer
Tuguu.VAFPlayer: [SBI $B3A4915C] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mtm\VafPlayer
Tuguu.VAFPlayer: [SBI $1AB51666] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mts\VafPlayer
Tuguu.VAFPlayer: [SBI $1AB51666] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.mts\VafPlayer
Tuguu.VAFPlayer: [SBI $16F546B4] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ofr\VafPlayer
Tuguu.VAFPlayer: [SBI $16F546B4] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ofr\VafPlayer
Tuguu.VAFPlayer: [SBI $AF0E9D5C] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ofs\VafPlayer
Tuguu.VAFPlayer: [SBI $AF0E9D5C] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ofs\VafPlayer
Tuguu.VAFPlayer: [SBI $ED822213] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.oga\VafPlayer
Tuguu.VAFPlayer: [SBI $ED822213] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.oga\VafPlayer
Tuguu.VAFPlayer: [SBI $CF78F6E1] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ogg\VafPlayer
Tuguu.VAFPlayer: [SBI $CF78F6E1] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ogg\VafPlayer
Tuguu.VAFPlayer: [SBI $A8778BF7] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ogm\VafPlayer
Tuguu.VAFPlayer: [SBI $A8778BF7] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ogm\VafPlayer
Tuguu.VAFPlayer: [SBI $32E1B246] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ogv\VafPlayer
Tuguu.VAFPlayer: [SBI $32E1B246] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ogv\VafPlayer
Tuguu.VAFPlayer: [SBI $741E27B4] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.pva\VafPlayer
Tuguu.VAFPlayer: [SBI $741E27B4] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.pva\VafPlayer
Tuguu.VAFPlayer: [SBI $0EF0B59B] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ra\VafPlayer
Tuguu.VAFPlayer: [SBI $0EF0B59B] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ra\VafPlayer
Tuguu.VAFPlayer: [SBI $BDFBE825] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.rmvb\VafPlayer
Tuguu.VAFPlayer: [SBI $BDFBE825] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.rmvb\VafPlayer
Tuguu.VAFPlayer: [SBI $4B051C7F] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.rm\VafPlayer
Tuguu.VAFPlayer: [SBI $4B051C7F] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.rm\VafPlayer
Tuguu.VAFPlayer: [SBI $3656FE38] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.s3m\VafPlayer
Tuguu.VAFPlayer: [SBI $3656FE38] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.s3m\VafPlayer
Tuguu.VAFPlayer: [SBI $01989CA9] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.tpr\VafPlayer
Tuguu.VAFPlayer: [SBI $01989CA9] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.tpr\VafPlayer
Tuguu.VAFPlayer: [SBI $A0F898D8] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.tp\VafPlayer
Tuguu.VAFPlayer: [SBI $A0F898D8] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.tp\VafPlayer
Tuguu.VAFPlayer: [SBI $B185F2A1] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ts\VafPlayer
Tuguu.VAFPlayer: [SBI $B185F2A1] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.ts\VafPlayer
Tuguu.VAFPlayer: [SBI $0E5C563B] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.umx\VafPlayer
Tuguu.VAFPlayer: [SBI $0E5C563B] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.umx\VafPlayer
Tuguu.VAFPlayer: [SBI $F90BCA85] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.vob\VafPlayer
Tuguu.VAFPlayer: [SBI $F90BCA85] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.vob\VafPlayer
Tuguu.VAFPlayer: [SBI $D98F77D8] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.webm\VafPlayer
Tuguu.VAFPlayer: [SBI $D98F77D8] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.webm\VafPlayer
Tuguu.VAFPlayer: [SBI $3713DE89] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.wmv\VafPlayer
Tuguu.VAFPlayer: [SBI $3713DE89] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.wmv\VafPlayer
Tuguu.VAFPlayer: [SBI $ABCAF8D8] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.wv\VafPlayer
Tuguu.VAFPlayer: [SBI $ABCAF8D8] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.wv\VafPlayer
Tuguu.VAFPlayer: [SBI $BFB6A653] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.xm\VafPlayer
Tuguu.VAFPlayer: [SBI $BFB6A653] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\.xm\VafPlayer
Tuguu.VAFPlayer: [SBI $427B4781] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.3g2\
Tuguu.VAFPlayer: [SBI $427B4781] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.3g2\
Tuguu.VAFPlayer: [SBI $78B4DE33] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.3gp2\
Tuguu.VAFPlayer: [SBI $78B4DE33] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.3gp2\
Tuguu.VAFPlayer: [SBI $C7EDC5D0] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.3gpp\
Tuguu.VAFPlayer: [SBI $C7EDC5D0] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.3gpp\
Tuguu.VAFPlayer: [SBI $FD225C62] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.3gp\
Tuguu.VAFPlayer: [SBI $FD225C62] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.3gp\
Tuguu.VAFPlayer: [SBI $BB2BABB4] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.aac\
Tuguu.VAFPlayer: [SBI $BB2BABB4] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.aac\
Tuguu.VAFPlayer: [SBI $5BB1813D] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ac3\
Tuguu.VAFPlayer: [SBI $5BB1813D] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ac3\
Tuguu.VAFPlayer: [SBI $AEDB3AE0] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.alac\
Tuguu.VAFPlayer: [SBI $AEDB3AE0] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.alac\
Tuguu.VAFPlayer: [SBI $9A13512A] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.amr\
Tuguu.VAFPlayer: [SBI $9A13512A] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.amr\
Tuguu.VAFPlayer: [SBI $91BB862C] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.amv\
Tuguu.VAFPlayer: [SBI $91BB862C] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.amv\
Tuguu.VAFPlayer: [SBI $71F7AC63] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ape\
Tuguu.VAFPlayer: [SBI $71F7AC63] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ape\
Tuguu.VAFPlayer: [SBI $89F4B48E] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.apl\
Tuguu.VAFPlayer: [SBI $89F4B48E] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.apl\
Tuguu.VAFPlayer: [SBI $F0D2DE7A] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.avi\
Tuguu.VAFPlayer: [SBI $F0D2DE7A] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.avi\
Tuguu.VAFPlayer: [SBI $827AF2ED] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.divx\
Tuguu.VAFPlayer: [SBI $827AF2ED] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.divx\
Tuguu.VAFPlayer: [SBI $93CA9103] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.dts\
Tuguu.VAFPlayer: [SBI $93CA9103] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.dts\
Tuguu.VAFPlayer: [SBI $B04389A6] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.evo\
Tuguu.VAFPlayer: [SBI $B04389A6] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.evo\
Tuguu.VAFPlayer: [SBI $C73CBCB8] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.flac\
Tuguu.VAFPlayer: [SBI $C73CBCB8] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.flac\
Tuguu.VAFPlayer: [SBI $A71DA0E7] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.flv\
Tuguu.VAFPlayer: [SBI $A71DA0E7] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.flv\
Tuguu.VAFPlayer: [SBI $72120405] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.hdmov\
Tuguu.VAFPlayer: [SBI $72120405] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.hdmov\
Tuguu.VAFPlayer: [SBI $60906D2F] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.it\
Tuguu.VAFPlayer: [SBI $60906D2F] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.it\
Tuguu.VAFPlayer: [SBI $FC0E7C82] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.m1v\
Tuguu.VAFPlayer: [SBI $FC0E7C82] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.m1v\
Tuguu.VAFPlayer: [SBI $512446AE] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.m2p\
Tuguu.VAFPlayer: [SBI $512446AE] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.m2p\
Tuguu.VAFPlayer: [SBI $567D9DD1] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.m2ts\
Tuguu.VAFPlayer: [SBI $567D9DD1] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.m2ts\
Tuguu.VAFPlayer: [SBI $5A8C91A8] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.m2t\
Tuguu.VAFPlayer: [SBI $5A8C91A8] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.m2t\
Tuguu.VAFPlayer: [SBI $5F58FA2B] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.m2v\
Tuguu.VAFPlayer: [SBI $5F58FA2B] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.m2v\
Tuguu.VAFPlayer: [SBI $0D09A744] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.m4a\
Tuguu.VAFPlayer: [SBI $0D09A744] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.m4a\
Tuguu.VAFPlayer: [SBI $C284F138] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.m4v\
Tuguu.VAFPlayer: [SBI $C284F138] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.m4v\
Tuguu.VAFPlayer: [SBI $10DCE6A8] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mka\
Tuguu.VAFPlayer: [SBI $10DCE6A8] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mka\
Tuguu.VAFPlayer: [SBI $DF51B0D4] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mkv\
Tuguu.VAFPlayer: [SBI $DF51B0D4] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mkv\
Tuguu.VAFPlayer: [SBI $684EACB1] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mo3\
Tuguu.VAFPlayer: [SBI $684EACB1] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mo3\
Tuguu.VAFPlayer: [SBI $1D4E8AAD] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mod\
Tuguu.VAFPlayer: [SBI $1D4E8AAD] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mod\
Tuguu.VAFPlayer: [SBI $3639BD36] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mov\
Tuguu.VAFPlayer: [SBI $3639BD36] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mov\
Tuguu.VAFPlayer: [SBI $9D65CD97] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mp2v\
Tuguu.VAFPlayer: [SBI $9D65CD97] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mp2v\
Tuguu.VAFPlayer: [SBI $38930175] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mp3\
Tuguu.VAFPlayer: [SBI $38930175] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mp3\
Tuguu.VAFPlayer: [SBI $00B9C684] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mp4v\
Tuguu.VAFPlayer: [SBI $00B9C684] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mp4v\
Tuguu.VAFPlayer: [SBI $D9BD0B11] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mp4\
Tuguu.VAFPlayer: [SBI $D9BD0B11] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mp4\
Tuguu.VAFPlayer: [SBI $ACBD2D0D] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mpc\
Tuguu.VAFPlayer: [SBI $ACBD2D0D] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mpc\
Tuguu.VAFPlayer: [SBI $48E07B07] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mpeg\
Tuguu.VAFPlayer: [SBI $48E07B07] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mpeg\
Tuguu.VAFPlayer: [SBI $A2C19188] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mpe\
Tuguu.VAFPlayer: [SBI $A2C19188] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mpe\
Tuguu.VAFPlayer: [SBI $A715FA0B] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mpg\
Tuguu.VAFPlayer: [SBI $A715FA0B] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mpg\
Tuguu.VAFPlayer: [SBI $88208B3B] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mpv2\
Tuguu.VAFPlayer: [SBI $88208B3B] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mpv2\
Tuguu.VAFPlayer: [SBI $865C37BE] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mpv4\
Tuguu.VAFPlayer: [SBI $865C37BE] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mpv4\
Tuguu.VAFPlayer: [SBI $5CF83266] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mtm\
Tuguu.VAFPlayer: [SBI $5CF83266] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mtm\
Tuguu.VAFPlayer: [SBI $6B767CF7] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mts\
Tuguu.VAFPlayer: [SBI $6B767CF7] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.mts\
Tuguu.VAFPlayer: [SBI $291C8161] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ofr\
Tuguu.VAFPlayer: [SBI $291C8161] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ofr\
Tuguu.VAFPlayer: [SBI $C64E3780] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ofs\
Tuguu.VAFPlayer: [SBI $C64E3780] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ofs\
Tuguu.VAFPlayer: [SBI $3ADB8043] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.oga\
Tuguu.VAFPlayer: [SBI $3ADB8043] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.oga\
Tuguu.VAFPlayer: [SBI $34A73CC6] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ogg\
Tuguu.VAFPlayer: [SBI $34A73CC6] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ogg\
Tuguu.VAFPlayer: [SBI $2622F949] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ogm\
Tuguu.VAFPlayer: [SBI $2622F949] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ogm\
Tuguu.VAFPlayer: [SBI $F556D63F] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ogv\
Tuguu.VAFPlayer: [SBI $F556D63F] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ogv\
Tuguu.VAFPlayer: [SBI $6222E015] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.pva\
Tuguu.VAFPlayer: [SBI $6222E015] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.pva\
Tuguu.VAFPlayer: [SBI $137CF0F6] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ra\
Tuguu.VAFPlayer: [SBI $137CF0F6] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ra\
Tuguu.VAFPlayer: [SBI $4D689709] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.rmvb\
Tuguu.VAFPlayer: [SBI $4D689709] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.rmvb\
Tuguu.VAFPlayer: [SBI $0F8589FC] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.rm\
Tuguu.VAFPlayer: [SBI $0F8589FC] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.rm\
Tuguu.VAFPlayer: [SBI $A2F0B547] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.s3m\
Tuguu.VAFPlayer: [SBI $A2F0B547] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.s3m\
Tuguu.VAFPlayer: [SBI $75368125] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.tpr\
Tuguu.VAFPlayer: [SBI $75368125] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.tpr\
Tuguu.VAFPlayer: [SBI $4F51111C] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.tp\
Tuguu.VAFPlayer: [SBI $4F51111C] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.tp\
Tuguu.VAFPlayer: [SBI $A5D7CC7E] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ts\
Tuguu.VAFPlayer: [SBI $A5D7CC7E] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.ts\
Tuguu.VAFPlayer: [SBI $26BDD4D9] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.umx\
Tuguu.VAFPlayer: [SBI $26BDD4D9] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.umx\
Tuguu.VAFPlayer: [SBI $C1860675] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.vob\
Tuguu.VAFPlayer: [SBI $C1860675] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.vob\
Tuguu.VAFPlayer: [SBI $51C5541E] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.webm\
Tuguu.VAFPlayer: [SBI $51C5541E] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.webm\
Tuguu.VAFPlayer: [SBI $F55EB0DC] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.wmv\
Tuguu.VAFPlayer: [SBI $F55EB0DC] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.wmv\
Tuguu.VAFPlayer: [SBI $E27B2B30] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.wv\
Tuguu.VAFPlayer: [SBI $E27B2B30] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.wv\
Tuguu.VAFPlayer: [SBI $72909288] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.xm\
Tuguu.VAFPlayer: [SBI $72909288] Settings (Registry Change, nothing done)
HKEY_CLASSES_ROOT\.xm\
Microsoft.WindowsSecurityCenter_disabled: [SBI $2E20C9A9] Settings (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start
Microsoft.WindowsSecurityCenter_disabled: [SBI $2E20C9A9] Settings (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\cdn.zopim.com\47RtJCp9551l41F500mketBis297Eoy3Session_SO.sol
Properties.size=86
Properties.md5=49EB68A553E8F65B79425BEF78EEF058
Properties.filedate=1404150806
Properties.filedatetext=2014-06-30 18:53:25
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\cdn.zopim.com\47RtJCp9551l41F500mketBis297Eoy3Volatile_SO.sol
Properties.size=196
Properties.md5=2443D0E6A1429BF576F290FF01096586
Properties.filedate=1404150806
Properties.filedatetext=2014-06-30 18:53:25
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\de-ipd.cdn.videoplaza.tv\com.videoplaza.adplayer.sol
Properties.size=149
Properties.md5=A06EAFE4E77C0A5C9718634D9083A075
Properties.filedate=1418587947
Properties.filedatetext=2014-12-14 21:12:26
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\de-ipd.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
Properties.size=122
Properties.md5=7456B8F5B087113AD99FDE01E29440E5
Properties.filedate=1419948865
Properties.filedatetext=2014-12-30 15:14:24
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\de-ipd.cdn.videoplaza.tv\se.videoplaza.kit.adplayer.adplayer.sol
Properties.size=5756
Properties.md5=4920C3574E3837A5A31F622A0D365B37
Properties.filedate=1419951297
Properties.filedatetext=2014-12-30 15:54:56
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\de-uim.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
Properties.size=121
Properties.md5=19886C71873C32B411EFB65418178503
Properties.filedate=1405832227
Properties.filedatetext=2014-07-20 05:57:06
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\de-uim.cdn.videoplaza.tv\se.videoplaza.kit.adplayer.adplayer.sol
Properties.size=144
Properties.md5=2F084212FAF1CD37D1506CAEF6794750
Properties.filedate=1398337497
Properties.filedatetext=2014-04-24 12:04:56
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\edge.liveleak.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=BAA08DB73B2C679C9C0AB4B552DC2B1A
Properties.filedate=1418644964
Properties.filedatetext=2014-12-15 13:02:43
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\eu.hcdn.co\com.longtailvideo.jwplayer.sol
Properties.size=58
Properties.md5=011E047AB8164B76C7FF8769A37C6734
Properties.filedate=1418870907
Properties.filedatetext=2014-12-18 03:48:27
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\f.vimeocdn.com\com.conviva.livePass.sol
Properties.size=225
Properties.md5=9A6C689A3AAED41BB95A5CD2A9E4CB08
Properties.filedate=1399660379
Properties.filedatetext=2014-05-09 19:32:59
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\filenuke.com\com.longtailvideo.jwplayer.sol
Properties.size=65
Properties.md5=2615AF2321A42D5469F7F1209D171E50
Properties.filedate=1415919315
Properties.filedatetext=2014-11-13 23:55:14
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\gorillavid.in\com.jeroenwijering.sol
Properties.size=54
Properties.md5=6B838B7AC64BC850699860B0C72F3AB2
Properties.filedate=1417704776
Properties.filedatetext=2014-12-04 15:52:55
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\grooveshark.com\jsQueue.sol
Properties.size=3175
Properties.md5=3E4D688D37C4F114C1313FEFDD910A13
Properties.filedate=1419453533
Properties.filedatetext=2014-12-24 21:38:52
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\images-na.ssl-images-amazon.com\mercury.sol
Properties.size=69
Properties.md5=C61226DD3132F00308E6BC41EAFE64B1
Properties.filedate=1415232174
Properties.filedatetext=2014-11-06 01:02:53
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\is.myvideo.de\com.conviva.livePass.sol
Properties.size=410
Properties.md5=D2A24AB451312A2FA7BA150BC189F7AE
Properties.filedate=1399788323
Properties.filedatetext=2014-05-11 07:05:22
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\modovideo.com\com.jeroenwijering.sol
Properties.size=50
Properties.md5=56EEF84EDFBF218442F7AFFE5876619E
Properties.filedate=1413631403
Properties.filedatetext=2014-10-18 12:23:23
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\mpsnare.iesnare.com\stm.sol
Properties.size=79
Properties.md5=70F7C0A12A1893618B576A5454E7CF9F
Properties.filedate=1413806323
Properties.filedatetext=2014-10-20 12:58:43
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\s.tbcdn.cn\alipay.com.sol
Properties.size=188
Properties.md5=952CAD0B05AECE1B9128A28B8F98F7E8
Properties.filedate=1404150984
Properties.filedatetext=2014-06-30 18:56:23
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\s.uicdn.com\com.longtailvideo.jwplayer.sol
Properties.size=65
Properties.md5=936C3E51AB948D41701A7F0D13B2A2AA
Properties.filedate=1415924815
Properties.filedatetext=2014-11-14 01:26:54
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\s.ytimg.com\soundData.sol
Properties.size=58
Properties.md5=CC7402771A11BE58BC7197CCADBD3223
Properties.filedate=1419802756
Properties.filedatetext=2014-12-28 22:39:15
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\s.ytimg.com\subtitlesModuleData.sol
Properties.size=63
Properties.md5=9DE49710739F75999D66A47B6EE1A8A8
Properties.filedate=1416566492
Properties.filedatetext=2014-11-21 11:41:32
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\ssl.hurra.com\restore.hurra.com.sol
Properties.size=266
Properties.md5=1F1A25CBE8427C04BFBC79CB35BFBD46
Properties.filedate=1410620595
Properties.filedatetext=2014-09-13 16:03:15
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\static.flashx.tv\analytics.sol
Properties.size=351
Properties.md5=8B8D41E2350AA1001AB2074EE750130F
Properties.filedate=1399239704
Properties.filedatetext=2014-05-04 22:41:43
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\static.flashx.tv\com.nuevoplayer.sol
Properties.size=47
Properties.md5=404C77EFB65EE6C561A141CAC0FAA281
Properties.filedate=1399237820
Properties.filedatetext=2014-05-04 22:10:19
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\static1.dmcdn.net\com.dm.player.sol
Properties.size=317
Properties.md5=1D69E347E508F655344186E8481227CE
Properties.filedate=1417108853
Properties.filedatetext=2014-11-27 18:20:52
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\stream4k.to\com.jeroenwijering.sol
Properties.size=50
Properties.md5=5E525362BB1645ABA6A6F55667A464DF
Properties.filedate=1399136666
Properties.filedatetext=2014-05-03 18:04:26
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\streamcloud.eu\com.longtailvideo.jwplayer.sol
Properties.size=65
Properties.md5=89560B7ABA804BA619126AB95BC2CE6B
Properties.filedate=1417873029
Properties.filedatetext=2014-12-06 14:37:09
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\www.avera.org\analytics.sol
Properties.size=419
Properties.md5=957A1BB3244CB6BFF83F442A856D8584
Properties.filedate=1403291640
Properties.filedatetext=2014-06-20 20:14:00
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\www.hornoxe.com\com.jeroenwijering.sol
Properties.size=50
Properties.md5=FB578DC67CE113BF1A0F7A850948AB55
Properties.filedate=1418640370
Properties.filedatetext=2014-12-15 11:46:09
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\www.paypalobjects.com\paypalLSO.sol
Properties.size=111
Properties.md5=0E65E0D15A5DF2E223EF788D418C9941
Properties.filedate=1417794169
Properties.filedatetext=2014-12-05 16:42:49
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\www.paypalobjects.com\ppLsoTest.sol
Properties.size=48
Properties.md5=74EE4375686A2069414EEF13E7B62789
Properties.filedate=1417794132
Properties.filedatetext=2014-12-05 16:42:12
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\www.radioeins.de\com.longtailvideo.jwplayer.sol
Properties.size=55
Properties.md5=3E32B09E3492C5BA32BF871057EF5404
Properties.filedate=1406273869
Properties.filedatetext=2014-07-25 08:37:48
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\aa.online-metrix.net\fpc.swf\session.sol
Properties.size=76
Properties.md5=1EB451838B0DFE97270C55E1F702D833
Properties.filedate=1417876023
Properties.filedatetext=2014-12-06 15:27:03
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\jsctool.com\d.swf\d.sol
Properties.size=72
Properties.md5=300A918AAD4D403445EF1773F24F36A0
Properties.filedate=1398410969
Properties.filedatetext=2014-04-25 08:29:28
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\skype.com\#ui\preferences.sol
Properties.size=233
Properties.md5=B9636886B2D7F98AB3BBA8888AA0548F
Properties.filedate=1419453464
Properties.filedatetext=2014-12-24 21:37:43
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\static.sockshare.com\video_player.swf\org.flowplayer.sol
Properties.size=60
Properties.md5=11B628CEABE61125FA85414F1AC515EA
Properties.filedate=1411141071
Properties.filedatetext=2014-09-19 16:37:51
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\bilder.rtl.de\flash\david09_player_2012.swf\rtl.sol
Properties.size=35
Properties.md5=F240BC8ED3BD00819E900DB730F278F4
Properties.filedate=1398773224
Properties.filedatetext=2014-04-29 13:07:03
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\bilder.rtl.de\flash\david09_player_2012.swf\rtlbw.sol
Properties.size=38
Properties.md5=B5DFC13AB0F74077B033F05000F7CAC7
Properties.filedate=1398773313
Properties.filedatetext=2014-04-29 13:08:33
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\bilder.rtl.de\flash\david09_player_2012.swf\userinfo6.sol
Properties.size=51
Properties.md5=520BD34D2F27A4EFDEACB1EE4B3F9846
Properties.filedate=1398773313
Properties.filedatetext=2014-04-29 13:08:33
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\bilder.rtl.de\flash\david09_player_2014.swf\rtl.sol
Properties.size=35
Properties.md5=F240BC8ED3BD00819E900DB730F278F4
Properties.filedate=1404828015
Properties.filedatetext=2014-07-08 15:00:14
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\bilder.rtl.de\flash\david09_player_2014.swf\rtlbw.sol
Properties.size=38
Properties.md5=B5DFC13AB0F74077B033F05000F7CAC7
Properties.filedate=1404828627
Properties.filedatetext=2014-07-08 15:10:26
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\bilder.rtl.de\flash\david09_player_2014.swf\userinfo6.sol
Properties.size=50
Properties.md5=E97720A14BEC3F8D3111E2FA38F97B4E
Properties.filedate=1404828627
Properties.filedatetext=2014-07-08 15:10:27
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\cdn.static-fra.de\now\vodplayer.liveab.swf\rtl.sol
Properties.size=35
Properties.md5=F240BC8ED3BD00819E900DB730F278F4
Properties.filedate=1398942915
Properties.filedatetext=2014-05-01 12:15:14
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\cdn.static-fra.de\now\vodplayer.liveab.swf\rtlbw.sol
Properties.size=38
Properties.md5=B5DFC13AB0F74077B033F05000F7CAC7
Properties.filedate=1398945466
Properties.filedatetext=2014-05-01 12:57:45
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\cdn.static-fra.de\now\vodplayer.liveab.swf\userinfo6.sol
Properties.size=48
Properties.md5=3ECC7D786BD9698A4D978F72BB992F9B
Properties.filedate=1398945466
Properties.filedatetext=2014-05-01 12:57:46
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\cdn.static-fra.de\now\vodplayer.swf\rtl.sol
Properties.size=42
Properties.md5=3019293E97D93141F4BD7049E0DF59CF
Properties.filedate=1417989742
Properties.filedatetext=2014-12-07 23:02:21
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\cdn.static-fra.de\now\vodplayer.swf\rtlbw.sol
Properties.size=38
Properties.md5=B5DFC13AB0F74077B033F05000F7CAC7
Properties.filedate=1398946142
Properties.filedatetext=2014-05-01 13:09:01
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\cdn.static-fra.de\now\vodplayer.swf\userinfo6.sol
Properties.size=51
Properties.md5=6E239F8B57441C0F8EBB5DD2541C3E96
Properties.filedate=1398946142
Properties.filedatetext=2014-05-01 13:09:01
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\cdn.zopim.com\swf\ZClientController2.swf\ZopConfig.sol
Properties.size=84
Properties.md5=9E72427D3D3B83BB4FBBFFA65D051B05
Properties.filedate=1404150806
Properties.filedatetext=2014-06-30 18:53:25
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\embed.movshare.net\player\cloudplayer.swf\novaPlayer.sol
Properties.size=78
Properties.md5=AB7E2AEB6316B6433473B7487861814D
Properties.filedate=1416073188
Properties.filedatetext=2014-11-15 18:39:48
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\embed.nowvideo.sx\player\cloudplayer.swf\novaPlayer.sol
Properties.size=78
Properties.md5=AF70A852EF675AC2CDD33586A7E38482
Properties.filedate=1419738472
Properties.filedatetext=2014-12-28 04:47:51
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\play.snacktv.de\player\videoplayer.swf\SnackTV.sol
Properties.size=79
Properties.md5=9A5978BE510E9FD197E8F493DED3B477
Properties.filedate=1399373890
Properties.filedatetext=2014-05-06 11:58:10
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\play.snacktv.de\player\videoplayer_psd.swf\SnackTV.sol
Properties.size=79
Properties.md5=BD1E76505EC33FB700D3BDA0275FA22B
Properties.filedate=1410599110
Properties.filedatetext=2014-09-13 10:05:10
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\www.divxstage.to\player\cloudplayer.swf\novaPlayer.sol
Properties.size=78
Properties.md5=1066A3561F35F0F3A56D438CD9117494
Properties.filedate=1414968592
Properties.filedatetext=2014-11-02 23:49:52
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\www.movshare.net\player\cloudplayer.swf\novaPlayer.sol
Properties.size=78
Properties.md5=CA63C2D1BD1695F258D6BBECDBC767F4
Properties.filedate=1414223085
Properties.filedatetext=2014-10-25 08:44:44
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\www.musicline.de\player_flash_banner\player.swf\userPrefs.sol
Properties.size=54
Properties.md5=0A09874BC558DC13F12F90FB3DFE49FC
Properties.filedate=1413565861
Properties.filedatetext=2014-10-17 18:11:00
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\www.nowvideo.sx\player\cloudplayer.swf\novaPlayer.sol
Properties.size=78
Properties.md5=5256431468ADDF6E20270E8A35C34BE1
Properties.filedate=1413866903
Properties.filedatetext=2014-10-21 05:48:23
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\****\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YDEDDLKL\www.tim-maelzer.info\player\vPlayer.swf\splayTvID5.sol
Properties.size=60
Properties.md5=89C73D111D6AE9DDCD31CB349DBAF4F8
Properties.filedate=1403359699
Properties.filedatetext=2014-06-21 15:08:19
Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Internet Explorer\TypedURLs
Internet Explorer: [SBI $FF589D0C] Download directory (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Internet Explorer\Download Directory
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Microsoft Management Console\Recent File List
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
MS Wordpad: [SBI $4C02334D] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
Windows.OpenWith: [SBI $C92C6763] Open with list - .BUP extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList
Windows.OpenWith: [SBI $9E8D5C8A] Open with list - .CDA extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU
Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Cookie: [SBI $49804B54] Browser: Cookie (65) (Browser: Cookie, nothing done)
Cache: [SBI $49804B54] Browser: Cache (148) (Browser: Cache, nothing done)
Verlauf: [SBI $49804B54] Browser: History (46) (Browser: History, nothing done)
Cookie: [SBI $49804B54] Browser: Cookie (2415) (Browser: Cookie, nothing done)
--- Spybot - Search & Destroy version: 2.4.40.131 DLL (build: 20140425) ---
2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2014-06-24 SDBootCD.exe (2.4.40.109)
2014-06-24 SDCleaner.exe (2.4.40.110)
2014-06-24 SDDelFile.exe (2.4.40.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2014-06-24 SDFileScanHelper.exe (2.4.40.1)
2014-06-24 SDFSSvc.exe (2.4.40.217)
2014-06-24 SDHelp.exe (2.4.40.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2014-04-25 SDHookInst64.exe (2.3.39.2)
2014-06-24 SDImmunize.exe (2.4.40.130)
2014-06-24 SDLogReport.exe (2.4.40.107)
2014-06-24 SDOnAccess.exe (2.4.40.11)
2014-06-24 SDPESetup.exe (2.4.40.3)
2014-06-24 SDPEStart.exe (2.4.40.86)
2014-06-24 SDPhoneScan.exe (2.4.40.28)
2014-06-24 SDPRE.exe (2.4.40.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2014-06-24 SDQuarantine.exe (2.4.40.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2014-06-24 SDSBIEdit.exe (2.4.40.39)
2014-06-24 SDScan.exe (2.4.40.181)
2014-06-24 SDScript.exe (2.4.40.54)
2014-06-24 SDSettings.exe (2.4.40.139)
2014-06-24 SDShell.exe (2.4.40.2)
2014-06-24 SDShred.exe (2.4.40.108)
2014-06-24 SDSysRepair.exe (2.4.40.102)
2014-06-24 SDTools.exe (2.4.40.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2014-06-27 SDUpdSvc.exe (2.4.40.77)
2014-06-24 SDWelcome.exe (2.4.40.130)
2014-04-25 SDWSCSvc.exe (2.3.39.2)
2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
2014-07-31 spybotsd2-translation-esx.exe
2013-06-19 spybotsd2-translation-frx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2014-11-05 spybotsd2-translation-ukx.exe
2014-12-31 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
2014-04-25 SDAV.dll
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDECon64.dll (2.3.39.113)
2014-06-24 SDEvents.dll (2.4.40.2)
2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-04-25 SDHook64.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2014-06-24 SDLicense.dll (2.4.40.0)
2014-06-24 SDLists.dll (2.4.40.4)
2014-06-24 SDResources.dll (2.4.40.7)
2014-06-24 SDScanLibrary.dll (2.4.40.131)
2014-06-24 SDTasks.dll (2.4.40.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-06-24 Tools.dll (2.4.40.36)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-12-31 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-11-14 Includes\Keyloggers-000.sbi (*)
2014-09-24 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-11-14 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2014-11-14 Includes\Malware-002.sbi (*)
2014-11-14 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-12-31 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-11-14 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-12-31 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-11-14 Includes\Spyware-000.sbi (*)
2014-12-10 Includes\Spyware-001.sbi (*)
2014-12-31 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-11-14 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-07-09 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2014-07-09 Includes\Trojans-009.sbi (*)
2014-12-31 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 30.12.2014 Suchlauf-Zeit: 16:26:21 Logdatei: Malewarebytes.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2014.12.30.05 Rootkit Datenbank: v2014.12.29.02 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: ***** Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 369964 Verstrichene Zeit: 29 Min, 5 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 1 Trojan.Agent.ED, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\social_network, In Quarantäne, [926bd3952d4f77bf3ebe9a6241c030d0], Registrierungswerte: 2 Trojan.Agent, HKU\S-1-5-21-1902139459-1109185879-2378804310-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|title_clue, C:\Users\*****\AppData\Local\Temp\Title_nerve\title_fail.exe, Löschen bei Neustart, [996430388eee1323ffec283be917e31d] Trojan.Agent, HKU\S-1-5-21-1902139459-1109185879-2378804310-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|title_clue, C:\Users\*****\AppData\Local\Temp\Title_nerve\title_fail.exe, Löschen bei Neustart, [996430388eee1323ffec283be917e31d] Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 5 PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.Delta.A, C:\Users\*****\AppData\Local\Temp\mt_ffx\Delta, In Quarantäne, [8b72c5a38defe45280857ab010f36e92], PUP.Optional.Delta.A, C:\Users\*****\AppData\Local\Temp\mt_ffx\Delta\delta, In Quarantäne, [8b72c5a38defe45280857ab010f36e92], PUP.Optional.Delta.A, C:\Users\*****\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.21.0, In Quarantäne, [8b72c5a38defe45280857ab010f36e92], Dateien: 114 Trojan.Agent, C:\Users\*****\AppData\Local\Temp\Title_nerve\title_fail.exe, Löschen bei Neustart, [996430388eee1323ffec283be917e31d], Trojan.Agent.ED, C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\genre\check_in.exe, In Quarantäne, [926bd3952d4f77bf3ebe9a6241c030d0], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Puxwcycel\gaosuhxz.exe, In Quarantäne, [c23b99cffe7ef640fb3a05f7f809c13f], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Qijii\oefqsuhxz.exe, In Quarantäne, [e01d8ddbe894c67040f5bf3d7d84ac54], Backdoor.Agent.STL, C:\Users\*****\AppData\Roaming\Title-amazing\title-course.exe, In Quarantäne, [619cd0983a4260d612447b85c33fda26], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Title-breast\titlefish.exe, In Quarantäne, [e81520482b510432f441d329fd04c63a], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Title-compare\title_nail.exe, In Quarantäne, [07f643255329a98d1b1aa359e21fc63a], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Title-conflict\titleeven.exe, In Quarantäne, [ad5030388cf0ae8883b21ede1be66f91], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Title-count\title-rest.exe, In Quarantäne, [e31a2840a1db61d5082de71504fd8779], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Title-culture\title-put.exe, In Quarantäne, [68957aeee29a7abc8baa2cd0dc25a060], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Title-has\titledish.exe, In Quarantäne, [20dd2f39c2ba1e1824116c90689927d9], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Title-investigate\title_judge.exe, In Quarantäne, [a4592e3a0b7104325ed7da220100ea16], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Title-lock\titlebottle.exe, In Quarantäne, [3bc2d4944735c472e253fefea25f18e8], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Title-shame\title-know.exe, In Quarantäne, [dc21521690ec3cfa94a1708c28d946ba], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Title-task\titlehold.exe, In Quarantäne, [708dc8a084f83cfad362fffd56ab42be], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Title-were\title-start.exe, In Quarantäne, [94692246c1bb5adcc76edd1f32cf659b], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Titlebone\title-closet.exe, In Quarantäne, [24d9b8b0433980b65cd9c933ca37d22e], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Titlerent\title-divide.exe, In Quarantäne, [5e9f07615e1eaf87e64f1ae2857c34cc], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Titletaste\title-face.exe, In Quarantäne, [6f8e4622cdafad89db5a31cb09f8ca36], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Title_run\title_overcome.exe, In Quarantäne, [dc21d593b6c6b1857db8817bb849d52b], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Title_salary\title-make.exe, In Quarantäne, [e31ac6a28fed88aed065c537ec1542be], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Fsqtfcb\mwmwxjyuhxz.exe, In Quarantäne, [b5482c3c3e3e88ae082d3ac2946d6a96], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Roaming\Title-arm\title-rule.exe, In Quarantäne, [29d4ff69a7d50b2b54e157a5b24f936d], PUP.Optional.OneClickDownloader.A, C:\$Recycle.Bin\S-1-5-21-1902139459-1109185879-2378804310-1000\$RYMQE2I.exe, In Quarantäne, [946977f124587bbb5649c86917eaf20e], Adware.DomaIQ, C:\Users\*****\AppData\Local\Temp\DIQM\FlashPlayer_151\DomaIQ.exe, In Quarantäne, [f60786e26418a1954d0d2481fa0bac54], Adware.DomaIQ, C:\Users\*****\AppData\Local\Temp\DIQM\FlashPlayer_151\DomaIQ10.exe, In Quarantäne, [24d953150a72b87eafabadf853b29e62], Adware.DomaIQ, C:\Users\*****\AppData\Local\Temp\DIQM\FlashPlayer_151\exes.zip, In Quarantäne, [a35ae38543391b1b13476b3aaf56a65a], PUP.Optional.Babylon.A, C:\Users\*****\AppData\Local\Temp\DIQM\FlashPlayer_151\software\Delta Babylon.exe, In Quarantäne, [728b73f539435bdbef9736ef19e8dc24], Trojan.DomaIQ, C:\Users\*****\AppData\Local\Temp\DIQM\FlashPlayer_151\software\FlashPlayer.exe, In Quarantäne, [ee0f28402755c0760b3c8d11d62c9868], PUP.Optional.OptimizePro.A, C:\Users\*****\AppData\Local\Temp\DIQM\FlashPlayer_151\software\OptimizerPro.exe, In Quarantäne, [5e9fed7b7408c4721192ae702ad6c838], PUP.Optional.BabSolution.A, C:\Users\*****\AppData\Local\Temp\bus8CEE\BUSolution.dll, In Quarantäne, [2bd22d3ba0dcb5810bef54d7c33e817f], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Temp\Nmjufxj\inofuhxz.exe, In Quarantäne, [6598afb90b71c57185b005f70ff2e31d], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Temp\Nobywvfz\bzdvluhxz.exe, In Quarantäne, [9f5ef375fc809e980f26fc00b150c838], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Temp\Title-ask\title-trash.exe, In Quarantäne, [6796b5b36a12c373f342728a5fa2d12f], Backdoor.Agent.STL, C:\Users\*****\AppData\Local\Temp\Title-cover\title-hate.exe, In Quarantäne, [b64779efdba186b00353827efc062cd4], Backdoor.Agent.STL, C:\Users\*****\AppData\Local\Temp\Title-iron\titlereference.exe, In Quarantäne, [29d4c5a317650234253122dec53d58a8], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Temp\Title-pass\title-window.exe, In Quarantäne, [5aa3a2c62c50d363a293ba42976ac43c], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Temp\Title-price\titleare.exe, In Quarantäne, [46b72741cdaf4de9fb3af80443be2dd3], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Temp\Title-review\title-sky.exe, In Quarantäne, [02fb83e5027a5bdb44f1ea12b44d1fe1], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Temp\Title-thank\title_sentence.exe, In Quarantäne, [9b62abbd28543303d65f16e6758c6d93], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Temp\Title-wear\title_award.exe, In Quarantäne, [e41996d2403c79bd82b325d7a55c47b9], PUP.Optional.Babylon.A, C:\Users\*****\AppData\Local\Temp\9FD8AEDA-BAB0-7891-8F16-FBBB6D716DA9\CrxInstaller.dll, In Quarantäne, [27d6fc6c98e4e74f26887cbc728f5ba5], PUP.Optional.Delta.A, C:\Users\*****\AppData\Local\Temp\9FD8AEDA-BAB0-7891-8F16-FBBB6D716DA9\MyBabylonTB.exe, In Quarantäne, [29d470f86d0f5bdb0cdf1a759a670ff1], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Temp\Xirr\xylydcfuhxz.exe, In Quarantäne, [f904293f7606dd59ad88906cb948ce32], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Temp\Jfkayzqez\uohfuhxz.exe, In Quarantäne, [9964a6c21567ca6c59dcca3250b1bc44], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Temp\Titlecarpet\title-encourage.exe, In Quarantäne, [7b82b2b63f3de84ef63f0cf0e31e669a], Backdoor.Agent.STL, C:\Users\*****\AppData\Local\Temp\Titlepace\titlefault.exe, In Quarantäne, [f10c0c5c2c50d165094d8e7207fba060], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Temp\Titlestaff\title_spread.exe, In Quarantäne, [d9245018bcc060d6a39234c8f60b0ef2], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Temp\Title_impress\titleproposed.exe, In Quarantäne, [9568f1770577b18572c3fffd867b10f0], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Temp\Title_profit\title-provided.exe, In Quarantäne, [7a83b0b833492a0c1520db21976a20e0], Backdoor.Agent.STL, C:\Users\*****\AppData\Local\Temp\Title_scale\title_twist.exe, In Quarantäne, [ac51a7c14636f34399bd3ec29a687a86], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Temp\Title_site\title-organized.exe, In Quarantäne, [86771751df9d7fb7a29312ea14ed54ac], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Rewybcupg\wtftequhxz.exe, In Quarantäne, [f10c1a4ef785003611249a626f9251af], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Title-border\title-narrow.exe, In Quarantäne, [986504643646f73fa88dc6363cc53dc3], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Title-carry\title_concerned.exe, In Quarantäne, [dc2151175d1f87afae876b916b96a35d], Backdoor.Agent.STL, C:\Users\*****\AppData\Local\Title-excuse\titletaste.exe, In Quarantäne, [1edffb6db7c524129abcfc043dc5857b], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Title-mouth\title-fixed.exe, In Quarantäne, [3fbe6503b8c442f4fe37b14b08f9738d], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Title-passage\title-side.exe, In Quarantäne, [c33aa9bf6c10fe38cc691ae2bd443dc3], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Title-perform\title-hear.exe, In Quarantäne, [12eb80e82e4e082e36fff80437cad030], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Title-play\titletrain.exe, In Quarantäne, [7d804e1a6319aa8c2a0be5170bf6c739], Backdoor.Agent.STL, C:\Users\*****\AppData\Local\Title-sand\title-anticipate.exe, In Quarantäne, [6d905117a1dba3936aec758bd72bcb35], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Title-understand\title-support.exe, In Quarantäne, [11ec4f19384468ce84b13fbddc256e92], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Titleare\title_copy.exe, In Quarantäne, [3dc00f596a1268ced263dc20d52ceb15], Backdoor.Agent.STL, C:\Users\*****\AppData\Local\Titlediscover\title-air.exe, In Quarantäne, [8d701d4b1c6045f1afa78f714db543bd], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Titleestimate\title-jump.exe, In Quarantäne, [28d5383086f693a389ac9c601ce558a8], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Titleletter\title_rip.exe, In Quarantäne, [a15c2d3be09cba7ca194ca32bb46d52b], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Titleshower\title-share.exe, In Quarantäne, [ba43fa6e1a624cea58dd52aa07fade22], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Titlestuff\titlelack.exe, In Quarantäne, [e31a6503265661d5969f23d9d130c53b], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Title_attend\title-compare.exe, In Quarantäne, [27d60068e795e74f2114f10bbc453ac6], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Title_burn\title_burn.exe, In Quarantäne, [926be4842557e650ab8a50acb64b728e], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Title_live\title-shift.exe, In Quarantäne, [ba433e2a4e2ead8984b14cb0758c5ba5], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Title_trip\titlerelate.exe, In Quarantäne, [c835beaac4b8e94dec4900fcc8398080], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Fvbrgatho\helsrcuhxz.exe, In Quarantäne, [b647ee7a43392c0a37fed12b04fd58a8], Backdoor.Agent.STL, C:\Users\*****\AppData\Local\Title-prompt\titleexercise.exe, In Quarantäne, [a7563e2acab27cba3521976906fc07f9], Backdoor.Agent.STLGen, C:\Users\*****\AppData\Local\Titletree\title-lock.exe, In Quarantäne, [4db09ccc4c30a690989d7b81fe037c84], PUP.Optional.Spigot.A, C:\Windows\Installer\5a7f0.msi, In Quarantäne, [6e8f3434ccb084b2be744f7c3bc6c739], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\playlist.vpl, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\config.ini, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_193.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_199.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_200.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_201.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_204.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_219.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_221.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_224.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_268.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_28.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_34.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_37.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_49.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_57.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_86.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_99.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_103.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_11.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_120.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_121.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_122.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_123.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_124.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_125.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_126.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_127.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_136.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_137.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_140.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_141.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_149.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_150.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_160.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_165.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_181.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], PUP.Optional.VPLMedia.A, C:\Users\*****\AppData\Roaming\player\images\channel_ld_191.png, In Quarantäne, [d4293632a3d94de99c47199d5aaa7d83], Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) |
|
01.01.2015, 21:51
| #2 |
| | C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert Die Esetlog ist zu groß, der scan ging aber auch nur bis 99%, hatte allerdings über 17000 Treffer.
__________________Die frstlog ebenso. Bei Avast finde ich keine gescheite log. Nur innerhalb des Progamms gibt es eine die ich nicht exportieren kann. Viele Grüße und vielen lieben Dank, Mathias |
|
02.01.2015, 13:29
| #3 |
| /// the machine /// TB-Ausbilder    | C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
02.01.2015, 16:06
| #4 |
| | C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert Frst.txt part1 Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-01-2015 Ran by ***** (administrator) on *****-PC on 01-01-2015 16:46:34 Running from C:\Users\*****\Computer\Downloads Loaded Profile: ***** (Available profiles: *****) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Microsoft Corporation) C:\Windows\SysWOW64\cleanmgr.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NTI, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe () C:\Program Files (x86)\Tor\tor.exe (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11046504 2010-07-13] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2103912 2010-07-13] (Realtek Semiconductor) HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.) HKLM\...\Run: [ODDPwr] => C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [223264 2010-04-22] (Acer Incorporated) HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-11] (Synaptics Incorporated) HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation) HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.) HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [124136 2010-06-25] (CyberLink Corp.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [MobileConnect] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2403840 2009-09-11] (Vodafone) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-31] (AVAST Software) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\...\Run: [nlsluhxz] => C:\Users\*****\AppData\Roaming\Izlwcl\jhhhxzuhxz.exe [126464 2015-01-01] (CJSC "Computing Forces") HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\...\Run: [poet-tear] => C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe [131584 2014-12-30] () HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\...\Run: [audience-scratch] => C:\Users\*****\AppData\Roaming\Audience_extend\audience_remain.exe HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\...\Run: [courage-adjust] => C:\Users\*****\AppData\Local\Temp\Courage-contact\courage-divide.exe <===== ATTENTION HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-15] (SUPERAntiSpyware) HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.) HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\...\RunOnce: [poet-tear] => C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe [131584 2014-12-30] () HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\...\MountPoints2: E - E:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\...\MountPoints2: {3e9e0011-4cae-11e1-92f8-001e101fb4df} - D:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\...\MountPoints2: {4c5bd968-44d5-11e1-8bc1-4c0f6e8abc1f} - E:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\...\MountPoints2: {eb2516f7-45d0-11e1-bb1c-001e101f50a4} - D:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-17] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.) ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1902139459-1109185879-2378804310-1000 -> {46859B34-070D-4BCD-A641-B52C9FC5C16E} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms} SearchScopes: HKU\S-1-5-21-1902139459-1109185879-2378804310-1000 -> {86BDA780-BD66-4CC1-B214-E876E2ED898B} URL = hxxp://www.google.de/search?q={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) Toolbar: HKU\S-1-5-21-1902139459-1109185879-2378804310-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 217.0.43.65 217.0.43.81 FireFox: ======== FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oa3r0bhf.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oa3r0bhf.default\Extensions\abs@avira.com [2014-12-11] FF Extension: anonymoX - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oa3r0bhf.default\Extensions\client@anonymox.net.xpi [2013-10-03] FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oa3r0bhf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-03] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-30] Chrome: ======= CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-30] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-04] (Avira Operations GmbH & Co. KG) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-31] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-31] (Avast Software) R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.) R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2010-04-17] (NTI, Inc.) R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [171040 2010-04-22] (Acer Incorporated) R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-03] () [File not signed] R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-28] () [File not signed] R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed] R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone) [File not signed] S2 settings; C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\genre\promotional_image.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-31] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-31] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-31] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-31] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-30] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-31] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-31] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-31] () S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-01] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-31] (Avast Software) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-01 16:46 - 2015-01-01 16:46 - 00000000 ____D () C:\FRST 2015-01-01 16:44 - 2015-01-01 16:44 - 00000000 _____ () C:\Users\*****\defogger_reenable 2015-01-01 16:43 - 2015-01-01 16:43 - 00000197 _____ () C:\Windows\system32\2015-01-01-15-43-06.048-AvastVBoxSVC.exe-3852.log 2015-01-01 13:15 - 2015-01-01 16:41 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-01 08:58 - 2015-01-01 08:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Izlwcl 2015-01-01 08:57 - 2015-01-01 08:57 - 00000280 _____ () C:\Windows\system32\2015-01-01-07-57-18.047-aswFe.exe-5284.log 2015-01-01 08:56 - 2015-01-01 08:56 - 00000197 _____ () C:\Windows\system32\2015-01-01-07-56-50.074-AvastVBoxSVC.exe-4288.log 2015-01-01 00:09 - 2015-01-01 00:09 - 01657389 _____ () C:\Users\*****\Documents\virus.txt 2014-12-31 16:12 - 2014-12-31 16:12 - 00001359 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-12-31 16:12 - 2014-12-31 16:12 - 00001347 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-12-31 16:12 - 2014-12-31 16:12 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-12-31 16:12 - 2014-12-31 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-12-31 16:12 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2014-12-31 16:11 - 2015-01-01 13:11 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-12-31 16:11 - 2015-01-01 11:16 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-12-31 16:10 - 2014-12-31 16:10 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-12-31 16:08 - 2015-01-01 16:39 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware 2014-12-31 16:08 - 2014-12-31 16:08 - 00001812 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2014-12-31 16:08 - 2014-12-31 16:08 - 00000000 ____D () C:\Users\*****\AppData\Roaming\SUPERAntiSpyware.com 2014-12-31 16:08 - 2014-12-31 16:08 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com 2014-12-31 16:08 - 2014-12-31 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2014-12-31 16:06 - 2014-12-31 16:06 - 00001070 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-12-31 16:06 - 2014-12-31 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-12-31 16:06 - 2014-12-31 16:06 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-12-31 16:06 - 2014-11-21 06:54 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-12-31 16:06 - 2014-11-21 06:53 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-12-31 16:06 - 2014-11-21 06:53 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-12-31 16:02 - 2014-12-31 16:02 - 00000197 _____ () C:\Windows\system32\2014-12-31-15-02-05.063-AvastVBoxSVC.exe-3792.log 2014-12-31 13:29 - 2014-12-31 13:29 - 00000247 _____ () C:\Windows\system32\2014-12-31-12-29-13.019-aswFe.exe-3656.log 2014-12-31 13:20 - 2014-12-31 13:28 - 00000247 _____ () C:\Windows\system32\2014-12-31-12-20-51.055-aswFe.exe-3680.log 2014-12-31 13:20 - 2014-12-31 13:20 - 00000197 _____ () C:\Windows\system32\2014-12-31-12-20-45.042-AvastVBoxSVC.exe-424.log 2014-12-31 09:06 - 2014-12-31 09:06 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-12-31 09:05 - 2014-12-31 09:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-12-31 09:05 - 2014-12-31 09:05 - 00000197 _____ () C:\Windows\system32\2014-12-31-08-05-44.056-AvastVBoxSVC.exe-3240.log 2014-12-31 09:01 - 2014-12-31 09:01 - 00000197 _____ () C:\Windows\system32\2014-12-31-08-01-48.023-AvastVBoxSVC.exe-4584.log 2014-12-30 18:34 - 2014-12-30 18:34 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia 2014-12-30 18:34 - 2014-12-30 18:34 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia 2014-12-30 18:24 - 2014-12-31 17:57 - 00000000 ____D () C:\Windows\SysWOW64\vbox 2014-12-30 18:24 - 2014-12-31 17:57 - 00000000 ____D () C:\Windows\system32\vbox 2014-12-30 18:22 - 2014-12-30 18:22 - 00000000 ____D () C:\Users\*****\AppData\Roaming\AVAST Software 2014-12-30 18:19 - 2015-01-01 13:56 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-12-30 18:19 - 2014-12-31 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2014-12-30 18:19 - 2014-12-31 09:06 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-12-30 18:19 - 2014-12-31 09:06 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-12-30 18:19 - 2014-12-31 09:06 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-12-30 18:19 - 2014-12-31 09:06 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-12-30 18:19 - 2014-12-31 09:06 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys 2014-12-30 18:19 - 2014-12-31 09:06 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-12-30 18:19 - 2014-12-31 09:06 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-12-30 18:19 - 2014-12-31 09:06 - 00001968 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2014-12-30 18:19 - 2014-12-30 18:19 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-12-30 18:17 - 2014-12-30 18:17 - 00000000 ____D () C:\Program Files\AVAST Software 2014-12-30 18:16 - 2014-12-30 18:16 - 00000000 ____D () C:\OETemp 2014-12-30 18:12 - 2014-12-30 18:17 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-12-30 18:01 - 2014-12-30 18:02 - 00000345 _____ () C:\DelFix.txt 2014-12-30 16:23 - 2014-12-30 16:23 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-12-30 07:13 - 2014-12-30 15:12 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Boss-milk 2014-12-30 07:13 - 2014-12-30 07:13 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Poet_value 2014-12-27 00:51 - 2014-12-30 07:13 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Hqrk 2014-12-26 21:47 - 2014-12-30 17:06 - 00000000 ___HD () C:\Users\*****\AppData\Local\Access-bed 2014-12-24 22:04 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-rise 2014-12-24 21:28 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencelip 2014-12-24 21:15 - 2014-12-24 21:15 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencewell 2014-12-24 20:55 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_camp 2014-12-24 20:55 - 2014-12-24 20:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceclub 2014-12-24 20:53 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceexchange 2014-12-24 20:51 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencetowel 2014-12-24 20:50 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceare 2014-12-24 20:43 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-toe 2014-12-24 20:37 - 2014-12-24 20:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencelost 2014-12-24 20:29 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-summer 2014-12-24 20:27 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-drop 2014-12-24 20:25 - 2014-12-24 20:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_married 2014-12-24 20:24 - 2014-12-24 21:19 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-rely 2014-12-24 20:22 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_charge 2014-12-24 20:20 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencetell 2014-12-24 20:15 - 2014-12-24 20:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-web 2014-12-24 20:14 - 2014-12-24 20:20 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-guard 2014-12-24 20:12 - 2014-12-24 20:12 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_value 2014-12-24 20:08 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-open 2014-12-24 20:07 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-job 2014-12-24 20:06 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_candle 2014-12-24 20:06 - 2014-12-24 21:07 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_win 2014-12-24 20:05 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-lesson 2014-12-24 20:03 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_join 2014-12-24 19:58 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencemarket 2014-12-24 19:53 - 2014-12-24 19:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_range 2014-12-24 19:52 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceseek 2014-12-24 19:52 - 2014-12-24 20:13 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-log 2014-12-24 19:51 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencelip 2014-12-24 19:51 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_depend 2014-12-24 19:50 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-rice 2014-12-24 19:49 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencelook 2014-12-24 19:47 - 2014-12-24 19:47 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-encourage 2014-12-24 19:45 - 2014-12-24 20:17 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-document 2014-12-24 19:42 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-ice 2014-12-24 19:41 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_slide 2014-12-24 19:40 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_adopt 2014-12-24 19:39 - 2014-12-24 21:26 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-improve 2014-12-24 19:39 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencediffer 2014-12-24 19:39 - 2014-12-24 20:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_boss 2014-12-24 19:37 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-body 2014-12-24 19:35 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_profile 2014-12-24 19:35 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_bake 2014-12-24 19:35 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_send 2014-12-24 19:33 - 2014-12-24 19:33 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_doctor 2014-12-24 19:32 - 2014-12-24 20:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-shock 2014-12-24 19:29 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-rock 2014-12-24 19:29 - 2014-12-24 20:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-trash 2014-12-24 19:28 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_overcome 2014-12-24 19:27 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceperfect 2014-12-24 19:27 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencereply 2014-12-24 19:27 - 2014-12-24 19:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebase 2014-12-24 19:26 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencerisk 2014-12-24 19:26 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencefix 2014-12-24 19:26 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_factor 2014-12-24 19:25 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencecloud 2014-12-24 19:24 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceorganize 2014-12-24 19:24 - 2014-12-24 20:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_title 2014-12-24 19:24 - 2014-12-24 19:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-ice 2014-12-24 19:23 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-film 2014-12-24 19:22 - 2014-12-24 20:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-war 2014-12-24 19:20 - 2014-12-24 19:24 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_continue 2014-12-24 19:19 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-date 2014-12-24 19:19 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-beat 2014-12-24 19:18 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedig 2014-12-24 19:18 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-collect 2014-12-24 19:18 - 2014-12-24 20:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-anticipate 2014-12-24 19:17 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencemove 2014-12-24 19:15 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_check 2014-12-24 19:14 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-complicated 2014-12-24 19:14 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-frequent 2014-12-24 19:13 - 2014-12-24 21:30 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-roll 2014-12-24 19:13 - 2014-12-24 20:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencegarden 2014-12-24 19:11 - 2014-12-24 20:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-eye 2014-12-24 19:09 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-swim 2014-12-24 19:09 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_intend 2014-12-24 19:09 - 2014-12-24 21:06 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_shake 2014-12-24 19:08 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-hunt 2014-12-24 19:08 - 2014-12-24 20:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_witness 2014-12-24 19:07 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceadmire 2014-12-24 19:06 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-employ 2014-12-24 19:06 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedoubt 2014-12-24 19:05 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-surprised 2014-12-24 19:05 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceinstall 2014-12-24 19:04 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-guess 2014-12-24 19:04 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_network 2014-12-24 19:03 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-want 2014-12-24 19:02 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-tie 2014-12-24 19:02 - 2014-12-24 20:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_send 2014-12-24 19:01 - 2014-12-24 20:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_expand 2014-12-24 19:00 - 2014-12-24 22:05 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-strain 2014-12-24 19:00 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_team 2014-12-24 19:00 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebend 2014-12-24 19:00 - 2014-12-24 20:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencepiece 2014-12-24 18:59 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceadvanced 2014-12-24 18:59 - 2014-12-24 21:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-lesson 2014-12-24 18:58 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-score 2014-12-24 18:58 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-bottom 2014-12-24 18:57 - 2014-12-30 18:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_harm 2014-12-24 18:57 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-wear 2014-12-24 18:57 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedistrict 2014-12-24 18:57 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-brush 2014-12-24 18:57 - 2014-12-24 20:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-strip 2014-12-24 18:56 - 2014-12-24 21:30 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-shift 2014-12-24 18:55 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencelift 2014-12-24 18:55 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_source 2014-12-24 18:55 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-conference 2014-12-24 18:55 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencereference 2014-12-24 18:54 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-remember 2014-12-24 18:54 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-gear 2014-12-24 18:54 - 2014-12-24 19:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_spot 2014-12-24 18:53 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_twist 2014-12-24 18:52 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_award 2014-12-24 18:52 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-blind 2014-12-24 18:52 - 2014-12-24 20:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_salary 2014-12-24 18:50 - 2014-12-24 20:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-upset 2014-12-24 18:49 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebattle 2014-12-24 18:49 - 2014-12-24 18:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-worry 2014-12-24 18:48 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-pass 2014-12-24 18:48 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedistrict 2014-12-24 18:48 - 2014-12-24 20:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencesearch 2014-12-24 18:48 - 2014-12-24 20:05 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_table 2014-12-24 18:47 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_tip 2014-12-24 18:47 - 2014-12-24 21:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-comfort 2014-12-24 18:46 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-card 2014-12-24 18:46 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_nerve 2014-12-24 18:46 - 2014-12-24 20:13 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_paint 2014-12-24 18:45 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-leave 2014-12-24 18:45 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-load 2014-12-24 18:45 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-rid 2014-12-24 18:45 - 2014-12-24 21:16 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencesucceed 2014-12-24 18:45 - 2014-12-24 18:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-collar 2014-12-24 18:43 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebone 2014-12-24 18:43 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencereduce 2014-12-24 18:43 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-package 2014-12-24 18:43 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-complete 2014-12-24 18:43 - 2014-12-24 19:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-relieve 2014-12-24 18:42 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceassume 2014-12-24 18:42 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencemuscle 2014-12-24 18:42 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-prompt 2014-12-24 18:42 - 2014-12-24 20:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_slide 2014-12-24 18:41 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-examine 2014-12-24 18:41 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-brick 2014-12-24 18:41 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencezone 2014-12-24 18:41 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-worry 2014-12-24 18:41 - 2014-12-24 20:36 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencesort 2014-12-24 18:41 - 2014-12-24 18:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-slip 2014-12-24 18:40 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencestay 2014-12-24 18:40 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-button 2014-12-24 18:40 - 2014-12-24 21:15 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_witness 2014-12-24 18:40 - 2014-12-24 19:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-leg 2014-12-24 18:40 - 2014-12-24 19:20 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceprint 2014-12-24 18:39 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-ring 2014-12-24 18:39 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceinvite 2014-12-24 18:38 - 2014-12-30 18:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_impress 2014-12-24 18:38 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-ball 2014-12-24 18:38 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceflower 2014-12-24 18:38 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencewise 2014-12-24 18:38 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_remain 2014-12-24 18:38 - 2014-12-24 20:26 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_wheel 2014-12-24 18:38 - 2014-12-24 19:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_build 2014-12-24 18:37 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-excuse 2014-12-24 18:37 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-mistake 2014-12-24 18:37 - 2014-12-24 19:17 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-wrap 2014-12-24 18:37 - 2014-12-24 18:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_blank 2014-12-24 18:36 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-employ 2014-12-24 18:35 - 2014-12-24 20:44 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencenose 2014-12-24 18:35 - 2014-12-24 20:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-golf 2014-12-24 18:35 - 2014-12-24 19:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-protect 2014-12-24 18:34 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_sleep 2014-12-24 18:34 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-league 2014-12-24 18:32 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceavoid 2014-12-24 18:32 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencescrew 2014-12-24 18:32 - 2014-12-24 21:30 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_frame 2014-12-24 18:32 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-spring 2014-12-24 18:32 - 2014-12-24 21:15 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-stick 2014-12-24 18:32 - 2014-12-24 21:15 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-issue 2014-12-24 18:31 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencecelebrate 2014-12-24 18:31 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_let 2014-12-24 18:31 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencesize 2014-12-24 18:31 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-closet 2014-12-24 18:31 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-number 2014-12-24 18:31 - 2014-12-24 21:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_guy 2014-12-24 18:31 - 2014-12-24 20:21 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-distribute 2014-12-24 18:31 - 2014-12-24 19:28 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencestage 2014-12-24 18:30 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceinfluence 2014-12-24 18:30 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_fail 2014-12-24 18:30 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-like 2014-12-24 18:30 - 2014-12-24 20:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_nail 2014-12-24 18:30 - 2014-12-24 20:10 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedream 2014-12-24 18:29 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-fold 2014-12-24 18:29 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_sandwich 2014-12-24 18:29 - 2014-12-24 20:32 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencepound 2014-12-24 18:29 - 2014-12-24 20:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebattle 2014-12-24 18:28 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_insist 2014-12-24 18:28 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-sport 2014-12-24 18:28 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-laugh 2014-12-24 18:28 - 2014-12-24 20:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-approve 2014-12-24 18:27 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_adopt 2014-12-24 18:26 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-handle 2014-12-24 18:25 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-eat 2014-12-24 18:25 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_buddy 2014-12-24 18:25 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceradio 2014-12-24 18:24 - 2014-12-24 21:12 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-noise 2014-12-24 18:24 - 2014-12-24 20:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-cup 2014-12-24 18:23 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencetower 2014-12-24 18:23 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_secure 2014-12-24 18:23 - 2014-12-24 19:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencecommit 2014-12-24 18:22 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-research 2014-12-24 18:22 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceremove 2014-12-24 18:22 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencehope 2014-12-24 18:22 - 2014-12-24 18:22 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-according 2014-12-24 18:21 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_expect 2014-12-24 18:21 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencetrust 2014-12-24 18:21 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-rest 2014-12-24 18:21 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-convert 2014-12-24 18:21 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-assure 2014-12-24 18:20 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-pair 2014-12-24 18:20 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceinstall 2014-12-24 18:20 - 2014-12-24 20:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-push 2014-12-24 18:20 - 2014-12-24 20:07 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-fruit 2014-12-24 18:19 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-wave 2014-12-24 18:19 - 2014-12-24 21:13 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencehappen 2014-12-24 18:19 - 2014-12-24 20:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-slight 2014-12-24 18:18 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-mean 2014-12-24 18:18 - 2014-12-24 21:06 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-speed 2014-12-24 18:18 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-handle 2014-12-24 18:18 - 2014-12-24 20:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_nerve 2014-12-24 18:18 - 2014-12-24 20:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-manage 2014-12-24 18:18 - 2014-12-24 20:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-rice 2014-12-24 18:18 - 2014-12-24 19:20 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceadvanced 2014-12-24 18:18 - 2014-12-24 18:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceattempt 2014-12-24 18:17 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceadapt 2014-12-24 18:17 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-term 2014-12-24 18:17 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-grass 2014-12-24 18:17 - 2014-12-24 21:33 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-investigate 2014-12-24 18:16 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_curve 2014-12-24 18:16 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-bar 2014-12-24 18:16 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceset 2014-12-24 18:16 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-share 2014-12-24 18:16 - 2014-12-24 21:18 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-upset 2014-12-24 18:16 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_relax 2014-12-24 18:16 - 2014-12-24 20:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencetowel 2014-12-24 18:16 - 2014-12-24 20:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-post 2014-12-24 18:16 - 2014-12-24 19:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-kid 2014-12-24 18:16 - 2014-12-24 18:16 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-kiss 2014-12-24 18:15 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_born 2014-12-24 18:14 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-oil 2014-12-24 18:14 - 2014-12-24 21:06 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-promise 2014-12-24 18:14 - 2014-12-24 19:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-teach 2014-12-24 18:13 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-damage 2014-12-24 18:13 - 2014-12-24 21:16 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-school 2014-12-24 18:13 - 2014-12-24 20:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-step 2014-12-24 18:13 - 2014-12-24 20:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_mail 2014-12-24 18:13 - 2014-12-24 20:19 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-demand 2014-12-24 18:13 - 2014-12-24 19:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceresult 2014-12-24 18:12 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-bet 2014-12-24 18:12 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_add 2014-12-24 18:12 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-replace 2014-12-24 18:12 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-grass 2014-12-24 18:12 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencelost 2014-12-24 18:12 - 2014-12-24 20:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-hook 2014-12-24 18:11 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-approach 2014-12-24 18:11 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-review 2014-12-24 18:11 - 2014-12-24 18:11 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-pain 2014-12-24 18:10 - 2014-12-30 18:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_implement 2014-12-24 18:10 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-side 2014-12-24 18:10 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencereserve 2014-12-24 18:10 - 2014-12-24 20:22 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceblack 2014-12-24 18:09 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedesire 2014-12-24 18:09 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceflower 2014-12-24 18:09 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencehesitate 2014-12-24 18:09 - 2014-12-24 21:16 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedish 2014-12-24 18:09 - 2014-12-24 19:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_pleasure 2014-12-24 18:08 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_emphasize 2014-12-24 18:08 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-pursue 2014-12-24 18:08 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencespace 2014-12-24 18:08 - 2014-12-24 21:06 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-behave 2014-12-24 18:07 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-step 2014-12-24 18:07 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-organized 2014-12-24 18:07 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-fuel 2014-12-24 18:07 - 2014-12-24 18:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-examine 2014-12-24 18:06 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-dare 2014-12-24 18:06 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-ride 2014-12-24 18:06 - 2014-12-24 20:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_mortgage 2014-12-24 18:06 - 2014-12-24 19:22 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-diet 2014-12-24 18:06 - 2014-12-24 18:06 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-bit 2014-12-24 18:05 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-sing 2014-12-24 18:05 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-announce 2014-12-24 18:05 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-ruin 2014-12-24 18:05 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceneed 2014-12-24 18:05 - 2014-12-24 20:29 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-spell 2014-12-24 18:05 - 2014-12-24 20:26 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-farm 2014-12-24 18:04 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-bit 2014-12-24 18:04 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-pool 2014-12-24 18:04 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-change 2014-12-24 18:04 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencereport 2014-12-24 18:04 - 2014-12-24 18:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_host 2014-12-24 18:03 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_force 2014-12-24 18:03 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-bed 2014-12-24 18:03 - 2014-12-24 21:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_drink 2014-12-24 18:02 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-sex 2014-12-24 18:02 - 2014-12-24 21:33 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-repeat 2014-12-24 18:02 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceattract 2014-12-24 18:02 - 2014-12-24 21:13 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencesit 2014-12-24 18:02 - 2014-12-24 20:17 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-purpose 2014-12-24 18:01 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-know 2014-12-24 18:01 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-class 2014-12-24 18:01 - 2014-12-24 21:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-bid 2014-12-24 18:01 - 2014-12-24 21:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencemarch 2014-12-24 18:01 - 2014-12-24 20:26 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_throw 2014-12-24 18:01 - 2014-12-24 19:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-narrow 2014-12-24 18:00 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-read 2014-12-24 18:00 - 2014-12-24 21:12 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_suggest 2014-12-24 18:00 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-jacket 2014-12-24 18:00 - 2014-12-24 20:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-fly 2014-12-24 17:59 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_company 2014-12-24 17:59 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-nurse 2014-12-24 17:59 - 2014-12-24 20:18 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_structure 2014-12-24 17:59 - 2014-12-24 17:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencepersuade 2014-12-24 17:58 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_buddy 2014-12-24 17:58 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_argue 2014-12-24 17:58 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-weekend 2014-12-24 17:58 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_devil 2014-12-24 17:58 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-truck 2014-12-24 17:58 - 2014-12-24 20:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceconfirm 2014-12-24 17:58 - 2014-12-24 20:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-qualify 2014-12-24 17:57 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-lie 2014-12-24 17:57 - 2014-12-24 21:30 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-text 2014-12-24 17:57 - 2014-12-24 21:30 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_part 2014-12-24 17:57 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-egg 2014-12-24 17:57 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-attack 2014-12-24 17:57 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_officer 2014-12-24 17:57 - 2014-12-24 21:08 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-grow 2014-12-24 17:57 - 2014-12-24 21:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_would 2014-12-24 17:56 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-tank 2014-12-24 17:56 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-rid 2014-12-24 17:56 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_stroke 2014-12-24 17:56 - 2014-12-24 20:36 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceaddress 2014-12-24 17:56 - 2014-12-24 20:18 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-complain 2014-12-24 17:55 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceaccount 2014-12-24 17:55 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-skin 2014-12-24 17:55 - 2014-12-24 21:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencelisten 2014-12-24 17:54 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-watch 2014-12-24 17:54 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencekick 2014-12-24 17:54 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedraft 2014-12-24 17:54 - 2014-12-24 21:33 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-hand 2014-12-24 17:54 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_profit 2014-12-24 17:54 - 2014-12-24 21:26 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-indicate 2014-12-24 17:54 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-explain 2014-12-24 17:54 - 2014-12-24 21:10 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-involve 2014-12-24 17:54 - 2014-12-24 20:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_tone 2014-12-24 17:53 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-put 2014-12-24 17:53 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebe 2014-12-24 17:53 - 2014-12-24 21:13 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencesolve 2014-12-24 17:53 - 2014-12-24 20:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-log 2014-12-24 17:53 - 2014-12-24 20:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_case 2014-12-24 17:53 - 2014-12-24 20:28 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-destroy 2014-12-24 17:52 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-resist 2014-12-24 17:52 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_travel 2014-12-24 17:52 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_drive 2014-12-24 17:52 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_gift 2014-12-24 17:52 - 2014-12-24 21:33 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-scratch 2014-12-24 17:52 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-view 2014-12-24 17:52 - 2014-12-24 21:18 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceconcern 2014-12-24 17:52 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_bake 2014-12-24 17:51 - 2014-12-30 18:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_heat 2014-12-24 17:51 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_gather 2014-12-24 17:51 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-plan 2014-12-24 17:51 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-survive 2014-12-24 17:51 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencetower 2014-12-24 17:51 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-plan 2014-12-24 17:51 - 2014-12-24 21:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencepress 2014-12-24 17:50 - 2014-12-31 09:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_extend 2014-12-24 17:50 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-tie 2014-12-24 17:50 - 2014-12-24 21:16 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_waste 2014-12-24 17:49 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencestable 2014-12-24 17:49 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-mind 2014-12-24 17:49 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-pair 2014-12-24 17:49 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_strike 2014-12-24 17:49 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencediffer 2014-12-24 17:49 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-wind 2014-12-24 17:49 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_suggest 2014-12-24 17:49 - 2014-12-24 18:10 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceroom 2014-12-24 17:48 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-concert 2014-12-24 17:48 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-edge 2014-12-24 17:48 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-sock 2014-12-24 17:48 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_interest 2014-12-24 17:48 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_option 2014-12-24 17:48 - 2014-12-24 21:18 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_burn 2014-12-24 17:48 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceapply 2014-12-24 17:48 - 2014-12-24 20:30 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-conflict 2014-12-24 17:48 - 2014-12-24 20:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencecash 2014-12-24 17:47 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-border 2014-12-24 17:47 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-submit 2014-12-24 17:47 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceboard 2014-12-24 17:47 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-recover 2014-12-24 17:47 - 2014-12-24 20:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-cut 2014-12-24 17:46 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-must 2014-12-24 17:46 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-remind 2014-12-24 17:46 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-jump 2014-12-24 17:46 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_effect 2014-12-24 17:46 - 2014-12-24 21:30 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-want 2014-12-24 17:46 - 2014-12-24 21:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedecide 2014-12-24 17:46 - 2014-12-24 21:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceoccasion 2014-12-24 17:45 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_feel 2014-12-24 17:45 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_distance 2014-12-24 17:45 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_bill 2014-12-24 17:45 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-crew 2014-12-24 17:45 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_rip 2014-12-24 17:45 - 2014-12-24 21:33 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencewake 2014-12-24 17:45 - 2014-12-24 21:12 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_glove 2014-12-24 17:45 - 2014-12-24 20:09 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-mouth 2014-12-24 17:45 - 2014-12-24 19:12 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_emphasize 2014-12-24 17:44 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_father 2014-12-24 17:44 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-own 2014-12-24 17:44 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-choose 2014-12-24 17:44 - 2014-12-24 21:07 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-command 2014-12-24 17:44 - 2014-12-24 21:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-earn 2014-12-24 17:44 - 2014-12-24 20:23 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-post 2014-12-24 17:44 - 2014-12-24 20:10 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-job 2014-12-24 17:43 - 2014-12-30 18:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_inform 2014-12-24 17:43 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-amazing 2014-12-24 17:43 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-specify 2014-12-24 17:43 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-lie 2014-12-24 17:43 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-border 2014-12-24 17:43 - 2014-12-24 20:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-switch 2014-12-24 17:43 - 2014-12-24 20:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-phase 2014-12-24 17:43 - 2014-12-24 20:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-contain 2014-12-24 17:43 - 2014-12-24 19:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_candidate 2014-12-24 17:42 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_attach 2014-12-24 17:42 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-frequent 2014-12-24 17:42 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_career 2014-12-24 17:42 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_refuse 2014-12-24 17:42 - 2014-12-24 20:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-partner 2014-12-24 17:42 - 2014-12-24 19:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-crew 2014-12-24 17:41 - 2014-12-31 20:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-achieve 2014-12-24 17:41 - 2014-12-24 21:33 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-assist 2014-12-24 17:41 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencelawyer 2014-12-24 17:41 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_talk 2014-12-24 17:41 - 2014-12-24 21:19 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_style 2014-12-24 17:41 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-shape 2014-12-24 17:41 - 2014-12-24 20:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-empty 2014-12-24 17:41 - 2014-12-24 20:07 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-window 2014-12-24 17:41 - 2014-12-24 19:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencereport 2014-12-24 17:40 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencereact 2014-12-24 17:40 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencewell 2014-12-24 17:40 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_run 2014-12-24 17:40 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-package 2014-12-24 17:40 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_develop 2014-12-24 17:40 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-partner 2014-12-24 17:40 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-find 2014-12-24 17:40 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-bowl 2014-12-24 17:40 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_progress 2014-12-24 17:40 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_sentence 2014-12-24 17:40 - 2014-12-24 18:09 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-mouse 2014-12-24 17:39 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_concerned 2014-12-24 17:39 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-relieve 2014-12-24 17:39 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceare 2014-12-24 17:39 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencepull 2014-12-24 17:39 - 2014-12-24 21:30 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-earth 2014-12-24 17:39 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-gain 2014-12-24 17:39 - 2014-12-24 21:10 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_possess 2014-12-24 17:39 - 2014-12-24 21:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-position 2014-12-24 17:39 - 2014-12-24 20:28 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-angle 2014-12-24 17:39 - 2014-12-24 19:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-spell 2014-12-24 17:39 - 2014-12-24 19:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-imply 2014-12-24 17:38 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_court 2014-12-24 17:38 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-afford 2014-12-24 17:38 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_counter 2014-12-24 17:38 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_talk 2014-12-24 17:38 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencesail 2014-12-24 17:38 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-soil 2014-12-24 17:38 - 2014-12-24 20:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_recommend 2014-12-24 17:38 - 2014-12-24 20:47 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-breast 2014-12-24 17:38 - 2014-12-24 19:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencepractice 2014-12-24 17:37 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceman 2014-12-24 17:37 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencehold 2014-12-24 17:37 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencepersuade 2014-12-24 17:37 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_fail 2014-12-24 17:37 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencemachine 2014-12-24 17:37 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceclock 2014-12-24 17:37 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-till 2014-12-24 17:37 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-hand 2014-12-24 17:37 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-layer 2014-12-24 17:37 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_disagree 2014-12-24 17:37 - 2014-12-24 20:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-farm 2014-12-24 17:37 - 2014-12-24 20:36 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceexperience 2014-12-24 17:36 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencecrash 2014-12-24 17:36 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-net 2014-12-24 17:36 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-increase 2014-12-24 17:36 - 2014-12-24 21:26 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-age 2014-12-24 17:36 - 2014-12-24 21:06 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-count 2014-12-24 17:36 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-concentrate 2014-12-24 17:36 - 2014-12-24 20:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-count 2014-12-24 17:36 - 2014-12-24 19:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceclock 2014-12-24 17:35 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-air 2014-12-24 17:35 - 2014-12-24 21:19 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-lead 2014-12-24 17:35 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_script 2014-12-24 17:35 - 2014-12-24 20:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_tour 2014-12-24 17:35 - 2014-12-24 19:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_source 2014-12-24 17:35 - 2014-12-24 18:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_string 2014-12-24 17:34 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-league 2014-12-24 17:34 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_continue 2014-12-24 17:34 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-dimension 2014-12-24 17:34 - 2014-12-24 21:30 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_structure 2014-12-24 17:34 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_target 2014-12-24 17:34 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-weight 2014-12-24 17:34 - 2014-12-24 21:07 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-come 2014-12-24 17:34 - 2014-12-24 20:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_jury 2014-12-24 17:34 - 2014-12-24 20:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-sand 2014-12-24 17:34 - 2014-12-24 19:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-mess 2014-12-24 17:34 - 2014-12-24 17:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencediscover 2014-12-24 17:33 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceclub 2014-12-24 17:33 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-were 2014-12-24 17:33 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-rush 2014-12-24 17:33 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_force 2014-12-24 17:33 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-button 2014-12-24 17:33 - 2014-12-24 21:06 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-treat 2014-12-24 17:33 - 2014-12-24 20:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_fire 2014-12-24 17:33 - 2014-12-24 20:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencelunch 2014-12-24 17:32 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencelimited 2014-12-24 17:32 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencenegotiate 2014-12-24 17:32 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-concert 2014-12-24 17:32 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencepace 2014-12-24 17:32 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencereveal 2014-12-24 17:32 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-link 2014-12-24 17:32 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceignore 2014-12-24 17:32 - 2014-12-24 21:19 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-begin 2014-12-24 17:32 - 2014-12-24 21:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_pin 2014-12-24 17:32 - 2014-12-24 20:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-bug 2014-12-24 17:32 - 2014-12-24 20:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceblack 2014-12-24 17:32 - 2014-12-24 20:26 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_involved 2014-12-24 17:32 - 2014-12-24 19:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-fuel 2014-12-24 17:31 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_lay 2014-12-24 17:31 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-metal 2014-12-24 17:31 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-encouraging 2014-12-24 17:31 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_bite 2014-12-24 17:31 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencelandscape 2014-12-24 17:31 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-sky 2014-12-24 17:31 - 2014-12-24 20:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_walk 2014-12-24 17:31 - 2014-12-24 20:29 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-correct 2014-12-24 17:31 - 2014-12-24 20:16 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-bag 2014-12-24 17:31 - 2014-12-24 17:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-pick 2014-12-24 17:30 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-see 2014-12-24 17:30 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_does 2014-12-24 17:30 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencesit 2014-12-24 17:30 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-sex 2014-12-24 17:30 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_survey 2014-12-24 17:30 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-blind 2014-12-24 17:30 - 2014-12-24 20:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_enhance 2014-12-24 17:30 - 2014-12-24 19:15 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_candidate 2014-12-24 17:29 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_obtain 2014-12-24 17:29 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebranch 2014-12-24 17:29 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-benefit 2014-12-24 17:29 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-prove 2014-12-24 17:29 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-calendar 2014-12-24 17:29 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_judge 2014-12-24 17:29 - 2014-12-24 20:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-dust 2014-12-24 17:29 - 2014-12-24 20:10 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-code 2014-12-24 17:29 - 2014-12-24 20:09 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-highlight 2014-12-24 17:29 - 2014-12-24 18:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-strip 2014-12-24 17:28 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencecommunicate 2014-12-24 17:28 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-cook 2014-12-24 17:28 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_network 2014-12-24 17:28 - 2014-12-24 21:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_jury 2014-12-24 17:28 - 2014-12-24 20:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-pretend 2014-12-24 17:28 - 2014-12-24 20:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-grandfather 2014-12-24 17:28 - 2014-12-24 20:16 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-breakfast 2014-12-24 17:28 - 2014-12-24 19:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencecloud 2014-12-24 17:27 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-gas 2014-12-24 17:27 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-bottom 2014-12-24 17:27 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_win 2014-12-24 17:27 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-surround 2014-12-24 17:27 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencediscover 2014-12-24 17:27 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_concerned 2014-12-24 17:27 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-school 2014-12-24 17:27 - 2014-12-24 19:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-knife 2014-12-24 17:27 - 2014-12-24 19:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_boat 2014-12-24 17:27 - 2014-12-24 17:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceshoot 2014-12-24 17:26 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-pension 2014-12-24 17:26 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-suit 2014-12-24 17:26 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-hurry 2014-12-24 17:26 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_quote 2014-12-24 17:26 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-regret 2014-12-24 17:26 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-rule 2014-12-24 17:26 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-speak 2014-12-24 17:26 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencequestion 2014-12-24 17:26 - 2014-12-24 20:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_yard 2014-12-24 17:26 - 2014-12-24 20:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-rub 2014-12-24 17:26 - 2014-12-24 20:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_impress 2014-12-24 17:26 - 2014-12-24 20:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencehabit 2014-12-24 17:26 - 2014-12-24 20:33 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-register 2014-12-24 17:26 - 2014-12-24 20:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_cycle 2014-12-24 17:26 - 2014-12-24 20:26 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceloan 2014-12-24 17:25 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_struggle 2014-12-24 17:25 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-been 2014-12-24 17:25 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencequestion 2014-12-24 17:25 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceconfirm 2014-12-24 17:25 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_roof 2014-12-24 17:25 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-steal 2014-12-24 17:25 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_surprise 2014-12-24 17:25 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-diet 2014-12-24 17:25 - 2014-12-24 21:12 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-grow 2014-12-24 17:25 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-translate 2014-12-24 17:25 - 2014-12-24 21:10 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-rush 2014-12-24 17:25 - 2014-12-24 20:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-concentrate 2014-12-24 17:25 - 2014-12-24 20:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-phrase 2014-12-24 17:25 - 2014-12-24 19:41 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_yard 2014-12-24 17:24 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-shape 2014-12-24 17:24 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-pop 2014-12-24 17:24 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedesire 2014-12-24 17:24 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-shut 2014-12-24 17:24 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-regret 2014-12-24 17:24 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencecommunicate 2014-12-24 17:24 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-block 2014-12-24 17:24 - 2014-12-24 20:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencefault 2014-12-24 17:24 - 2014-12-24 20:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-rest 2014-12-24 17:24 - 2014-12-24 20:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencecoat 2014-12-24 17:24 - 2014-12-24 20:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencethink 2014-12-24 17:24 - 2014-12-24 20:18 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencecatch 2014-12-24 17:24 - 2014-12-24 20:18 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencetrade 2014-12-24 17:24 - 2014-12-24 20:07 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencegive 2014-12-24 17:24 - 2014-12-24 19:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-support 2014-12-24 17:24 - 2014-12-24 19:26 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_appear 2014-12-24 17:23 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencewait 2014-12-24 17:23 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-code 2014-12-24 17:23 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceresolve 2014-12-24 17:23 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-pension 2014-12-24 17:23 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-answer 2014-12-24 17:23 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_enjoy 2014-12-24 17:23 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-tap 2014-12-24 17:23 - 2014-12-24 20:22 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-consist 2014-12-24 17:23 - 2014-12-24 19:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencechart 2014-12-24 17:22 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-pattern 2014-12-24 17:22 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-accuse 2014-12-24 17:22 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-cook 2014-12-24 17:22 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_tour 2014-12-24 17:22 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-cup 2014-12-24 17:22 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_involved 2014-12-24 17:22 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-drag 2014-12-24 17:22 - 2014-12-24 21:16 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencelandscape 2014-12-24 17:22 - 2014-12-24 20:36 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_cancel 2014-12-24 17:22 - 2014-12-24 20:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-settle 2014-12-24 17:22 - 2014-12-24 20:12 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-dirty 2014-12-24 17:22 - 2014-12-24 18:24 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-juice 2014-12-24 10:53 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-push 2014-12-24 10:53 - 2014-12-24 20:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-order 2014-12-24 10:53 - 2014-12-24 20:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_fall 2014-12-24 10:52 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-help 2014-12-24 10:52 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_factor 2014-12-24 10:52 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-survive 2014-12-24 10:52 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-position 2014-12-24 10:52 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-cover 2014-12-24 10:52 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-shift 2014-12-24 10:52 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencetransition 2014-12-24 10:52 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-fly 2014-12-24 10:52 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceexplore 2014-12-24 10:52 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_let 2014-12-24 10:52 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-enter 2014-12-24 10:52 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-ride 2014-12-24 10:52 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-recognize 2014-12-24 10:52 - 2014-12-24 21:15 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencefirm 2014-12-24 10:52 - 2014-12-24 21:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-appropriate 2014-12-24 10:52 - 2014-12-24 21:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-prevent 2014-12-24 10:51 - 2014-12-31 20:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-accept 2014-12-24 10:51 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencepack 2014-12-24 10:51 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_refuse 2014-12-24 10:51 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_peak 2014-12-24 10:51 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-forget 2014-12-24 10:51 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceshall 2014-12-24 10:51 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-web 2014-12-24 10:51 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_belt 2014-12-24 10:51 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_candle 2014-12-24 10:51 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-trouble 2014-12-24 10:51 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedog 2014-12-24 10:51 - 2014-12-24 20:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-word 2014-12-24 10:51 - 2014-12-24 20:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-bug 2014-12-24 10:51 - 2014-12-24 20:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceresort 2014-12-24 10:51 - 2014-12-24 20:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-mix 2014-12-24 10:51 - 2014-12-24 20:23 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_sentence 2014-12-24 10:51 - 2014-12-24 20:19 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_include 2014-12-24 10:51 - 2014-12-24 19:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-mistake 2014-12-24 10:51 - 2014-12-24 19:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-sign 2014-12-24 10:50 - 2014-12-30 18:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_incorporate 2014-12-24 10:50 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-trouble 2014-12-24 10:50 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_get 2014-12-24 10:50 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-remember 2014-12-24 10:50 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceapply 2014-12-24 10:50 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencepound 2014-12-24 10:50 - 2014-12-24 20:44 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-consist 2014-12-24 10:50 - 2014-12-24 20:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-forget 2014-12-24 10:50 - 2014-12-24 20:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_attend 2014-12-24 10:50 - 2014-12-24 20:20 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_picture 2014-12-24 10:50 - 2014-12-24 20:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceexercise 2014-12-24 10:50 - 2014-12-24 19:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-compare 2014-12-24 10:49 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-monitor 2014-12-24 10:49 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-beach 2014-12-24 10:49 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-sun 2014-12-24 10:49 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencegrade 2014-12-24 10:49 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedance 2014-12-24 10:49 - 2014-12-24 21:18 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_interview 2014-12-24 10:49 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_doctor 2014-12-24 10:49 - 2014-12-24 20:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-advance 2014-12-24 10:49 - 2014-12-24 20:16 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-conflict 2014-12-24 10:49 - 2014-12-24 18:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-worried 2014-12-24 10:49 - 2014-12-24 18:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-cover 2014-12-24 10:48 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_matter 2014-12-24 10:48 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencefear 2014-12-24 10:48 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-anger 2014-12-24 10:48 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceplace 2014-12-24 10:48 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_baby 2014-12-24 10:48 - 2014-12-24 21:08 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_reach 2014-12-24 10:48 - 2014-12-24 21:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-channel 2014-12-24 10:48 - 2014-12-24 20:48 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-settle 2014-12-24 10:48 - 2014-12-24 20:10 - 00000000 ___HD () C:\Users\*****\AppData\Loca\Audience-stand |
|
02.01.2015, 16:08
| #5 |
| | C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert Frst.txt part2 Code:
ATTFilter 2014-12-24 10:48 - 2014-12-24 20:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_part
2014-12-24 10:48 - 2014-12-24 19:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-enable
2014-12-24 10:48 - 2014-12-24 19:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceignore
2014-12-24 10:48 - 2014-12-24 18:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_care
2014-12-24 10:47 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-contact
2014-12-24 10:47 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_foot
2014-12-24 10:47 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_sleep
2014-12-24 10:47 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencelack
2014-12-24 10:47 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-state
2014-12-24 10:47 - 2014-12-24 20:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencepress
2014-12-24 10:47 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencemachine
2014-12-24 10:47 - 2014-12-24 20:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-request
2014-12-24 10:47 - 2014-12-24 20:33 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-calendar
2014-12-24 10:47 - 2014-12-24 19:18 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-issue
2014-12-24 10:47 - 2014-12-24 18:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceblue
2014-12-24 10:46 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-entrance
2014-12-24 10:46 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_select
2014-12-24 10:46 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-leg
2014-12-24 10:46 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-thank
2014-12-24 10:46 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-shut
2014-12-24 10:46 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-justify
2014-12-24 10:46 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-expose
2014-12-24 10:46 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_lay
2014-12-24 10:46 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceresort
2014-12-24 10:46 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_site
2014-12-24 10:46 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceestimate
2014-12-24 10:46 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_burn
2014-12-24 10:46 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-learn
2014-12-24 10:46 - 2014-12-24 20:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencevary
2014-12-24 10:46 - 2014-12-24 20:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-protect
2014-12-24 10:45 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceweigh
2014-12-24 10:45 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-strain
2014-12-24 10:45 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-task
2014-12-24 10:45 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-admit
2014-12-24 10:45 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_station
2014-12-24 10:45 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-being
2014-12-24 10:45 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-sand
2014-12-24 10:45 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-anticipate
2014-12-24 10:45 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_run
2014-12-24 10:45 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-please
2014-12-24 10:45 - 2014-12-24 20:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-contain
2014-12-24 10:45 - 2014-12-24 20:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-fee
2014-12-24 10:45 - 2014-12-24 20:26 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedig
2014-12-24 10:45 - 2014-12-24 19:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-separate
2014-12-24 10:45 - 2014-12-24 19:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-grandfather
2014-12-24 10:44 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_gift
2014-12-24 10:44 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencecondition
2014-12-24 10:44 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-is
2014-12-24 10:44 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencehurt
2014-12-24 10:44 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_lose
2014-12-24 10:44 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_click
2014-12-24 10:44 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebecome
2014-12-24 10:44 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-swing
2014-12-24 10:44 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceinterested
2014-12-24 10:44 - 2014-12-24 20:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedeal
2014-12-24 10:44 - 2014-12-24 20:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceslice
2014-12-24 10:44 - 2014-12-24 20:13 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_tone
2014-12-24 10:44 - 2014-12-24 18:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_dry
2014-12-24 10:43 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-criticize
2014-12-24 10:43 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_hang
2014-12-24 10:43 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-clerk
2014-12-24 10:43 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceabuse
2014-12-24 10:43 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencetree
2014-12-24 10:43 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-angle
2014-12-24 10:43 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencestore
2014-12-24 10:43 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencecomment
2014-12-24 10:43 - 2014-12-24 21:15 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-notice
2014-12-24 10:43 - 2014-12-24 21:10 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-improve
2014-12-24 10:43 - 2014-12-24 21:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencesolve
2014-12-24 10:43 - 2014-12-24 20:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_picture
2014-12-24 10:43 - 2014-12-24 20:20 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceexist
2014-12-24 10:42 - 2014-12-30 18:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_hang
2014-12-24 10:42 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-cat
2014-12-24 10:42 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_born
2014-12-24 10:42 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-explain
2014-12-24 10:42 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-hide
2014-12-24 10:42 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencereference
2014-12-24 10:42 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-state
2014-12-24 10:42 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-side
2014-12-24 10:42 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_select
2014-12-24 10:42 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-eat
2014-12-24 10:42 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-distribute
2014-12-24 10:42 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencevary
2014-12-24 10:42 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceconcern
2014-12-24 10:42 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-review
2014-12-24 10:42 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-purchase
2014-12-24 10:42 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceclosed
2014-12-24 10:42 - 2014-12-24 20:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebring
2014-12-24 10:42 - 2014-12-24 20:44 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_nail
2014-12-24 10:42 - 2014-12-24 20:44 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_loose
2014-12-24 10:41 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-choose
2014-12-24 10:41 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_remain
2014-12-24 10:41 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-content
2014-12-24 10:41 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_sense
2014-12-24 10:41 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_evidence
2014-12-24 10:41 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_floor
2014-12-24 10:41 - 2014-12-24 21:08 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-term
2014-12-24 10:41 - 2014-12-24 21:07 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-face
2014-12-24 10:41 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-voice
2014-12-24 10:41 - 2014-12-24 20:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-earth
2014-12-24 10:41 - 2014-12-24 20:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_progress
2014-12-24 10:41 - 2014-12-24 20:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_affect
2014-12-24 10:41 - 2014-12-24 20:19 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-must
2014-12-24 10:41 - 2014-12-24 20:19 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-birth
2014-12-24 10:41 - 2014-12-24 20:13 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-stress
2014-12-24 10:41 - 2014-12-24 19:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-quit
2014-12-24 10:41 - 2014-12-24 19:29 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-class
2014-12-24 10:40 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_charge
2014-12-24 10:40 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-assist
2014-12-24 10:40 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-dare
2014-12-24 10:40 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-theme
2014-12-24 10:40 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-body
2014-12-24 10:40 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-wave
2014-12-24 10:40 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_wonder
2014-12-24 10:40 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_tune
2014-12-24 10:40 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_secure
2014-12-24 10:40 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_overcome
2014-12-24 10:40 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_station
2014-12-24 10:40 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_counter
2014-12-24 10:40 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebranch
2014-12-24 10:40 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-telephone
2014-12-24 10:40 - 2014-12-24 21:15 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceradio
2014-12-24 10:40 - 2014-12-24 20:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_interview
2014-12-24 10:40 - 2014-12-24 20:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencespite
2014-12-24 10:40 - 2014-12-24 20:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceisland
2014-12-24 10:40 - 2014-12-24 19:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_cross
2014-12-24 10:39 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_title
2014-12-24 10:39 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_live
2014-12-24 10:39 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceslice
2014-12-24 10:39 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-qualify
2014-12-24 10:39 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencegarden
2014-12-24 10:39 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_guy
2014-12-24 10:39 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_marry
2014-12-24 10:39 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_range
2014-12-24 10:39 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-spend
2014-12-24 10:39 - 2014-12-24 21:26 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-ensure
2014-12-24 10:39 - 2014-12-24 21:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedisappointed
2014-12-24 10:39 - 2014-12-24 21:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-register
2014-12-24 10:39 - 2014-12-24 20:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-deliver
2014-12-24 10:39 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-bike
2014-12-24 10:39 - 2014-12-24 20:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-park
2014-12-24 10:39 - 2014-12-24 20:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceassociate
2014-12-24 10:38 - 2014-12-30 18:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_include
2014-12-24 10:38 - 2014-12-24 22:05 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencesmile
2014-12-24 10:38 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_option
2014-12-24 10:38 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencerealize
2014-12-24 10:38 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-finish
2014-12-24 10:38 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-shoulder
2014-12-24 10:38 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_attach
2014-12-24 10:38 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-layer
2014-12-24 10:38 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_fight
2014-12-24 10:38 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-mouse
2014-12-24 10:38 - 2014-12-24 21:10 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_tune
2014-12-24 10:38 - 2014-12-24 21:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-share
2014-12-24 10:38 - 2014-12-24 20:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_delay
2014-12-24 10:38 - 2014-12-24 20:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebelieve
2014-12-24 10:38 - 2014-12-24 19:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-field
2014-12-24 10:38 - 2014-12-24 18:33 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-bunch
2014-12-24 10:37 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-related
2014-12-24 10:37 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-image
2014-12-24 10:37 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_fire
2014-12-24 10:37 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-jacket
2014-12-24 10:37 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-joke
2014-12-24 10:37 - 2014-12-24 21:33 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_tool
2014-12-24 10:37 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-specify
2014-12-24 10:37 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-discipline
2014-12-24 10:37 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceconsult
2014-12-24 10:37 - 2014-12-24 21:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-friend
2014-12-24 10:37 - 2014-12-24 20:47 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-contest
2014-12-24 10:37 - 2014-12-24 20:44 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceready
2014-12-24 10:37 - 2014-12-24 20:26 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencechart
2014-12-24 10:37 - 2014-12-24 20:24 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-contest
2014-12-24 10:37 - 2014-12-24 20:10 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-pride
2014-12-24 10:37 - 2014-12-24 19:19 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-complete
2014-12-24 10:37 - 2014-12-24 18:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_delay
2014-12-24 10:37 - 2014-12-24 18:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencetrust
2014-12-24 10:36 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-resist
2014-12-24 10:36 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-wind
2014-12-24 10:36 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencethink
2014-12-24 10:36 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencesearch
2014-12-24 10:36 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_devil
2014-12-24 10:36 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedetermine
2014-12-24 10:36 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencepace
2014-12-24 10:36 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceparent
2014-12-24 10:36 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencerace
2014-12-24 10:36 - 2014-12-24 20:14 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_keep
2014-12-24 10:36 - 2014-12-24 19:07 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_pleasure
2014-12-24 10:36 - 2014-12-24 18:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_sandwich
2014-12-24 10:35 - 2014-12-24 22:05 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-oil
2014-12-24 10:35 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_luck
2014-12-24 10:35 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-horse
2014-12-24 10:35 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-suffer
2014-12-24 10:35 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-arise
2014-12-24 10:35 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-culture
2014-12-24 10:35 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceinfluence
2014-12-24 10:35 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_style
2014-12-24 10:35 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-trash
2014-12-24 10:35 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencesmart
2014-12-24 10:35 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-hire
2014-12-24 10:35 - 2014-12-24 21:10 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-hate
2014-12-24 10:35 - 2014-12-24 20:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-skirt
2014-12-24 10:35 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-tank
2014-12-24 10:35 - 2014-12-24 20:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencewish
2014-12-24 10:35 - 2014-12-24 20:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_profile
2014-12-24 10:35 - 2014-12-24 20:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-draw
2014-12-24 10:35 - 2014-12-24 20:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-encouraging
2014-12-24 10:35 - 2014-12-24 20:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-mirror
2014-12-24 10:35 - 2014-12-24 20:17 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebank
2014-12-24 10:35 - 2014-12-24 19:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-bid
2014-12-24 10:35 - 2014-12-24 18:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_test
2014-12-24 10:34 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-dimension
2014-12-24 10:34 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencewise
2014-12-24 10:34 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-gas
2014-12-24 10:34 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-adjust
2014-12-24 10:34 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceeven
2014-12-24 10:34 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-lock
2014-12-24 10:34 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_strike
2014-12-24 10:34 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebend
2014-12-24 10:34 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_cream
2014-12-24 10:34 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencehold
2014-12-24 10:34 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-word
2014-12-24 10:34 - 2014-12-24 21:12 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-birth
2014-12-24 10:34 - 2014-12-24 20:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_weather
2014-12-24 10:34 - 2014-12-24 20:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceshelter
2014-12-24 10:34 - 2014-12-24 20:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-arrive
2014-12-24 10:34 - 2014-12-24 20:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_extend
2014-12-24 10:34 - 2014-12-24 20:33 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceprogram
2014-12-24 10:34 - 2014-12-24 20:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_ship
2014-12-24 10:33 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-clerk
2014-12-24 10:33 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-sing
2014-12-24 10:33 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceadmire
2014-12-24 10:33 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-sun
2014-12-24 10:33 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-pour
2014-12-24 10:33 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-price
2014-12-24 10:33 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencetake
2014-12-24 10:33 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-shop
2014-12-24 10:33 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-organized
2014-12-24 10:33 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencesplit
2014-12-24 10:33 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_care
2014-12-24 10:33 - 2014-12-24 21:16 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-sport
2014-12-24 10:33 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-detailed
2014-12-24 10:33 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_quarter
2014-12-24 10:33 - 2014-12-24 21:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_travel
2014-12-24 10:33 - 2014-12-24 20:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedance
2014-12-24 10:33 - 2014-12-24 20:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceorganize
2014-12-24 10:33 - 2014-12-24 20:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceinvite
2014-12-24 10:33 - 2014-12-24 20:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_express
2014-12-24 10:33 - 2014-12-24 19:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencespace
2014-12-24 10:32 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-jump
2014-12-24 10:32 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceremaining
2014-12-24 10:32 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-rule
2014-12-24 10:32 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_judge
2014-12-24 10:32 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-separate
2014-12-24 10:32 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-feed
2014-12-24 10:32 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-record
2014-12-24 10:32 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencerepair
2014-12-24 10:32 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-prepare
2014-12-24 10:32 - 2014-12-24 21:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-ought
2014-12-24 10:32 - 2014-12-24 20:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencehope
2014-12-24 10:32 - 2014-12-24 20:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-cut
2014-12-24 10:32 - 2014-12-24 20:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_sell
2014-12-24 10:32 - 2014-12-24 19:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_pipe
2014-12-24 10:32 - 2014-12-24 19:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebell
2014-12-24 10:32 - 2014-12-24 17:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-skin
2014-12-24 10:31 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedetail
2014-12-24 10:31 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-guarantee
2014-12-24 10:31 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_wonder
2014-12-24 10:31 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedecide
2014-12-24 10:31 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-deposit
2014-12-24 10:31 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_inform
2014-12-24 10:31 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-toe
2014-12-24 10:31 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceease
2014-12-24 10:31 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceattempt
2014-12-24 10:31 - 2014-12-24 21:16 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-coach
2014-12-24 10:31 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-band
2014-12-24 10:31 - 2014-12-24 21:13 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencerelate
2014-12-24 10:31 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-pretend
2014-12-24 10:31 - 2014-12-24 21:08 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-vacation
2014-12-24 10:31 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-wear
2014-12-24 10:31 - 2014-12-24 21:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedream
2014-12-24 10:31 - 2014-12-24 20:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-cable
2014-12-24 10:31 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-rise
2014-12-24 10:31 - 2014-12-24 20:47 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-campaign
2014-12-24 10:31 - 2014-12-24 20:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencefish
2014-12-24 10:31 - 2014-12-24 20:29 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-identify
2014-12-24 10:31 - 2014-12-24 20:19 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_luck
2014-12-24 10:31 - 2014-12-24 20:15 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencemeet
2014-12-24 10:31 - 2014-12-24 20:05 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-stomach
2014-12-24 10:31 - 2014-12-24 19:48 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_waste
2014-12-24 10:31 - 2014-12-24 18:05 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-busy
2014-12-24 10:30 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencechip
2014-12-24 10:30 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebat
2014-12-24 10:30 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-weight
2014-12-24 10:30 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-call
2014-12-24 10:30 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-purpose
2014-12-24 10:30 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-raise
2014-12-24 10:30 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-finger
2014-12-24 10:30 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-record
2014-12-24 10:30 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-bunch
2014-12-24 10:30 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-rope
2014-12-24 10:30 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-storm
2014-12-24 10:30 - 2014-12-24 21:13 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-wash
2014-12-24 10:30 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-find
2014-12-24 10:30 - 2014-12-24 21:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceturn
2014-12-24 10:30 - 2014-12-24 20:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-perform
2014-12-24 10:30 - 2014-12-24 20:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceretain
2014-12-24 10:30 - 2014-12-24 20:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_building
2014-12-24 10:30 - 2014-12-24 20:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-swing
2014-12-24 10:30 - 2014-12-24 20:19 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_stretch
2014-12-24 10:29 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-end
2014-12-24 10:29 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_evidence
2014-12-24 10:29 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-discuss
2014-12-24 10:29 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebell
2014-12-24 10:29 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-belong
2014-12-24 10:29 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-hide
2014-12-24 10:29 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-cable
2014-12-24 10:29 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-acquire
2014-12-24 10:29 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-cause
2014-12-24 10:29 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencestage
2014-12-24 10:29 - 2014-12-24 21:10 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_track
2014-12-24 10:29 - 2014-12-24 21:08 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_sharp
2014-12-24 10:29 - 2014-12-24 21:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_married
2014-12-24 10:29 - 2014-12-24 21:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-nurse
2014-12-24 10:29 - 2014-12-24 20:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceconnect
2014-12-24 10:29 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-exact
2014-12-24 10:29 - 2014-12-24 20:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedump
2014-12-24 10:29 - 2014-12-24 20:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-criticize
2014-12-24 10:29 - 2014-12-24 20:28 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-start
2014-12-24 10:29 - 2014-12-24 20:22 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencetired
2014-12-24 10:29 - 2014-12-24 17:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceease
2014-12-24 10:28 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceshall
2014-12-24 10:28 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_attend
2014-12-24 10:28 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_develop
2014-12-24 10:28 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-collar
2014-12-24 10:28 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_effect
2014-12-24 10:28 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-leave
2014-12-24 10:28 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-exit
2014-12-24 10:28 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencepack
2014-12-24 10:28 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-cap
2014-12-24 10:28 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceprogram
2014-12-24 10:28 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-finger
2014-12-24 10:28 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_amount
2014-12-24 10:28 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-establish
2014-12-24 10:28 - 2014-12-24 21:15 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-complain
2014-12-24 10:28 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_pipe
2014-12-24 10:28 - 2014-12-24 21:07 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-golf
2014-12-24 10:28 - 2014-12-24 20:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-score
2014-12-24 10:28 - 2014-12-24 20:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencemark
2014-12-24 10:28 - 2014-12-24 20:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_enjoy
2014-12-24 10:28 - 2014-12-24 20:06 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-image
2014-12-24 10:28 - 2014-12-24 19:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencewake
2014-12-24 10:27 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-gear
2014-12-24 10:27 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-have
2014-12-24 10:27 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_get
2014-12-24 10:27 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-supply
2014-12-24 10:27 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-knife
2014-12-24 10:27 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-slip
2014-12-24 10:27 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_pause
2014-12-24 10:27 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencepage
2014-12-24 10:27 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-dot
2014-12-24 10:27 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-highlight
2014-12-24 10:27 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_balance
2014-12-24 10:27 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencechip
2014-12-24 10:27 - 2014-12-24 21:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-eye
2014-12-24 10:27 - 2014-12-24 20:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_stroke
2014-12-24 10:27 - 2014-12-24 20:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-price
2014-12-24 10:27 - 2014-12-24 20:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_water
2014-12-24 10:27 - 2014-12-24 20:29 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_rip
2014-12-24 10:27 - 2014-12-24 20:14 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencefix
2014-12-24 10:27 - 2014-12-24 20:08 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceshower
2014-12-24 10:27 - 2014-12-24 19:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-speak
2014-12-24 10:26 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencepiece
2014-12-24 10:26 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-thank
2014-12-24 10:26 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-sky
2014-12-24 10:26 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-field
2014-12-24 10:26 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedisappointed
2014-12-24 10:26 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-acquire
2014-12-24 10:26 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-rely
2014-12-24 10:26 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-manage
2014-12-24 10:26 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_table
2014-12-24 10:26 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-hit
2014-12-24 10:26 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-view
2014-12-24 10:26 - 2014-12-24 20:41 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-shame
2014-12-24 10:26 - 2014-12-24 20:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceremove
2014-12-24 10:26 - 2014-12-24 20:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-offer
2014-12-24 10:26 - 2014-12-24 20:14 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_appear
2014-12-24 10:26 - 2014-12-24 18:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-shock
2014-12-24 10:25 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-rope
2014-12-24 10:25 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-attack
2014-12-24 10:25 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-slight
2014-12-24 10:25 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencecarpet
2014-12-24 10:25 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-dirty
2014-12-24 10:25 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceweigh
2014-12-24 10:25 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-mention
2014-12-24 10:25 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-belong
2014-12-24 10:25 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-park
2014-12-24 10:25 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_example
2014-12-24 10:25 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceremaining
2014-12-24 10:25 - 2014-12-24 21:18 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-hear
2014-12-24 10:25 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-busy
2014-12-24 10:25 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-wash
2014-12-24 10:25 - 2014-12-24 21:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-noise
2014-12-24 10:25 - 2014-12-24 20:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_profit
2014-12-24 10:25 - 2014-12-24 20:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_pin
2014-12-24 10:25 - 2014-12-24 20:33 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-section
2014-12-24 10:25 - 2014-12-24 20:29 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_award
2014-12-24 10:25 - 2014-12-24 18:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencelift
2014-12-24 10:25 - 2014-12-24 18:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-line
2014-12-24 10:24 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-treat
2014-12-24 10:24 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencesmart
2014-12-24 10:24 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-wall
2014-12-24 10:24 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencehole
2014-12-24 10:24 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-gain
2014-12-24 10:24 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-hit
2014-12-24 10:24 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceprovide
2014-12-24 10:24 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-like
2014-12-24 10:24 - 2014-12-24 20:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencerent
2014-12-24 10:24 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebank
2014-12-24 10:24 - 2014-12-24 20:12 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-wrap
2014-12-24 10:24 - 2014-12-24 19:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencecash
2014-12-24 10:24 - 2014-12-24 19:26 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-participate
2014-12-24 10:24 - 2014-12-24 19:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_depend
2014-12-24 10:23 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencesort
2014-12-24 10:23 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_cycle
2014-12-24 10:23 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_stop
2014-12-24 10:23 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-purchase
2014-12-24 10:23 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-try
2014-12-24 10:23 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-crack
2014-12-24 10:23 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-stick
2014-12-24 10:23 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-fan
2014-12-24 10:23 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_heat
2014-12-24 10:23 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_was
2014-12-24 10:23 - 2014-12-24 21:12 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_would
2014-12-24 10:23 - 2014-12-24 21:07 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-notice
2014-12-24 10:23 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceset
2014-12-24 10:23 - 2014-12-24 20:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-release
2014-12-24 10:23 - 2014-12-24 20:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-convert
2014-12-24 10:23 - 2014-12-24 20:36 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-alarm
2014-12-24 10:23 - 2014-12-24 20:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-has
2014-12-24 10:23 - 2014-12-24 20:08 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencemixed
2014-12-24 10:23 - 2014-12-24 17:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-please
2014-12-24 10:22 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-reflect
2014-12-24 10:22 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_argue
2014-12-24 10:22 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencefinance
2014-12-24 10:22 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencepray
2014-12-24 10:22 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-air
2014-12-24 10:22 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-involve
2014-12-24 10:22 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_example
2014-12-24 10:22 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-quit
2014-12-24 10:22 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-permit
2014-12-24 10:22 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-mix
2014-12-24 10:22 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-age
2014-12-24 10:22 - 2014-12-24 21:30 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-bench
2014-12-24 10:22 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-guard
2014-12-24 10:22 - 2014-12-24 21:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-closet
2014-12-24 10:22 - 2014-12-24 20:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_paint
2014-12-24 10:22 - 2014-12-24 20:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-teach
2014-12-24 10:22 - 2014-12-24 20:27 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedump
2014-12-24 10:22 - 2014-12-24 19:18 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_sell
2014-12-24 10:22 - 2014-12-24 18:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-prepare
2014-12-24 10:21 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-make
2014-12-24 10:21 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceescape
2014-12-24 10:21 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_book
2014-12-24 10:21 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-been
2014-12-24 10:21 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-spirit
2014-12-24 10:21 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-theme
2014-12-24 10:21 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-empty
2014-12-24 10:21 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-type
2014-12-24 10:21 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-process
2014-12-24 10:21 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-process
2014-12-24 10:21 - 2014-12-24 21:08 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-owe
2014-12-24 10:21 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-manufacturing
2014-12-24 10:21 - 2014-12-24 20:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-mention
2014-12-24 10:21 - 2014-12-24 20:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-occur
2014-12-24 10:21 - 2014-12-24 20:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceground
2014-12-24 10:21 - 2014-12-24 20:10 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-bench
2014-12-24 10:21 - 2014-12-24 19:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_harm
2014-12-24 10:21 - 2014-12-24 19:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencerealize
2014-12-24 10:20 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-block
2014-12-24 10:20 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-visit
2014-12-24 10:20 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-tend
2014-12-24 10:20 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-light
2014-12-24 10:20 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_experienced
2014-12-24 10:20 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-deposit
2014-12-24 10:20 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-begin
2014-12-24 10:20 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-spring
2014-12-24 10:20 - 2014-12-24 21:33 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-indicate
2014-12-24 10:20 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-prove
2014-12-24 10:20 - 2014-12-24 21:26 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceboard
2014-12-24 10:20 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_court
2014-12-24 10:20 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-note
2014-12-24 10:20 - 2014-12-24 21:08 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_clue
2014-12-24 10:20 - 2014-12-24 21:07 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceclosed
2014-12-24 10:20 - 2014-12-24 20:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceshow
2014-12-24 10:20 - 2014-12-24 20:25 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-carry
2014-12-24 10:20 - 2014-12-24 20:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-snow
2014-12-24 10:20 - 2014-12-24 20:19 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-spend
2014-12-24 10:20 - 2014-12-24 19:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-compete
2014-12-24 10:20 - 2014-12-24 19:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-manufacturing
2014-12-24 10:20 - 2014-12-24 19:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_trip
2014-12-24 10:20 - 2014-12-24 19:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-dust
2014-12-24 10:19 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-mess
2014-12-24 10:19 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-convince
2014-12-24 10:19 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebring
2014-12-24 10:19 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_garage
2014-12-24 10:19 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-supply
2014-12-24 10:19 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_fall
2014-12-24 10:19 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencerequire
2014-12-24 10:19 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencestuff
2014-12-24 10:19 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceseek
2014-12-24 10:19 - 2014-12-24 21:26 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-guide
2014-12-24 10:19 - 2014-12-24 21:18 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceaccount
2014-12-24 10:19 - 2014-12-24 21:08 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-guess
2014-12-24 10:19 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-see
2014-12-24 10:19 - 2014-12-24 20:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-film
2014-12-24 10:19 - 2014-12-24 20:48 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceoperate
2014-12-24 10:19 - 2014-12-24 20:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-establish
2014-12-24 10:19 - 2014-12-24 20:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_bite
2014-12-24 10:19 - 2014-12-24 20:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_foot
2014-12-24 10:19 - 2014-12-24 20:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebat
2014-12-24 10:19 - 2014-12-24 20:09 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-line
2014-12-24 10:19 - 2014-12-24 18:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceparent
2014-12-24 10:18 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_boss
2014-12-24 10:18 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencehole
2014-12-24 10:18 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_discount
2014-12-24 10:18 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_use
2014-12-24 10:18 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-finish
2014-12-24 10:18 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_mail
2014-12-24 10:18 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-traffic
2014-12-24 10:18 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-guide
2014-12-24 10:18 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-divide
2014-12-24 10:18 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-figure
2014-12-24 10:18 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-play
2014-12-24 10:18 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-mate
2014-12-24 10:18 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-hate
2014-12-24 10:18 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-play
2014-12-24 10:18 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencenose
2014-12-24 10:18 - 2014-12-24 21:19 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencemuscle
2014-12-24 10:18 - 2014-12-24 21:18 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencelunch
2014-12-24 10:18 - 2014-12-24 21:15 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencecondition
2014-12-24 10:18 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-offer
2014-12-24 10:18 - 2014-12-24 21:10 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_build
2014-12-24 10:18 - 2014-12-24 21:07 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_deserve
2014-12-24 10:18 - 2014-12-24 21:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencelook
2014-12-24 10:18 - 2014-12-24 21:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-cat
2014-12-24 10:18 - 2014-12-24 20:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencemiss
2014-12-24 10:18 - 2014-12-24 20:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_copy
2014-12-24 10:18 - 2014-12-24 20:30 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencewait
2014-12-24 10:18 - 2014-12-24 20:08 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_marry
2014-12-24 10:18 - 2014-12-24 19:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencereward
2014-12-24 10:18 - 2014-12-24 18:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-pride
2014-12-24 10:17 - 2014-12-24 22:05 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceeven
2014-12-24 10:17 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-illustrate
2014-12-24 10:17 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-phase
2014-12-24 10:17 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-sugar
2014-12-24 10:17 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceadapt
2014-12-24 10:17 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceloan
2014-12-24 10:17 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_season
2014-12-24 10:17 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-assure
2014-12-24 10:17 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_affect
2014-12-24 10:17 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-investigate
2014-12-24 10:17 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-is
2014-12-24 10:17 - 2014-12-24 21:13 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_tackle
2014-12-24 10:17 - 2014-12-24 21:13 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-arm
2014-12-24 10:17 - 2014-12-24 20:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-discipline
2014-12-24 10:17 - 2014-12-24 19:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceabuse
2014-12-24 10:17 - 2014-12-24 19:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-horse
2014-12-24 10:17 - 2014-12-24 19:18 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-prevent
2014-12-24 10:16 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-rock
2014-12-24 10:16 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-touch
2014-12-24 10:16 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencezone
2014-12-24 10:16 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-edge
2014-12-24 10:16 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_land
2014-12-24 10:16 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-represent
2014-12-24 10:16 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_keep
2014-12-24 10:16 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-service
2014-12-24 10:16 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_drink
2014-12-24 10:16 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencetrade
2014-12-24 10:16 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceavoid
2014-12-24 10:16 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceschedule
2014-12-24 10:16 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencehurt
2014-12-24 10:16 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-card
2014-12-24 10:16 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_tool
2014-12-24 10:16 - 2014-12-24 21:10 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-band
2014-12-24 10:16 - 2014-12-24 19:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-mean
2014-12-24 10:16 - 2014-12-24 18:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencetaste
2014-12-24 10:16 - 2014-12-24 10:16 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-describe
2014-12-24 10:15 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-repeat
2014-12-24 10:15 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-enter
2014-12-24 10:15 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-dot
2014-12-24 10:15 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencetell
2014-12-24 10:15 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-bet
2014-12-24 10:15 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_feel
2014-12-24 10:15 - 2014-12-24 21:33 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceman
2014-12-24 10:15 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-hurry
2014-12-24 10:15 - 2014-12-24 21:26 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-generate
2014-12-24 10:15 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencesave
2014-12-24 10:15 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencesuspect
2014-12-24 10:15 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-mouth
2014-12-24 10:15 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-lead
2014-12-24 10:15 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceready
2014-12-24 10:15 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencetrain
2014-12-24 10:15 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencemeet
2014-12-24 10:15 - 2014-12-24 20:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_stretch
2014-12-24 10:15 - 2014-12-24 20:30 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-window
2014-12-24 10:15 - 2014-12-24 19:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedraft
2014-12-24 10:15 - 2014-12-24 19:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-ensure
2014-12-24 10:15 - 2014-12-24 18:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-understand
2014-12-24 10:14 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-screen
2014-12-24 10:14 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-monitor
2014-12-24 10:14 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_priest
2014-12-24 10:14 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencesuspect
2014-12-24 10:14 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceassociate
2014-12-24 10:14 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-owe
2014-12-24 10:14 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencename
2014-12-24 10:14 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_click
2014-12-24 10:14 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebottle
2014-12-24 10:14 - 2014-12-24 20:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_plate
2014-12-24 10:14 - 2014-12-24 20:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencerequire
2014-12-24 10:14 - 2014-12-24 20:27 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_combine
2014-12-24 10:14 - 2014-12-24 20:10 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceshelter
2014-12-24 10:14 - 2014-12-24 19:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_frame
2014-12-24 10:14 - 2014-12-24 19:28 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceexperience
2014-12-24 10:14 - 2014-12-24 10:26 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-task
2014-12-24 10:13 - 2014-12-31 20:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-access
2014-12-24 10:13 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-stand
2014-12-24 10:13 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_calculate
2014-12-24 10:13 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedog
2014-12-24 10:13 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_cow
2014-12-24 10:13 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-spray
2014-12-24 10:13 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_cow
2014-12-24 10:13 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-bike
2014-12-24 10:13 - 2014-12-24 21:33 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-sign
2014-12-24 10:13 - 2014-12-24 21:33 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_punch
2014-12-24 10:13 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-scratch
2014-12-24 10:13 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_check
2014-12-24 10:13 - 2014-12-24 21:13 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceauthor
2014-12-24 10:13 - 2014-12-24 20:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-row
2014-12-24 10:13 - 2014-12-24 20:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-project
2014-12-24 10:13 - 2014-12-24 20:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceneck
2014-12-24 10:13 - 2014-12-24 20:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_survey
2014-12-24 10:13 - 2014-12-24 20:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-till
2014-12-24 10:13 - 2014-12-24 20:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_act
2014-12-24 10:13 - 2014-12-24 20:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_scale
2014-12-24 10:13 - 2014-12-24 20:22 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-announce
2014-12-24 10:13 - 2014-12-24 19:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-touch
2014-12-24 10:13 - 2014-12-24 19:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-panic
2014-12-24 10:13 - 2014-12-24 19:13 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencefear
2014-12-24 10:12 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-has
2014-12-24 10:12 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_throw
2014-12-24 10:12 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-face
2014-12-24 10:12 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-generate
2014-12-24 10:12 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-fixed
2014-12-24 10:12 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencemarch
2014-12-24 10:12 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-research
2014-12-24 10:12 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_pitch
2014-12-24 10:12 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-introduce
2014-12-24 10:12 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencesave
2014-12-24 10:12 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-pay
2014-12-24 10:12 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_pause
2014-12-24 10:12 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_quarter
2014-12-24 10:12 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-coach
2014-12-24 10:12 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencecoast
2014-12-24 10:12 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-own
2014-12-24 10:12 - 2014-12-24 21:18 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-release
2014-12-24 10:12 - 2014-12-24 21:15 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-summer
2014-12-24 10:12 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_seem
2014-12-24 10:12 - 2014-12-24 21:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_surprise
2014-12-24 10:12 - 2014-12-24 20:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebottle
2014-12-24 10:12 - 2014-12-24 20:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_garage
2014-12-24 10:12 - 2014-12-24 20:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencelack
2014-12-24 10:12 - 2014-12-24 19:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-illustrate
2014-12-24 10:12 - 2014-12-24 19:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_propose
2014-12-24 10:12 - 2014-12-24 19:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-friend
2014-12-24 10:12 - 2014-12-24 19:06 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-cost
2014-12-24 10:11 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-invest
2014-12-24 10:11 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceborrow
2014-12-24 10:11 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_obtain
2014-12-24 10:11 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencemark
2014-12-24 10:11 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-benefit
2014-12-24 10:11 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencemarket
2014-12-24 10:11 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-exit
2014-12-24 10:11 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_retire
2014-12-24 10:11 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_clue
2014-12-24 10:11 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-detailed
2014-12-24 10:11 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceexist
2014-12-24 10:11 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_go
2014-12-24 10:11 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_advantage
2014-12-24 10:11 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-milk
2014-12-24 10:11 - 2014-12-24 21:07 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceroom
2014-12-24 10:11 - 2014-12-24 21:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_express
2014-12-24 10:11 - 2014-12-24 20:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencepray
2014-12-24 10:11 - 2014-12-24 20:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceclaim
2014-12-24 10:11 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_warn
2014-12-24 10:11 - 2014-12-24 20:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-beat
2014-12-24 10:11 - 2014-12-24 20:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_target
2014-12-24 10:11 - 2014-12-24 20:12 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_book
2014-12-24 10:11 - 2014-12-24 19:30 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceapologize
2014-12-24 10:11 - 2014-12-24 10:11 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-passage
2014-12-24 10:10 - 2014-12-30 18:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_imagine
2014-12-24 10:10 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencesail
2014-12-24 10:10 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-start
2014-12-24 10:10 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_warn
2014-12-24 10:10 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_feature
2014-12-24 10:10 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-break
2014-12-24 10:10 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencecrash
2014-12-24 10:10 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-replace
2014-12-24 10:10 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-expose
2014-12-24 10:10 - 2014-12-24 21:30 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencepot
2014-12-24 10:10 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-cry
2014-12-24 10:10 - 2014-12-24 21:26 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-receive
2014-12-24 10:10 - 2014-12-24 21:19 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_officer
2014-12-24 10:10 - 2014-12-24 21:12 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-storm
2014-12-24 10:10 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencesize
2014-12-24 10:10 - 2014-12-24 20:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-demand
2014-12-24 10:10 - 2014-12-24 20:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-return
2014-12-24 10:10 - 2014-12-24 20:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-compete
2014-12-24 10:10 - 2014-12-24 20:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-gap
2014-12-24 10:10 - 2014-12-24 20:22 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencelimited
2014-12-24 10:10 - 2014-12-24 19:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-brush
2014-12-24 10:10 - 2014-12-24 18:12 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-breast
2014-12-24 10:09 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-campaign
2014-12-24 10:09 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencestaff
2014-12-24 10:09 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_salary
2014-12-24 10:09 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceschedule
2014-12-24 10:09 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceappreciate
2014-12-24 10:09 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencestable
2014-12-24 10:09 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceresolve
2014-12-24 10:09 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_spot
2014-12-24 10:09 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_contribute
2014-12-24 10:09 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_value
2014-12-24 10:09 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-model
2014-12-24 10:09 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-compare
2014-12-24 10:09 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-commission
2014-12-24 10:09 - 2014-12-24 21:33 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_sink
2014-12-24 10:09 - 2014-12-24 21:30 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-kill
2014-12-24 10:09 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-advance
2014-12-24 10:09 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-approach
2014-12-24 10:09 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_say
2014-12-24 10:09 - 2014-12-24 21:16 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencecake
2014-12-24 10:09 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-stomach
2014-12-24 10:09 - 2014-12-24 20:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_twist
2014-12-24 10:09 - 2014-12-24 20:41 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-discuss
2014-12-24 10:09 - 2014-12-24 20:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceconsider
2014-12-24 10:09 - 2014-12-24 18:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-kid
2014-12-24 10:08 - 2014-12-31 20:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-according
2014-12-24 10:08 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-pleased
2014-12-24 10:08 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_smell
2014-12-24 10:08 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_camp
2014-12-24 10:08 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-cost
2014-12-24 10:08 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceproposed
2014-12-24 10:08 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-milk
2014-12-24 10:08 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_balance
2014-12-24 10:08 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-voice
2014-12-24 10:08 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_craft
2014-12-24 10:08 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-husband
2014-12-24 10:08 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-roll
2014-12-24 10:08 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-related
2014-12-24 10:08 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-pay
2014-12-24 10:08 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_intend
2014-12-24 10:08 - 2014-12-24 21:30 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-engage
2014-12-24 10:08 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-pain
2014-12-24 10:08 - 2014-12-24 21:19 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceestimate
2014-12-24 10:08 - 2014-12-24 21:12 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-answer
2014-12-24 10:08 - 2014-12-24 21:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_drive
2014-12-24 10:08 - 2014-12-24 20:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-ticket
2014-12-24 10:08 - 2014-12-24 20:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-link
2014-12-24 10:08 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-plant
2014-12-24 10:08 - 2014-12-24 20:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-steal
2014-12-24 10:08 - 2014-12-24 20:48 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-respond
2014-12-24 10:08 - 2014-12-24 20:47 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-document
2014-12-24 10:08 - 2014-12-24 20:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencekick
2014-12-24 10:08 - 2014-12-24 20:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_plate
2014-12-24 10:08 - 2014-12-24 20:13 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-brick
2014-12-24 10:08 - 2014-12-24 20:11 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-correct
2014-12-24 10:08 - 2014-12-24 20:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-ask
2014-12-24 10:08 - 2014-12-24 18:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-guarantee
2014-12-24 10:08 - 2014-12-24 18:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_loose
2014-12-24 10:07 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencerelate
2014-12-24 10:07 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencereveal
2014-12-24 10:07 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-raise
2014-12-24 10:07 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-bed
2014-12-24 10:07 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceblue
2014-12-24 10:07 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_list
2014-12-24 10:07 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_go
2014-12-24 10:07 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencelecture
2014-12-24 10:07 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-bowl
2014-12-24 10:07 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-type
2014-12-24 10:07 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-light
2014-12-24 10:07 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_team
2014-12-24 10:07 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-section
2014-12-24 10:07 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-try
2014-12-24 10:07 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_suppose
2014-12-24 10:07 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_stop
2014-12-24 10:07 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_quote
2014-12-24 10:07 - 2014-12-24 21:26 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_scale
2014-12-24 10:07 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-break
2014-12-24 10:07 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_company
2014-12-24 10:07 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-imply
2014-12-24 10:07 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_spread
2014-12-24 10:07 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-screen
2014-12-24 10:07 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceclaim
2014-12-24 10:07 - 2014-12-24 21:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencename
2014-12-24 10:07 - 2014-12-24 20:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-content
2014-12-24 10:07 - 2014-12-24 20:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_incorporate
2014-12-24 10:07 - 2014-12-24 20:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebone
2014-12-24 10:07 - 2014-12-24 20:20 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_use
2014-12-24 10:07 - 2014-12-24 19:25 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-being
2014-12-24 10:07 - 2014-12-24 18:32 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-arise
2014-12-24 10:07 - 2014-12-24 10:07 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-surround
2014-12-24 10:06 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceagree
2014-12-24 10:06 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-adjust
2014-12-24 10:06 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-anger
2014-12-24 10:06 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencenegotiate
2014-12-24 10:06 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-object
2014-12-24 10:06 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_sharp
2014-12-24 10:06 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencesound
2014-12-24 10:06 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-occur
2014-12-24 10:06 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencesound
2014-12-24 10:06 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencepressure
2014-12-24 10:06 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-behave
2014-12-24 10:06 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencelecture
2014-12-24 10:06 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-kiss
2014-12-24 10:06 - 2014-12-24 21:30 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-shoe
2014-12-24 10:06 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceescape
2014-12-24 10:06 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencepoint
2014-12-24 10:06 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_form
2014-12-24 10:06 - 2014-12-24 21:19 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencehesitate
2014-12-24 10:06 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebrain
2014-12-24 10:06 - 2014-12-24 20:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-commission
2014-12-24 10:06 - 2014-12-24 20:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-convince
2014-12-24 10:06 - 2014-12-24 20:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencescrew
2014-12-24 10:06 - 2014-12-24 20:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceconsider
2014-12-24 10:06 - 2014-12-24 19:23 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-wing
2014-12-24 10:06 - 2014-12-24 18:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencereason
2014-12-24 10:06 - 2014-12-24 18:33 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-design
2014-12-24 10:06 - 2014-12-24 18:08 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedie
2014-12-24 10:05 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_blame
2014-12-24 10:05 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_star
2014-12-24 10:05 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-culture
2014-12-24 10:05 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencetrain
2014-12-24 10:05 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_warm
2014-12-24 10:05 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-figure
2014-12-24 10:05 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_maintain
2014-12-24 10:05 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceresult
2014-12-24 10:05 - 2014-12-24 21:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencefault
2014-12-24 10:05 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_calculate
2014-12-24 10:05 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-earn
2014-12-24 10:05 - 2014-12-24 21:15 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-perform
2014-12-24 10:05 - 2014-12-24 21:07 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceperfect
2014-12-24 10:05 - 2014-12-24 21:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_punch
2014-12-24 10:05 - 2014-12-24 20:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencestudy
2014-12-24 10:05 - 2014-12-24 20:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_implement
2014-12-24 10:05 - 2014-12-24 20:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_wheel
2014-12-24 10:05 - 2014-12-24 20:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedetermine
2014-12-24 10:05 - 2014-12-24 20:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_distance
2014-12-24 10:05 - 2014-12-24 19:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_shake
2014-12-24 10:05 - 2014-12-24 19:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-date
2014-12-24 10:05 - 2014-12-24 19:30 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_prefer
2014-12-24 10:05 - 2014-12-24 17:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_expect
2014-12-24 10:04 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-identify
2014-12-24 10:04 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencegive
2014-12-24 10:04 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencestaff
2014-12-24 10:04 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_interest
2014-12-24 10:04 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-traffic
2014-12-24 10:04 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_script
2014-12-24 10:04 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_combine
2014-12-24 10:04 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-feed
2014-12-24 10:04 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-help
2014-12-24 10:04 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_sense
2014-12-24 10:04 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_smell
2014-12-24 10:04 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-bus
2014-12-24 10:04 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_disagree
2014-12-24 10:04 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_land
2014-12-24 10:04 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-refer
2014-12-24 10:04 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_act
2014-12-24 10:04 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_grab
2014-12-24 10:04 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_curve
2014-12-24 10:04 - 2014-12-24 21:15 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencepractice
2014-12-24 10:04 - 2014-12-24 21:10 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencefit
2014-12-24 10:04 - 2014-12-24 21:08 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-respond
2014-12-24 10:04 - 2014-12-24 21:06 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-have
2014-12-24 10:04 - 2014-12-24 21:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-cap
2014-12-24 10:04 - 2014-12-24 21:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceisland
2014-12-24 10:04 - 2014-12-24 21:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceexercise
2014-12-24 10:04 - 2014-12-24 21:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-average
2014-12-24 10:04 - 2014-12-24 20:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_lose
2014-12-24 10:04 - 2014-12-24 20:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-text
2014-12-24 10:04 - 2014-12-24 20:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebear
2014-12-24 10:04 - 2014-12-24 20:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_seem
2014-12-24 10:04 - 2014-12-24 20:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-permit
2014-12-24 10:04 - 2014-12-24 20:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-deliver
2014-12-24 10:04 - 2014-12-24 20:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-read
2014-12-24 10:04 - 2014-12-24 19:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceinterested
2014-12-24 10:04 - 2014-12-24 18:18 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_deserve
2014-12-24 10:03 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencestudy
2014-12-24 10:03 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_case
2014-12-24 10:03 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-shame
2014-12-24 10:03 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-increase
2014-12-24 10:03 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-egg
2014-12-24 10:03 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_suppose
2014-12-24 10:03 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_fight
2014-12-24 10:03 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-mate
2014-12-24 10:03 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceletter
2014-12-24 10:03 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_enhance
2014-12-24 10:03 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_cross
2014-12-24 10:03 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_engineer
2014-12-24 10:03 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-excuse
2014-12-24 10:03 - 2014-12-24 21:26 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_advantage
2014-12-24 10:03 - 2014-12-24 21:19 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-request
2014-12-24 10:03 - 2014-12-24 21:12 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-receive
2014-12-24 10:03 - 2014-12-24 21:10 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencerepair
2014-12-24 10:03 - 2014-12-24 21:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_cancel
2014-12-24 10:03 - 2014-12-24 21:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-fee
2014-12-24 10:03 - 2014-12-24 20:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_maintain
2014-12-24 10:03 - 2014-12-24 20:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-alarm
2014-12-24 10:03 - 2014-12-24 20:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-recover
|
|
02.01.2015, 16:09
| #6 |
| | C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert Frst.txt part3 Code:
ATTFilter 2014-12-24 10:03 - 2014-12-24 20:25 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-war
2014-12-24 10:03 - 2014-12-24 20:12 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceplace
2014-12-24 10:03 - 2014-12-24 19:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-soil
2014-12-24 10:03 - 2014-12-24 19:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-passage
2014-12-24 10:03 - 2014-12-24 18:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencecommit
2014-12-24 10:03 - 2014-12-24 18:16 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceoccasion
2014-12-24 10:03 - 2014-12-24 18:13 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_water
2014-12-24 10:03 - 2014-12-24 17:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_priest
2014-12-24 10:02 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-bus
2014-12-24 10:02 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceattract
2014-12-24 10:02 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebelieve
2014-12-24 10:02 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_blank
2014-12-24 10:02 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_credit
2014-12-24 10:02 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-essay
2014-12-24 10:02 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-promise
2014-12-24 10:02 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_career
2014-12-24 10:02 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-chain
2014-12-24 10:02 - 2014-12-24 21:33 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_glove
2014-12-24 10:02 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-surprised
2014-12-24 10:02 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-exact
2014-12-24 10:02 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-justify
2014-12-24 10:02 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-learn
2014-12-24 10:02 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_walk
2014-12-24 10:02 - 2014-12-24 21:12 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-impact
2014-12-24 10:02 - 2014-12-24 21:07 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-create
2014-12-24 10:02 - 2014-12-24 21:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-create
2014-12-24 10:02 - 2014-12-24 20:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebrain
2014-12-24 10:02 - 2014-12-24 20:44 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-invest
2014-12-24 10:02 - 2014-12-24 20:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-candy
2014-12-24 10:02 - 2014-12-24 20:26 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-participate
2014-12-24 10:02 - 2014-12-24 20:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_site
2014-12-24 10:02 - 2014-12-24 20:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencechair
2014-12-24 10:02 - 2014-12-24 20:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceborrow
2014-12-24 10:02 - 2014-12-24 19:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceauthor
2014-12-24 10:02 - 2014-12-24 19:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceoperate
2014-12-24 10:02 - 2014-12-24 19:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-tear
2014-12-24 10:02 - 2014-12-24 19:12 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-return
2014-12-24 10:01 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-understand
2014-12-24 10:01 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencemixed
2014-12-24 10:01 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-service
2014-12-24 10:01 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-entrance
2014-12-24 10:01 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_fill
2014-12-24 10:01 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-hear
2014-12-24 10:01 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_retire
2014-12-24 10:01 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-pass
2014-12-24 10:01 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceexchange
2014-12-24 10:01 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-function
2014-12-24 10:01 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_cream
2014-12-24 10:01 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencesplit
2014-12-24 10:01 - 2014-12-24 21:26 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencereason
2014-12-24 10:01 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-admit
2014-12-24 10:01 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-scheme
2014-12-24 10:01 - 2014-12-24 21:16 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_feature
2014-12-24 10:01 - 2014-12-24 20:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-pattern
2014-12-24 10:01 - 2014-12-24 20:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-scheme
2014-12-24 10:01 - 2014-12-24 20:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-drop
2014-12-24 10:01 - 2014-12-24 19:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-make
2014-12-24 10:01 - 2014-12-24 19:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-pursue
2014-12-24 10:01 - 2014-12-24 19:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-visit
2014-12-24 10:01 - 2014-12-24 18:12 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencefirm
2014-12-24 10:01 - 2014-12-24 10:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-worried
2014-12-24 10:00 - 2014-12-31 20:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-accuse
2014-12-24 10:00 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-function
2014-12-24 10:00 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceneed
2014-12-24 10:00 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_suck
2014-12-24 10:00 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_say
2014-12-24 10:00 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-design
2014-12-24 10:00 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_bridge
2014-12-24 10:00 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-produce
2014-12-24 10:00 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_prefer
2014-12-24 10:00 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-narrow
2014-12-24 10:00 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-tear
2014-12-24 10:00 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencehappen
2014-12-24 10:00 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_relax
2014-12-24 10:00 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-cause
2014-12-24 10:00 - 2014-12-24 21:36 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-bother
2014-12-24 10:00 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-change
2014-12-24 10:00 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencecoast
2014-12-24 10:00 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencecatch
2014-12-24 10:00 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-carry
2014-12-24 10:00 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencetaste
2014-12-24 10:00 - 2014-12-24 21:19 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_string
2014-12-24 10:00 - 2014-12-24 21:18 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_buy
2014-12-24 10:00 - 2014-12-24 21:10 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebe
2014-12-24 10:00 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_floor
2014-12-24 10:00 - 2014-12-24 20:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-engage
2014-12-24 10:00 - 2014-12-24 20:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_discount
2014-12-24 10:00 - 2014-12-24 20:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_boat
2014-12-24 10:00 - 2014-12-24 20:09 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-bag
2014-12-24 10:00 - 2014-12-24 19:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceshower
2014-12-24 10:00 - 2014-12-24 19:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-load
2014-12-24 10:00 - 2014-12-24 18:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencebox
2014-12-24 09:59 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencestore
2014-12-24 09:59 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-breakfast
2014-12-24 09:59 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-hunt
2014-12-24 09:59 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_father
2014-12-24 09:59 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceshow
2014-12-24 09:59 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-comfort
2014-12-24 09:59 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-afford
2014-12-24 09:59 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-appeal
2014-12-24 09:59 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-tap
2014-12-24 09:59 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_live
2014-12-24 09:59 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-snow
2014-12-24 09:59 - 2014-12-24 21:26 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-accept
2014-12-24 09:59 - 2014-12-24 21:26 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-ask
2014-12-24 09:59 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencesmile
2014-12-24 09:59 - 2014-12-24 21:19 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-support
2014-12-24 09:59 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-channel
2014-12-24 09:59 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_peak
2014-12-24 09:59 - 2014-12-24 21:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_matter
2014-12-24 09:59 - 2014-12-24 20:56 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-candy
2014-12-24 09:59 - 2014-12-24 20:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_copy
2014-12-24 09:59 - 2014-12-24 20:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_write
2014-12-24 09:59 - 2014-12-24 20:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceletter
2014-12-24 09:59 - 2014-12-24 20:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-remind
2014-12-24 09:59 - 2014-12-24 19:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-focus
2014-12-24 09:59 - 2014-12-24 19:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencestay
2014-12-24 09:59 - 2014-12-24 19:18 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-average
2014-12-24 09:59 - 2014-12-24 19:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceprovide
2014-12-24 09:58 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-spirit
2014-12-24 09:58 - 2014-12-24 22:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-row
2014-12-24 09:58 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceserve
2014-12-24 09:58 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_suck
2014-12-24 09:58 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-arrive
2014-12-24 09:58 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-draw
2014-12-24 09:58 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencetired
2014-12-24 09:58 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencereact
2014-12-24 09:58 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-rate
2014-12-24 09:58 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceground
2014-12-24 09:58 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_trip
2014-12-24 09:58 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-put
2014-12-24 09:58 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_engineer
2014-12-24 09:58 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-truck
2014-12-24 09:58 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-introduce
2014-12-24 09:58 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-impact
2014-12-24 09:58 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-pool
2014-12-24 09:58 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencepen
2014-12-24 09:58 - 2014-12-24 21:30 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-rub
2014-12-24 09:58 - 2014-12-24 21:28 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_rain
2014-12-24 09:58 - 2014-12-24 21:15 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-file
2014-12-24 09:58 - 2014-12-24 21:12 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencetree
2014-12-24 09:58 - 2014-12-24 21:12 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-watch
2014-12-24 09:58 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-iron
2014-12-24 09:58 - 2014-12-24 20:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-translate
2014-12-24 09:58 - 2014-12-24 20:48 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-knee
2014-12-24 09:58 - 2014-12-24 20:29 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-laugh
2014-12-24 09:58 - 2014-12-24 20:14 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_insist
2014-12-24 09:58 - 2014-12-24 20:12 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-refer
2014-12-24 09:58 - 2014-12-24 20:10 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-destroy
2014-12-24 09:58 - 2014-12-24 19:09 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencepot
2014-12-24 09:57 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-file
2014-12-24 09:57 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceproposed
2014-12-24 09:57 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-command
2014-12-24 09:57 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencelawyer
2014-12-24 09:57 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-provided
2014-12-24 09:57 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-pleased
2014-12-24 09:57 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_rain
2014-12-24 09:57 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencereward
2014-12-24 09:57 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-shop
2014-12-24 09:57 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-rate
2014-12-24 09:57 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-fixed
2014-12-24 09:57 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-prompt
2014-12-24 09:57 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-ticket
2014-12-24 09:57 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-tax
2014-12-24 09:57 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-submit
2014-12-24 09:57 - 2014-12-24 21:30 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebox
2014-12-24 09:57 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_weather
2014-12-24 09:57 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-husband
2014-12-24 09:57 - 2014-12-24 21:19 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencepull
2014-12-24 09:57 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-tend
2014-12-24 09:57 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_sink
2014-12-24 09:57 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencepressure
2014-12-24 09:57 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-ruin
2014-12-24 09:57 - 2014-12-24 21:10 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-access
2014-12-24 09:57 - 2014-12-24 21:07 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_tip
2014-12-24 09:57 - 2014-12-24 21:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencecarpet
2014-12-24 09:57 - 2014-12-24 21:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-wall
2014-12-24 09:57 - 2014-12-24 20:58 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebecome
2014-12-24 09:57 - 2014-12-24 20:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceturn
2014-12-24 09:57 - 2014-12-24 20:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-metal
2014-12-24 09:57 - 2014-12-24 20:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_star
2014-12-24 09:57 - 2014-12-24 20:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceretain
2014-12-24 09:57 - 2014-12-24 19:18 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencereserve
2014-12-24 09:57 - 2014-12-24 19:07 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebase
2014-12-24 09:57 - 2014-12-24 10:30 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_buy
2014-12-24 09:56 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-note
2014-12-24 09:56 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencetake
2014-12-24 09:56 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-describe
2014-12-24 09:56 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-provided
2014-12-24 09:56 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-drag
2014-12-24 09:56 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-skirt
2014-12-24 09:56 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-swim
2014-12-24 09:56 - 2014-12-24 21:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-open
2014-12-24 09:56 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-know
2014-12-24 09:56 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-lock
2014-12-24 09:56 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-suit
2014-12-24 09:56 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_recommend
2014-12-24 09:56 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-number
2014-12-24 09:56 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-fan
2014-12-24 09:56 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencepen
2014-12-24 09:56 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-divide
2014-12-24 09:56 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-bicycle
2014-12-24 09:56 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencerace
2014-12-24 09:56 - 2014-12-24 21:26 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-encourage
2014-12-24 09:56 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-joke
2014-12-24 09:56 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-suffer
2014-12-24 09:56 - 2014-12-24 21:10 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-stress
2014-12-24 09:56 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceshine
2014-12-24 09:56 - 2014-12-24 21:08 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencemiss
2014-12-24 09:56 - 2014-12-24 21:07 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-achieve
2014-12-24 09:56 - 2014-12-24 21:07 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_propose
2014-12-24 09:56 - 2014-12-24 21:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencesmoke
2014-12-24 09:56 - 2014-12-24 21:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-kill
2014-12-24 09:56 - 2014-12-24 21:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceexplore
2014-12-24 09:56 - 2014-12-24 20:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedish
2014-12-24 09:56 - 2014-12-24 20:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencemove
2014-12-24 09:56 - 2014-12-24 20:26 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_struggle
2014-12-24 09:56 - 2014-12-24 20:20 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencecouple
2014-12-24 09:56 - 2014-12-24 19:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_belt
2014-12-24 09:56 - 2014-12-24 17:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_building
2014-12-24 09:56 - 2014-12-24 10:38 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_write
2014-12-24 09:55 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedie
2014-12-24 09:55 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_join
2014-12-24 09:55 - 2014-12-24 21:59 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencechallenge
2014-12-24 09:55 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-enable
2014-12-24 09:55 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_grab
2014-12-24 09:55 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencefinance
2014-12-24 09:55 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-fold
2014-12-24 09:55 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_amount
2014-12-24 09:55 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-appropriate
2014-12-24 09:55 - 2014-12-24 21:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencerisk
2014-12-24 09:55 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceconsult
2014-12-24 09:55 - 2014-12-24 21:26 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-damage
2014-12-24 09:55 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-tax
2014-12-24 09:55 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencefish
2014-12-24 09:55 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencecoat
2014-12-24 09:55 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceshine
2014-12-24 09:55 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-model
2014-12-24 09:55 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_craft
2014-12-24 09:55 - 2014-12-24 21:08 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_add
2014-12-24 09:55 - 2014-12-24 21:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-represent
2014-12-24 09:55 - 2014-12-24 20:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-weekend
2014-12-24 09:55 - 2014-12-24 20:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencehabit
2014-12-24 09:55 - 2014-12-24 20:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceappreciate
2014-12-24 09:55 - 2014-12-24 20:20 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_bill
2014-12-24 09:55 - 2014-12-24 19:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_bath
2014-12-24 09:55 - 2014-12-24 18:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencesucceed
2014-12-24 09:55 - 2014-12-24 18:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-wing
2014-12-24 09:54 - 2014-12-24 22:05 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-complicated
2014-12-24 09:54 - 2014-12-24 22:02 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-hook
2014-12-24 09:54 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencetransition
2014-12-24 09:54 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-beach
2014-12-24 09:54 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceapologize
2014-12-24 09:54 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-object
2014-12-24 09:54 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-ring
2014-12-24 09:54 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencebear
2014-12-24 09:54 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_ship
2014-12-24 09:54 - 2014-12-24 21:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_tackle
2014-12-24 09:54 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencecomment
2014-12-24 09:54 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_form
2014-12-24 09:54 - 2014-12-24 21:33 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceneck
2014-12-24 09:54 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-bother
2014-12-24 09:54 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceprint
2014-12-24 09:54 - 2014-12-24 21:21 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_host
2014-12-24 09:54 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-ball
2014-12-24 09:54 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-shoulder
2014-12-24 09:54 - 2014-12-24 21:14 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-amazing
2014-12-24 09:54 - 2014-12-24 21:12 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-group
2014-12-24 09:54 - 2014-12-24 21:12 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencegrade
2014-12-24 09:54 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-fruit
2014-12-24 09:54 - 2014-12-24 20:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-spray
2014-12-24 09:54 - 2014-12-24 20:29 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencedeal
2014-12-24 09:54 - 2014-12-24 20:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_baby
2014-12-24 09:54 - 2014-12-24 19:53 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-call
2014-12-24 09:54 - 2014-12-24 19:49 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_reach
2014-12-24 09:54 - 2014-12-24 19:43 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_test
2014-12-24 09:54 - 2014-12-24 19:26 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-appeal
2014-12-24 09:54 - 2014-12-24 19:21 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_list
2014-12-24 09:53 - 2014-12-24 22:05 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceaddress
2014-12-24 09:53 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-sock
2014-12-24 09:53 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-cry
2014-12-24 09:53 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedoubt
2014-12-24 09:53 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-course
2014-12-24 09:53 - 2014-12-24 21:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-arm
2014-12-24 09:53 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-bicycle
2014-12-24 09:53 - 2014-12-24 21:39 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencepage
2014-12-24 09:53 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-produce
2014-12-24 09:53 - 2014-12-24 21:33 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-hire
2014-12-24 09:53 - 2014-12-24 21:22 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-vacation
2014-12-24 09:53 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-plant
2014-12-24 09:53 - 2014-12-24 21:11 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_does
2014-12-24 09:53 - 2014-12-24 21:05 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_blame
2014-12-24 09:53 - 2014-12-24 21:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-group
2014-12-24 09:53 - 2014-12-24 20:51 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencespite
2014-12-24 09:53 - 2014-12-24 20:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceassume
2014-12-24 09:53 - 2014-12-24 19:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencewish
2014-12-24 09:53 - 2014-12-24 19:55 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-speed
2014-12-24 09:53 - 2014-12-24 19:48 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_contribute
2014-12-24 09:53 - 2014-12-24 19:41 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencecouple
2014-12-24 09:52 - 2014-12-24 22:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-chain
2014-12-24 09:52 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-panic
2014-12-24 09:52 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-mirror
2014-12-24 09:52 - 2014-12-24 21:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_possess
2014-12-24 09:52 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-conference
2014-12-24 09:52 - 2014-12-24 21:49 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-pour
2014-12-24 09:52 - 2014-12-24 21:48 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencechallenge
2014-12-24 09:52 - 2014-12-24 21:45 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-order
2014-12-24 09:52 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-end
2014-12-24 09:52 - 2014-12-24 21:44 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-collect
2014-12-24 09:52 - 2014-12-24 21:43 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_pitch
2014-12-24 09:52 - 2014-12-24 21:40 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-come
2014-12-24 09:52 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-shoe
2014-12-24 09:52 - 2014-12-24 21:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-approve
2014-12-24 09:52 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audienceconnect
2014-12-24 09:52 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-switch
2014-12-24 09:52 - 2014-12-24 21:31 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-were
2014-12-24 09:52 - 2014-12-24 21:27 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-essay
2014-12-24 09:52 - 2014-12-24 21:07 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-pick
2014-12-24 09:52 - 2014-12-24 21:06 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencefit
2014-12-24 09:52 - 2014-12-24 21:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_warm
2014-12-24 09:52 - 2014-12-24 21:01 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_credit
2014-12-24 09:52 - 2014-12-24 21:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-net
2014-12-24 09:52 - 2014-12-24 20:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-pop
2014-12-24 09:52 - 2014-12-24 20:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-juice
2014-12-24 09:52 - 2014-12-24 20:50 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-mind
2014-12-24 09:52 - 2014-12-24 20:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-display
2014-12-24 09:52 - 2014-12-24 20:37 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencereduce
2014-12-24 09:52 - 2014-12-24 20:31 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencerent
2014-12-24 09:52 - 2014-12-24 20:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceshoot
2014-12-24 09:52 - 2014-12-24 20:01 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_was
2014-12-24 09:52 - 2014-12-24 19:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-bar
2014-12-24 09:52 - 2014-12-24 19:52 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencesmoke
2014-12-24 09:52 - 2014-12-24 19:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_bridge
2014-12-24 09:52 - 2014-12-24 19:42 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-contact
2014-12-24 09:51 - 2014-12-24 22:04 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-phrase
2014-12-24 09:51 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencelisten
2014-12-24 09:51 - 2014-12-24 22:00 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-recognize
2014-12-24 09:51 - 2014-12-24 21:58 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_bath
2014-12-24 09:51 - 2014-12-24 21:56 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencecake
2014-12-24 09:51 - 2014-12-24 21:55 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceagree
2014-12-24 09:51 - 2014-12-24 21:54 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-project
2014-12-24 09:51 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-course
2014-12-24 09:51 - 2014-12-24 21:53 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_track
2014-12-24 09:51 - 2014-12-24 21:51 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_dry
2014-12-24 09:51 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audienceserve
2014-12-24 09:51 - 2014-12-24 21:47 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_imagine
2014-12-24 09:51 - 2014-12-24 21:46 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-reflect
2014-12-24 09:51 - 2014-12-24 21:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencechair
2014-12-24 09:51 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-ought
2014-12-24 09:51 - 2014-12-24 21:34 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencedetail
2014-12-24 09:51 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-knee
2014-12-24 09:51 - 2014-12-24 21:32 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_spread
2014-12-24 09:51 - 2014-12-24 21:23 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencecelebrate
2014-12-24 09:51 - 2014-12-24 21:20 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencereply
2014-12-24 09:51 - 2014-12-24 21:18 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_experienced
2014-12-24 09:51 - 2014-12-24 21:17 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_mortgage
2014-12-24 09:51 - 2014-12-24 21:09 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-gap
2014-12-24 09:51 - 2014-12-24 21:03 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audiencestuff
2014-12-24 09:51 - 2014-12-24 20:45 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-telephone
2014-12-24 09:51 - 2014-12-24 20:35 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audiencepoint
2014-12-24 09:51 - 2014-12-24 20:35 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-iron
2014-12-24 09:51 - 2014-12-24 20:24 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_season
2014-12-24 09:51 - 2014-12-24 19:37 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_gather
2014-12-24 09:50 - 2014-12-24 21:38 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-display
2014-12-24 09:50 - 2014-12-24 21:25 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience-sugar
2014-12-24 09:50 - 2014-12-24 21:24 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-focus
2014-12-24 09:50 - 2014-12-24 20:59 - 00000000 ___HD () C:\Users\*****\AppData\Local\Audience_expand
2014-12-24 09:50 - 2014-12-24 20:30 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience_champion
2014-12-24 09:50 - 2014-12-24 20:03 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Audience-crack
2014-12-22 00:24 - 2014-12-25 08:34 - 00000034 _____ () C:\Windows\VRTDSHxp
2014-12-21 23:12 - 2014-12-21 23:12 - 00000000 ___HD () C:\Users\*****\AppData\Local\Titleshine
2014-12-19 22:08 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-19 22:08 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-19 07:32 - 2014-12-19 07:32 - 00000000 __SHD () C:\Users\*****\AppData\Local\EmieUserList
2014-12-19 07:32 - 2014-12-19 07:32 - 00000000 __SHD () C:\Users\*****\AppData\Local\EmieSiteList
2014-12-19 07:32 - 2014-12-19 07:32 - 00000000 __SHD () C:\Users\*****\AppData\Local\EmieBrowserModeList
2014-12-19 07:27 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-12-19 07:27 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-12-18 18:38 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-12-18 18:38 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-12-18 18:38 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-12-18 18:38 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-12-18 18:38 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-12-18 18:38 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-12-18 18:37 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-18 18:37 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-12-18 18:37 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-12-18 18:37 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-12-18 18:37 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-12-18 18:37 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-12-18 18:37 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-12-18 18:37 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-12-18 18:37 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-12-18 18:37 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-12-18 18:37 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-12-18 18:37 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-12-18 18:37 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-12-18 07:58 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-18 07:58 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-18 06:36 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-12-18 06:36 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-12-18 06:36 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-12-18 06:36 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-18 05:16 - 2014-12-18 05:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-18 05:16 - 2014-12-18 05:16 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-18 05:16 - 2014-12-18 05:16 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-18 05:16 - 2014-12-18 05:16 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-18 05:16 - 2014-12-18 05:16 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-12-18 05:16 - 2014-12-18 05:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-12-18 05:16 - 2014-12-18 05:16 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-18 05:16 - 2014-12-18 05:16 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-18 05:16 - 2014-12-18 05:16 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-12-18 05:16 - 2014-12-18 05:16 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-12-18 05:16 - 2014-12-18 05:16 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-12-18 05:16 - 2014-12-18 05:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-12-18 05:16 - 2014-12-18 05:16 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-18 05:16 - 2014-12-18 05:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-12-18 05:16 - 2014-12-18 05:16 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-18 05:16 - 2014-12-18 05:16 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-12-18 05:16 - 2014-12-18 05:16 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-12-18 05:16 - 2014-12-18 05:16 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-18 05:16 - 2014-12-18 05:16 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-12-18 05:16 - 2014-12-18 05:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-12-18 05:16 - 2014-12-18 05:16 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-18 05:16 - 2014-12-18 05:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-18 05:16 - 2014-12-18 05:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-18 05:16 - 2014-12-18 05:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-18 05:16 - 2014-12-18 05:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-12-18 05:12 - 2014-12-18 05:12 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-12-18 05:08 - 2014-12-18 06:12 - 00011133 _____ () C:\Windows\IE11_main.log
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title-were
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Titletaste
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title-task
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title-shame
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Titlerent
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title-lock
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title-investigate
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title-has
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title-culture
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title-count
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title-conflict
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title-compare
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title-breast
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Titlebone
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title_salary
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title_run
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Title-understand
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Titletree
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Titlestuff
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Title-play
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Title-perform
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Title-passage
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Title-mouth
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Title-carry
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Title-border
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Titleare
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Title_trip
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Title_burn
2014-12-18 04:23 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Title_attend
2014-12-18 04:23 - 2014-12-18 04:23 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title-owe
2014-12-18 04:23 - 2014-12-18 04:23 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title-load
2014-12-18 04:22 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title-arm
2014-12-18 04:22 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Titleshower
2014-12-18 04:22 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Titleletter
2014-12-18 04:22 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Titleestimate
2014-12-18 04:22 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Title_live
2014-12-18 04:22 - 2014-12-18 04:22 - 00000000 ___HD () C:\Users\*****\AppData\Local\Title-establish
2014-12-18 04:03 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Qijii
2014-12-18 04:03 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Puxwcycel
2014-12-18 04:03 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Fsqtfcb
2014-12-18 04:03 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Rewybcupg
2014-12-18 04:03 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Fvbrgatho
2014-12-18 03:55 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-18 03:55 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-18 03:55 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-18 03:55 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-18 03:55 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-18 03:55 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-18 03:55 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-18 03:55 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-18 03:55 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-18 03:55 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-18 03:24 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-12-18 03:24 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-12-18 03:24 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-12-18 03:24 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-12-18 03:24 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-12-18 03:24 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-12-18 03:24 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-12-18 03:24 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-12-17 21:57 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-12-17 21:57 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-12-17 21:57 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-12-17 21:57 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-12-17 21:57 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-12-17 21:57 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-12-17 21:57 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-12-17 21:57 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-12-17 21:57 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-12-17 21:57 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-12-17 21:57 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-12-17 21:57 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-12-17 21:53 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-17 21:53 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-17 21:53 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-17 21:53 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-17 21:53 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-17 21:53 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-17 21:53 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-17 21:53 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-12-17 21:53 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-12-17 21:53 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-12-17 21:53 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-12-17 21:53 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-12-17 21:53 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-12-17 21:53 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-12-17 21:53 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-12-17 21:53 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-12-17 21:53 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-12-17 21:53 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-12-17 21:53 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-12-17 21:52 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-12-17 21:52 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-12-17 21:52 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-12-17 21:52 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-12-17 21:51 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-12-17 21:51 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-12-17 21:51 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-12-17 21:51 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-12-17 21:51 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-12-17 21:51 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-12-17 21:51 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-12-17 21:51 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-12-17 21:51 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-12-17 21:51 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-12-17 21:51 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-12-17 21:51 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-12-17 21:51 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-12-17 21:51 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-17 21:51 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-17 21:51 - 2013-07-09 06:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-12-17 21:51 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-12-17 21:51 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-12-17 21:51 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-12-17 21:50 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-12-17 21:50 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-12-17 21:50 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-12-17 21:50 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-12-17 21:50 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-12-17 21:50 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-12-17 21:50 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-12-17 21:50 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-12-17 21:50 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-12-17 21:50 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-12-17 21:50 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-12-17 21:49 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-12-17 21:49 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-12-17 21:49 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-12-17 21:49 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-12-17 21:49 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-12-17 21:49 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-12-17 21:49 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-12-17 21:49 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-12-17 21:49 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-12-17 21:49 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-12-17 21:49 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-12-17 21:49 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-12-17 21:49 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-12-17 21:49 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-12-17 21:49 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-12-17 21:49 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-12-17 21:49 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-12-17 21:47 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-12-17 21:47 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-12-17 21:47 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-12-17 21:47 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-12-17 21:47 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-12-17 21:47 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-12-17 21:47 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-12-17 21:47 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-12-17 21:47 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-12-17 21:47 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-12-17 21:47 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-12-17 21:47 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-12-17 21:47 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-12-17 21:47 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-12-17 21:47 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-12-17 21:47 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-12-17 21:47 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-12-17 21:47 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-12-17 21:47 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-12-17 21:47 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-12-17 21:47 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-12-17 21:47 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-12-17 21:47 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-12-17 21:47 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-12-17 21:47 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-12-17 21:47 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-12-17 21:47 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-12-17 21:47 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-12-17 21:47 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-12-17 21:47 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-12-17 21:47 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-12-17 21:47 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-12-17 21:47 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-12-17 21:47 - 2012-08-22 19:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-12-17 21:47 - 2012-07-04 21:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-12-17 21:46 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-17 21:46 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-12-17 21:46 - 2014-03-04 10:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-12-17 21:46 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-12-17 21:46 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-12-17 21:46 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-12-17 21:46 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-12-17 21:46 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-12-17 21:46 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-12-17 21:46 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-12-17 21:46 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-12-17 21:46 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-12-17 21:46 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-12-17 21:46 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-12-17 21:46 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-12-17 21:46 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-12-17 21:46 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-12-17 21:46 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-12-17 21:46 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-12-17 21:46 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-12-17 21:46 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-12-17 21:46 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-12-17 21:46 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-12-17 21:46 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-12-17 21:46 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-12-17 21:46 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-12-17 21:46 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-12-17 21:46 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-12-17 21:46 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-12-17 21:46 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2014-12-17 21:46 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-12-17 21:46 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-12-17 21:46 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-12-17 21:46 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-12-17 21:46 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-12-17 21:46 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2014-12-17 21:46 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-12-17 21:46 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-12-17 21:46 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-12-17 21:46 - 2012-10-03 18:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-12-17 21:46 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-12-17 21:46 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-12-17 21:46 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-12-17 21:46 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-12-17 21:46 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-12-17 21:46 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-12-17 21:46 - 2012-10-03 17:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-12-17 21:46 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-12-17 21:46 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-12-17 21:46 - 2012-01-13 08:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-12-17 21:45 - 2012-08-21 22:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-12-17 21:44 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-12-17 21:44 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-12-17 21:44 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-12-17 21:44 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-12-17 21:44 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-12-17 21:44 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-12-17 21:44 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-12-17 21:44 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-12-17 21:44 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-12-17 21:43 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-12-17 21:43 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-12-17 21:43 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-12-17 21:43 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-12-17 21:43 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-12-17 21:43 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-12-17 21:43 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-12-17 21:43 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-12-17 21:43 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-12-17 21:43 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-12-17 21:43 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-12-17 21:43 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-12-17 21:43 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-12-17 21:43 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-12-17 21:43 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-12-17 21:43 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-12-17 21:43 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-12-17 21:43 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-12-17 21:43 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-12-17 21:42 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-17 21:42 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-17 21:42 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-17 21:42 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-12-17 21:42 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-17 21:42 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-17 21:42 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-17 21:42 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-12-17 21:42 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-12-17 21:42 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-12-17 21:42 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-12-17 21:42 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-17 21:42 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-17 21:42 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-17 21:42 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-17 21:42 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-17 21:42 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-12-17 21:42 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-12-17 21:42 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-17 21:42 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-12-17 21:42 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-12-17 21:42 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-12-17 21:42 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-12-17 21:42 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-12-17 21:42 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-12-17 21:42 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-12-17 21:42 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-12-17 21:42 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-12-17 21:42 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-12-17 21:42 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-12-17 21:42 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-12-17 21:42 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-12-17 21:42 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-12-17 21:42 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-12-17 21:41 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-12-17 21:41 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-12-17 21:40 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-17 21:40 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-17 21:40 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-12-17 21:40 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-12-17 21:40 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-17 21:40 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-12-17 21:40 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-12-17 21:40 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-12-17 21:40 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-12-17 21:40 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-12-17 21:40 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-12-17 21:40 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-12-17 21:40 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-12-17 21:40 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-12-17 21:40 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-12-17 21:40 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-12-17 21:40 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-12-17 21:40 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-12-17 21:39 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-12-17 21:39 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-12-17 21:39 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-17 21:39 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-12-17 21:39 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-12-17 21:39 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-12-17 21:39 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-12-17 21:39 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-12-17 21:39 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-12-17 21:39 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-12-17 21:39 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-12-17 21:39 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-12-17 21:39 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-12-17 21:39 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-12-17 21:39 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-12-17 21:39 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-12-17 21:39 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-12-17 21:39 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-12-17 21:39 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-12-17 21:39 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-12-17 21:39 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-12-17 21:39 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-12-17 21:39 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-12-17 21:39 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-12-17 21:39 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-12-17 21:39 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-12-17 21:39 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-12-17 21:39 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-12-17 21:39 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-12-17 21:39 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-12-17 21:39 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-12-17 21:39 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-12-17 21:39 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-12-17 21:39 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-12-17 21:39 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-12-17 21:39 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-12-17 21:38 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-12-17 21:38 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-12-17 21:38 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-12-17 21:38 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-12-17 21:38 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-12-17 21:38 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-12-17 21:38 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-12-17 21:38 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-12-17 21:38 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-12-17 21:37 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-12-17 21:37 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-12-17 21:37 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-12-17 21:10 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Title-amazing
2014-12-17 21:10 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Title-sand
2014-12-17 21:10 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Title-prompt
2014-12-17 21:10 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Title-excuse
2014-12-17 21:10 - 2014-12-30 16:57 - 00000000 ___HD () C:\Users\*****\AppData\Local\Titlediscover
2014-12-17 20:02 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-12-17 20:02 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-12-17 20:02 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-12-17 20:02 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-12-17 20:02 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-12-17 20:02 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-12-17 20:02 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-12-17 20:02 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-12-17 20:02 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-12-17 20:02 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-12-17 20:01 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-12-17 20:01 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-12-17 20:01 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-12-17 20:01 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-12-17 04:38 - 2014-12-17 04:38 - 00000000 ____D () C:\Windows\system32\SPReview
2014-12-17 04:36 - 2014-12-17 04:36 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-12-17 01:33 - 2014-12-19 08:10 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Jyll
2014-12-16 21:18 - 2014-12-16 21:18 - 00000000 ___HD () C:\Users\*****\AppData\Local\Water-ask
2014-12-16 07:11 - 2010-11-05 02:57 - 00048976 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-12-16 07:10 - 2010-11-20 14:39 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2014-12-16 07:10 - 2010-11-20 14:33 - 00299392 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 03860992 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 03650560 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 03027968 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2014-12-16 07:10 - 2010-11-20 14:27 - 03008000 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 02086912 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 01900544 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 01753088 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 01646080 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 01556992 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 01326080 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 00867840 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 00849920 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2014-12-16 07:10 - 2010-11-20 14:27 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2014-12-16 07:10 - 2010-11-20 14:27 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-12-16 07:10 - 2010-11-20 14:26 - 03391488 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-12-16 07:10 - 2010-11-20 14:26 - 03205120 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2014-12-16 07:10 - 2010-11-20 14:26 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-12-16 07:10 - 2010-11-20 14:26 - 01866240 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-12-16 07:10 - 2010-11-20 14:26 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-12-16 07:10 - 2010-11-20 14:26 - 01340416 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2014-12-16 07:10 - 2010-11-20 14:26 - 01244160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2014-12-16 07:10 - 2010-11-20 14:26 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-12-16 07:10 - 2010-11-20 14:26 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
|
|
02.01.2015, 16:12
| #7 |
| | C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert Frst.txt part 4 Code:
ATTFilter 2014-12-16 07:10 - 2010-11-20 14:25 - 03957760 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2014-12-16 07:10 - 2010-11-20 14:25 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-12-16 07:10 - 2010-11-20 14:25 - 01600512 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-12-16 07:10 - 2010-11-20 14:25 - 01504256 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2014-12-16 07:10 - 2010-11-20 14:25 - 00958464 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-12-16 07:10 - 2010-11-20 14:25 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2014-12-16 07:10 - 2010-11-20 14:25 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2014-12-16 07:10 - 2010-11-20 13:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2014-12-16 07:10 - 2010-11-20 13:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2014-12-16 07:10 - 2010-11-20 13:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2014-12-16 07:10 - 2010-11-20 13:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-12-16 07:10 - 2010-11-20 13:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2014-12-16 07:10 - 2010-11-20 13:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-12-16 07:10 - 2010-11-20 13:19 - 01493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2014-12-16 07:10 - 2010-11-20 13:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2014-12-16 07:10 - 2010-11-20 13:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2014-12-16 07:10 - 2010-11-20 13:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-12-16 07:10 - 2010-11-20 13:18 - 01334272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2014-12-16 07:10 - 2010-11-20 12:07 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-12-16 07:10 - 2010-11-20 12:05 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll
2014-12-16 07:10 - 2010-11-20 10:25 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-12-16 07:10 - 2010-11-05 03:20 - 00347904 _____ () C:\Windows\system32\systemsf.ebd
2014-12-16 07:10 - 2010-11-05 02:58 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2014-12-16 07:10 - 2010-11-05 02:57 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-12-16 07:10 - 2010-11-05 02:53 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-12-16 07:10 - 2010-11-05 02:53 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2014-12-16 07:10 - 2010-11-05 02:53 - 00109928 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-12-16 07:10 - 2010-11-05 02:53 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2014-12-16 07:09 - 2010-11-20 14:34 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-12-16 07:09 - 2010-11-20 14:34 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2014-12-16 07:09 - 2010-11-20 14:34 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2014-12-16 07:09 - 2010-11-20 14:33 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2014-12-16 07:09 - 2010-11-20 14:33 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-12-16 07:09 - 2010-11-20 14:33 - 00263040 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-12-16 07:09 - 2010-11-20 14:33 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-12-16 07:09 - 2010-11-20 14:33 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys
2014-12-16 07:09 - 2010-11-20 14:33 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys
2014-12-16 07:09 - 2010-11-20 14:33 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2014-12-16 07:09 - 2010-11-20 14:32 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-12-16 07:09 - 2010-11-20 14:29 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-12-16 07:09 - 2010-11-20 14:28 - 00780008 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-12-16 07:09 - 2010-11-20 14:28 - 00298104 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 02652160 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 02543616 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 02262528 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 02072576 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 01808384 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 01509888 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 01363968 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 01281024 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 01243136 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2014-12-16 07:09 - 2010-11-20 14:27 - 01158656 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 01098240 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 01082880 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 01050624 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 01008128 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00605696 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00582656 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00481280 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00418816 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL
2014-12-16 07:09 - 2010-11-20 14:27 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2014-12-16 07:09 - 2010-11-20 14:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\samcli.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-12-16 07:09 - 2010-11-20 14:27 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 01457664 _____ (Microsoft Corporation) C:\Windows\system32\DxpTaskSync.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00934912 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2014-12-16 07:09 - 2010-11-20 14:26 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00317952 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00281600 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2014-12-16 07:09 - 2010-11-20 14:26 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2014-12-16 07:09 - 2010-11-20 14:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2014-12-16 07:09 - 2010-11-20 14:25 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2014-12-16 07:09 - 2010-11-20 14:25 - 00897536 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2014-12-16 07:09 - 2010-11-20 14:25 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-12-16 07:09 - 2010-11-20 14:25 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-12-16 07:09 - 2010-11-20 14:25 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-12-16 07:09 - 2010-11-20 14:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll
2014-12-16 07:09 - 2010-11-20 14:25 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-12-16 07:09 - 2010-11-20 14:25 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2014-12-16 07:09 - 2010-11-20 14:25 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-12-16 07:09 - 2010-11-20 14:25 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-12-16 07:09 - 2010-11-20 14:25 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-12-16 07:09 - 2010-11-20 14:25 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-12-16 07:09 - 2010-11-20 14:25 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2014-12-16 07:09 - 2010-11-20 14:25 - 00128000 _____ (Microsoft) C:\Windows\system32\Robocopy.exe
2014-12-16 07:09 - 2010-11-20 14:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2014-12-16 07:09 - 2010-11-20 14:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe
2014-12-16 07:09 - 2010-11-20 14:24 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2014-12-16 07:09 - 2010-11-20 14:24 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2014-12-16 07:09 - 2010-11-20 14:24 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-12-16 07:09 - 2010-11-20 14:24 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2014-12-16 07:09 - 2010-11-20 14:24 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2014-12-16 07:09 - 2010-11-20 14:24 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe
2014-12-16 07:09 - 2010-11-20 14:24 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2014-12-16 07:09 - 2010-11-20 14:24 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
2014-12-16 07:09 - 2010-11-20 13:23 - 00144768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 02983424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlsrv32.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00352256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00335872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00246272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scansetting.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-12-16 07:09 - 2010-11-20 13:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2014-12-16 07:09 - 2010-11-20 13:20 - 02504192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2014-12-16 07:09 - 2010-11-20 13:20 - 02494464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2014-12-16 07:09 - 2010-11-20 13:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-12-16 07:09 - 2010-11-20 13:20 - 00932352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-12-16 07:09 - 2010-11-20 13:20 - 00801280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2014-12-16 07:09 - 2010-11-20 13:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2014-12-16 07:09 - 2010-11-20 13:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2014-12-16 07:09 - 2010-11-20 13:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2014-12-16 07:09 - 2010-11-20 13:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-12-16 07:09 - 2010-11-20 13:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2014-12-16 07:09 - 2010-11-20 13:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prncache.dll
2014-12-16 07:09 - 2010-11-20 13:19 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2014-12-16 07:09 - 2010-11-20 13:19 - 02151936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2014-12-16 07:09 - 2010-11-20 13:19 - 00732160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll
2014-12-16 07:09 - 2010-11-20 13:19 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-12-16 07:09 - 2010-11-20 13:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2014-12-16 07:09 - 2010-11-20 13:19 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2014-12-16 07:09 - 2010-11-20 13:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-12-16 07:09 - 2010-11-20 13:19 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-12-16 07:09 - 2010-11-20 13:18 - 02522624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2014-12-16 07:09 - 2010-11-20 13:18 - 01555456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certmgr.dll
2014-12-16 07:09 - 2010-11-20 13:18 - 01371136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-12-16 07:09 - 2010-11-20 13:18 - 00854016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2014-12-16 07:09 - 2010-11-20 13:18 - 00762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroles.dll
2014-12-16 07:09 - 2010-11-20 13:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-12-16 07:09 - 2010-11-20 13:18 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-12-16 07:09 - 2010-11-20 13:18 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-12-16 07:09 - 2010-11-20 13:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-12-16 07:09 - 2010-11-20 13:18 - 00252928 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2014-12-16 07:09 - 2010-11-20 13:18 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2014-12-16 07:09 - 2010-11-20 13:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
2014-12-16 07:09 - 2010-11-20 13:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2014-12-16 07:09 - 2010-11-20 13:17 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2014-12-16 07:09 - 2010-11-20 13:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\net1.exe
2014-12-16 07:09 - 2010-11-20 13:16 - 00776192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2014-12-16 07:09 - 2010-11-20 13:08 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-12-16 07:09 - 2010-11-20 11:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2014-12-16 07:09 - 2010-11-20 11:52 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2014-12-16 07:09 - 2010-11-20 11:52 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys
2014-12-16 07:09 - 2010-11-20 11:44 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys
2014-12-16 07:09 - 2010-11-20 10:27 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-12-16 07:09 - 2010-11-20 10:26 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2014-12-16 07:09 - 2010-11-20 10:23 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2014-12-16 07:09 - 2010-11-05 02:58 - 00049488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2014-12-16 07:09 - 2009-07-14 02:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpmonui.dll
2014-12-16 07:08 - 2010-11-20 14:44 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2014-12-16 07:08 - 2010-11-20 14:44 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL
2014-12-16 07:08 - 2010-11-20 14:34 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2014-12-16 07:08 - 2010-11-20 14:33 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2014-12-16 07:08 - 2010-11-20 14:33 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys
2014-12-16 07:08 - 2010-11-20 14:33 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys
2014-12-16 07:08 - 2010-11-20 14:33 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys
2014-12-16 07:08 - 2010-11-20 14:33 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-12-16 07:08 - 2010-11-20 14:33 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2014-12-16 07:08 - 2010-11-20 14:33 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2014-12-16 07:08 - 2010-11-20 14:32 - 02217856 _____ (Microsoft Corporation) C:\Windows\system32\bootres.dll
2014-12-16 07:08 - 2010-11-20 14:32 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-12-16 07:08 - 2010-11-20 14:28 - 00166784 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 02250752 _____ (Microsoft Corporation) C:\Windows\system32\SensorsCpl.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 02193920 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 02146816 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00898560 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00812032 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00781312 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\sdcpl.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00633344 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00300032 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
2014-12-16 07:08 - 2010-11-20 14:27 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\OnLineIDCpl.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\netjoin.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\recovery.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL
2014-12-16 07:08 - 2010-11-20 14:27 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountControlSettings.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\rdpd3d.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\RpcRtRemote.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\vpnikeapi.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\sisbkup.dll
2014-12-16 07:08 - 2010-11-20 14:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 01066496 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\iTVData.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\defaultlocationcpl.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00116224 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\fms.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2014-12-16 07:08 - 2010-11-20 14:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 03745792 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 03524608 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-12-16 07:08 - 2010-11-20 14:25 - 01264640 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2014-12-16 07:08 - 2010-11-20 14:25 - 01065984 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00749568 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2014-12-16 07:08 - 2010-11-20 14:25 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2014-12-16 07:08 - 2010-11-20 14:25 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe
2014-12-16 07:08 - 2010-11-20 14:25 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
2014-12-16 07:08 - 2010-11-20 14:25 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2014-12-16 07:08 - 2010-11-20 14:25 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\cca.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
2014-12-16 07:08 - 2010-11-20 14:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\tzutil.exe
2014-12-16 07:08 - 2010-11-20 14:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
2014-12-16 07:08 - 2010-11-20 14:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\proquota.exe
2014-12-16 07:08 - 2010-11-20 14:25 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe
2014-12-16 07:08 - 2010-11-20 14:24 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2014-12-16 07:08 - 2010-11-20 14:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2014-12-16 07:08 - 2010-11-20 14:24 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2014-12-16 07:08 - 2010-11-20 14:24 - 00763904 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2014-12-16 07:08 - 2010-11-20 14:24 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2014-12-16 07:08 - 2010-11-20 14:24 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2014-12-16 07:08 - 2010-11-20 14:24 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl
2014-12-16 07:08 - 2010-11-20 14:24 - 00474112 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2014-12-16 07:08 - 2010-11-20 14:24 - 00373248 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2014-12-16 07:08 - 2010-11-20 14:24 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2014-12-16 07:08 - 2010-11-20 14:24 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl
2014-12-16 07:08 - 2010-11-20 14:24 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2014-12-16 07:08 - 2010-11-20 14:24 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr
2014-12-16 07:08 - 2010-11-20 14:24 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2014-12-16 07:08 - 2010-11-20 14:24 - 00300032 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe
2014-12-16 07:08 - 2010-11-20 14:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2014-12-16 07:08 - 2010-11-20 14:24 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2014-12-16 07:08 - 2010-11-20 14:24 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2014-12-16 07:08 - 2010-11-20 14:24 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2014-12-16 07:08 - 2010-11-20 14:24 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-12-16 07:08 - 2010-11-20 14:24 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2014-12-16 07:08 - 2010-11-20 14:24 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-12-16 07:08 - 2010-11-20 14:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax
2014-12-16 07:08 - 2010-11-20 14:24 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\isoburn.exe
2014-12-16 07:08 - 2010-11-20 14:24 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax
2014-12-16 07:08 - 2010-11-20 13:36 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPHLPR.DLL
2014-12-16 07:08 - 2010-11-20 13:21 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 02202624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsCpl.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 02157568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 02146304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 01624064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPEncEn.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 01326592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanpref.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 01227776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 01003008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00933376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vault.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00755200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00638976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00600064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shwebsvc.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00416768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadefui.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\termmgr.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syncui.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regapi.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samcli.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcRtRemote.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2014-12-16 07:08 - 2010-11-20 13:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sisbkup.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 02130944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkmap.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 01750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pnidui.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 01644032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 01508864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00859648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00600576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PerfCenterCPL.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercpl.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnfldr.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netdiagfx.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OnLineIDCpl.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\onex.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QAGENT.DLL
2014-12-16 07:08 - 2010-11-20 13:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netjoin.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prntvpt.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nci.dll
2014-12-16 07:08 - 2010-11-20 13:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallControlPanel.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2014-12-16 07:08 - 2010-11-20 13:19 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localsec.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxclu.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MediaMetadataHandler.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAC3ENC.DLL
2014-12-16 07:08 - 2010-11-20 13:19 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msutb.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fde.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2014-12-16 07:08 - 2010-11-20 13:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mimefilt.dll
2014-12-16 07:08 - 2010-11-20 13:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 03727872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\accessibilitycpl.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DxpTaskSync.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 01040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 01003520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00744448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00743424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00537600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00222208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\defaultlocationcpl.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\activeds.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dskquoui.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsldp.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoplay.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscmmc.dll
2014-12-16 07:08 - 2010-11-20 13:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3cfg.dll
2014-12-16 07:08 - 2010-11-20 13:17 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-12-16 07:08 - 2010-11-20 13:17 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-12-16 07:08 - 2010-11-20 13:17 - 00303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2014-12-16 07:08 - 2010-11-20 13:17 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eudcedit.exe
2014-12-16 07:08 - 2010-11-20 13:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sethc.exe
2014-12-16 07:08 - 2010-11-20 13:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskmgr.exe
2014-12-16 07:08 - 2010-11-20 13:17 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2014-12-16 07:08 - 2010-11-20 13:17 - 00098816 _____ (Microsoft) C:\Windows\SysWOW64\Robocopy.exe
2014-12-16 07:08 - 2010-11-20 13:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2014-12-16 07:08 - 2010-11-20 13:17 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2014-12-16 07:08 - 2010-11-20 13:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\proquota.exe
2014-12-16 07:08 - 2010-11-20 13:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userinit.exe
2014-12-16 07:08 - 2010-11-20 13:16 - 00905216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2014-12-16 07:08 - 2010-11-20 13:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2014-12-16 07:08 - 2010-11-20 13:16 - 00679424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2014-12-16 07:08 - 2010-11-20 13:16 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2014-12-16 07:08 - 2010-11-20 13:16 - 00658944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2014-12-16 07:08 - 2010-11-20 13:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2014-12-16 07:08 - 2010-11-20 13:16 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\main.cpl
2014-12-16 07:08 - 2010-11-20 13:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2014-12-16 07:08 - 2010-11-20 13:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2014-12-16 07:08 - 2010-11-20 13:16 - 00345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2014-12-16 07:08 - 2010-11-20 13:16 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysdm.cpl
2014-12-16 07:08 - 2010-11-20 13:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-12-16 07:08 - 2010-11-20 13:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2014-12-16 07:08 - 2010-11-20 13:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSTPager.ax
2014-12-16 07:08 - 2010-11-20 12:04 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-12-16 07:08 - 2010-11-20 11:52 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys
2014-12-16 07:08 - 2010-11-20 11:52 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2014-12-16 07:08 - 2010-11-20 11:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2014-12-16 07:08 - 2010-11-20 11:43 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
2014-12-16 07:08 - 2010-11-20 11:33 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-12-16 07:08 - 2010-11-05 03:11 - 00433512 _____ (Microsoft Corporation) C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2014-12-16 07:08 - 2010-11-05 03:11 - 00312168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCEWMDRMNDBootstrap.dll
2014-12-16 07:07 - 2010-11-20 14:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
2014-12-16 07:07 - 2010-11-20 14:27 - 01911808 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 01672704 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2014-12-16 07:07 - 2010-11-20 14:27 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\onexui.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2014-12-16 07:07 - 2010-11-20 14:27 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2014-12-16 07:07 - 2010-11-20 14:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00527872 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceSyncProvider.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\wiavideo.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2014-12-16 07:07 - 2010-11-20 14:27 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL
2014-12-16 07:07 - 2010-11-20 14:27 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\unimdmat.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\PrintIsolationProxy.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\wdiasqmmodule.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\netutils.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\schedcli.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\rdprefdrvapi.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TRAPI.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wshirda.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-12-16 07:07 - 2010-11-20 14:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-12-16 07:07 - 2010-11-20 14:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL
2014-12-16 07:07 - 2010-11-20 14:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\FXSMON.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\mciqtz32.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll
2014-12-16 07:07 - 2010-11-20 14:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\elsTrans.dll
2014-12-16 07:07 - 2010-11-20 14:25 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-12-16 07:07 - 2010-11-20 14:25 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2014-12-16 07:07 - 2010-11-20 14:25 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2014-12-16 07:07 - 2010-11-20 14:25 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2014-12-16 07:07 - 2010-11-20 14:25 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2014-12-16 07:07 - 2010-11-20 14:25 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2014-12-16 07:07 - 2010-11-20 14:25 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2014-12-16 07:07 - 2010-11-20 14:25 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll
2014-12-16 07:07 - 2010-11-20 14:25 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll
2014-12-16 07:07 - 2010-11-20 14:25 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe
2014-12-16 07:07 - 2010-11-20 14:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\CertPolEng.dll
2014-12-16 07:07 - 2010-11-20 14:25 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe
2014-12-16 07:07 - 2010-11-20 14:25 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2014-12-16 07:07 - 2010-11-20 14:25 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe
2014-12-16 07:07 - 2010-11-20 14:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\repair-bde.exe
2014-12-16 07:07 - 2010-11-20 14:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe
2014-12-16 07:07 - 2010-11-20 14:25 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2014-12-16 07:07 - 2010-11-20 14:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2014-12-16 07:07 - 2010-11-20 14:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll
2014-12-16 07:07 - 2010-11-20 14:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2014-12-16 07:07 - 2010-11-20 14:25 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2014-12-16 07:07 - 2010-11-20 14:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\bitsperf.dll
2014-12-16 07:07 - 2010-11-20 14:25 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\BWUnpairElevated.dll
2014-12-16 07:07 - 2010-11-20 14:25 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2014-12-16 07:07 - 2010-11-20 14:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL
2014-12-16 07:07 - 2010-11-20 14:25 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00899584 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr
2014-12-16 07:07 - 2010-11-20 14:24 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl
2014-12-16 07:07 - 2010-11-20 14:24 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr
2014-12-16 07:07 - 2010-11-20 14:24 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr
2014-12-16 07:07 - 2010-11-20 14:24 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2014-12-16 07:07 - 2010-11-20 14:24 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl
2014-12-16 07:07 - 2010-11-20 14:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax
2014-12-16 07:07 - 2010-11-20 14:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00071168 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\djoin.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax
2014-12-16 07:07 - 2010-11-20 14:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax
2014-12-16 07:07 - 2010-11-20 14:24 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\choice.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\FXSUNATD.exe
2014-12-16 07:07 - 2010-11-20 14:24 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2014-12-16 07:07 - 2010-11-20 14:15 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2014-12-16 07:07 - 2010-11-20 14:13 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll
2014-12-16 07:07 - 2010-11-20 14:02 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2014-12-16 07:07 - 2010-11-20 14:02 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2014-12-16 07:07 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUF.DLL
2014-12-16 07:07 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDSF.DLL
2014-12-16 07:07 - 2010-11-20 13:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
2014-12-16 07:07 - 2010-11-20 13:36 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPCRYPT.DLL
2014-12-16 07:07 - 2010-11-20 13:21 - 00902656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2014-12-16 07:07 - 2010-11-20 13:21 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2014-12-16 07:07 - 2010-11-20 13:21 - 00616960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2014-12-16 07:07 - 2010-11-20 13:21 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmnet.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlcese30.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wavemsp.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdwcn.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpsrcwp.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vdsbas.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remotepg.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twext.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpps.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiavideo.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppinst.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QUTIL.DLL
2014-12-16 07:07 - 2010-11-20 13:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountControlSettings.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdmat.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vfwwdm32.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpd3d.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wtsapi32.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimgvw.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\utildll.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vpnikeapi.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TRAPI.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdprefdrvapi.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shgina.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schedcli.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syssetup.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshirda.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shunimpl.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched32.dll
2014-12-16 07:07 - 2010-11-20 13:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-12-16 07:07 - 2010-11-20 13:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 01661440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkexplorer.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\onexui.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceStatus.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshipsec.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdv.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00190976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qcap.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceSyncProvider.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mydocs.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2014-12-16 07:07 - 2010-11-20 13:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olethk32.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QCLIPROV.DLL
2014-12-16 07:07 - 2010-11-20 13:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\napdsnap.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptui.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netutils.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfts.dll
2014-12-16 07:07 - 2010-11-20 13:20 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00592384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iTVData.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstask.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvfw32.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fphc.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\SysWOW64\fms.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00082944 _____ (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetmib1.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\luainstall.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciqtz32.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\httpapi.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdmo.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lsmproxy.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2014-12-16 07:07 - 2010-11-20 13:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00685056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsuiext.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodev.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairingFolder.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EhStorAPI.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabinet.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\amstream.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cca.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertPolEng.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsauth.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzSqlExt.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elsTrans.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bitsperf.dll
2014-12-16 07:07 - 2010-11-20 13:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_ISCII.DLL
2014-12-16 07:07 - 2010-11-20 13:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browseui.dll
2014-12-16 07:07 - 2010-11-20 13:17 - 00586752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimserv.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00276480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskraid.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetup.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsicli.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mobsync.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nslookup.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\isoburn.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmstp.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MuiUnattend.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findstr.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\takeown.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzutil.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unlodctr.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiougc.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2014-12-16 07:07 - 2010-11-20 13:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2014-12-16 07:07 - 2010-11-20 13:16 - 00878592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Bubbles.scr
2014-12-16 07:07 - 2010-11-20 13:16 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssText3d.scr
2014-12-16 07:07 - 2010-11-20 13:16 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2014-12-16 07:07 - 2010-11-20 13:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mystify.scr
2014-12-16 07:07 - 2010-11-20 13:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Ribbons.scr
2014-12-16 07:07 - 2010-11-20 13:16 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bitsadmin.exe
2014-12-16 07:07 - 2010-11-20 13:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
2014-12-16 07:07 - 2010-11-20 13:16 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2014-12-16 07:07 - 2010-11-20 13:16 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-12-16 07:07 - 2010-11-20 13:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\desk.cpl
2014-12-16 07:07 - 2010-11-20 13:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Kswdmcap.ax
2014-12-16 07:07 - 2010-11-20 13:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kstvtune.ax
2014-12-16 07:07 - 2010-11-20 13:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksxbar.ax
2014-12-16 07:07 - 2010-11-20 13:16 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\g711codc.ax
2014-12-16 07:07 - 2010-11-20 13:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbisurf.ax
2014-12-16 07:07 - 2010-11-20 13:08 - 00119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2014-12-16 07:07 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUF.DLL
2014-12-16 07:07 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDSG.DLL
2014-12-16 07:07 - 2010-11-20 13:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2014-12-16 07:07 - 2010-11-20 13:00 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2014-12-16 07:07 - 2010-11-20 13:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2014-12-16 07:07 - 2010-11-20 12:37 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys
2014-12-16 07:07 - 2010-11-20 11:52 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2014-12-16 07:07 - 2010-11-20 11:51 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2014-12-16 07:07 - 2010-11-20 11:50 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
2014-12-16 07:07 - 2010-11-20 11:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2014-12-16 07:07 - 2010-11-20 11:44 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2014-12-16 07:07 - 2010-11-20 11:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys
2014-12-16 07:07 - 2010-11-20 11:44 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2014-12-16 07:07 - 2010-11-20 11:43 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-12-16 07:07 - 2010-11-20 11:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-12-16 07:07 - 2010-11-20 11:34 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2014-12-16 07:07 - 2010-11-20 11:33 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys
2014-12-16 07:07 - 2010-11-20 11:33 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2014-12-16 07:07 - 2010-11-20 11:14 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-12-16 07:07 - 2010-11-20 11:09 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2014-12-16 07:07 - 2010-11-20 11:04 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-12-16 07:07 - 2010-11-20 10:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys
2014-12-16 07:07 - 2010-11-20 10:26 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-12-16 07:07 - 2010-11-20 10:22 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys
2014-12-16 07:07 - 2010-11-20 10:19 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2014-12-16 07:07 - 2010-11-10 02:48 - 00010429 _____ () C:\Windows\system32\ScavengeSpace.xml
2014-12-16 07:06 - 2010-11-20 14:14 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
2014-12-16 07:06 - 2010-11-20 14:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2014-12-16 07:06 - 2010-11-20 14:12 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\pifmgr.dll
2014-12-16 07:06 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUQ.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDSG.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\kbdlk41a.dll
2014-12-16 07:06 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDGKL.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDCZ1.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDPO.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDNEPR.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTAM.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDINBEN.DLL
|
|
02.01.2015, 16:24
| #8 |
| | C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert frst.log part 5 Code:
ATTFilter 2014-12-16 07:06 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDGR1.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDUS.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDUGHR1.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTURME.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAJIK.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDMON.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDMAORI.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDLT1.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTEL.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINORI.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINMAR.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINKAN.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINHIN.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBULG.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBLR.DLL
2014-12-16 07:06 - 2010-11-20 14:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGEO.DLL
2014-12-16 07:06 - 2010-11-20 13:54 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\BlbEvents.dll
2014-12-16 07:06 - 2010-11-20 13:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdscore.dll
2014-12-16 07:06 - 2010-11-20 13:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2014-12-16 07:06 - 2010-11-20 13:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
2014-12-16 07:06 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUQ.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdlk41a.dll
2014-12-16 07:06 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGR1.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGKL.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDCZ1.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDSF.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDPO.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDNEPR.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTAM.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINORI.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINMAR.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINKAN.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINHIN.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINBEN.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDUS.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDUGHR1.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTURME.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAJIK.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDMON.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDMAORI.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDLT1.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTEL.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGEO.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBULG.DLL
2014-12-16 07:06 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBLR.DLL
2014-12-16 07:06 - 2010-11-20 13:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizres.dll
2014-12-16 07:06 - 2010-11-20 13:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2014-12-16 07:06 - 2010-11-20 13:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pifmgr.dll
2014-12-16 07:06 - 2010-11-05 03:20 - 00105559 _____ () C:\Windows\SysWOW64\RacRules.xml
2014-12-16 07:06 - 2010-11-05 03:20 - 00105559 _____ () C:\Windows\system32\RacRules.xml
2014-12-16 07:06 - 2009-06-10 22:39 - 00001041 _____ () C:\Windows\SysWOW64\tcpbidi.xml
2014-12-16 07:05 - 2010-11-20 13:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemcomn.dll
2014-12-16 07:05 - 2010-11-20 13:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2014-12-16 07:05 - 2010-11-20 13:18 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpx.dll
2014-12-16 06:59 - 2010-11-20 14:27 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2014-12-16 06:59 - 2010-11-20 14:27 - 00529408 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll
2014-12-16 06:59 - 2010-11-20 14:27 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-12-16 06:59 - 2010-11-20 14:27 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2014-12-16 06:59 - 2010-11-20 14:25 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2014-12-16 06:57 - 2010-11-20 14:26 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2014-12-16 06:57 - 2010-11-20 14:26 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
2014-12-16 02:46 - 2014-12-17 01:33 - 00000000 ___HD () C:\Users\*****\AppData\Local\Vqmaa
2014-12-16 02:17 - 2014-12-17 19:50 - 00000000 ___HD () C:\Users\*****\AppData\Roaming\Courage-push
2014-12-16 00:24 - 2014-12-17 10:42 - 00000000 ___HD () C:\Users\*****\AppData\Local\Poettrade
2014-12-15 22:31 - 2014-12-15 22:33 - 00000000 ____D () C:\ProgramData\utcsvbl
2014-12-13 10:27 - 2014-12-13 10:27 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 20:28 - 2014-12-10 23:29 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-10 00:09 - 2014-12-02 00:21 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 11:51 - 2014-12-09 11:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-05 16:49 - 2014-12-05 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-03 18:55 - 2014-12-03 18:55 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-01 16:44 - 2011-01-13 11:49 - 00000000 ____D () C:\Users\*****
2015-01-01 16:43 - 2010-11-25 20:18 - 01839809 _____ () C:\Windows\WindowsUpdate.log
2015-01-01 16:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-01 16:38 - 2009-07-14 05:51 - 00168798 _____ () C:\Windows\setupact.log
2015-01-01 13:57 - 2009-07-14 05:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-01 13:57 - 2009-07-14 05:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-01 13:12 - 2013-10-03 14:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-01 12:02 - 2013-11-24 19:06 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4BA75586-E7E1-455F-9EEF-BB1716950D53}
2015-01-01 08:54 - 2010-11-25 20:15 - 00281280 _____ () C:\Windows\PFRO.log
2014-12-31 17:57 - 2013-07-30 21:07 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-31 17:57 - 2010-09-08 03:19 - 00000000 ____D () C:\ProgramData\EgisTec IPS
2014-12-31 17:57 - 2010-09-08 03:14 - 00000000 ____D () C:\ProgramData\Acer
2014-12-31 17:57 - 2009-07-14 08:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-31 17:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-12-30 18:36 - 2013-07-30 21:07 - 00000000 ____D () C:\ProgramData\Avira
2014-12-30 18:33 - 2011-01-13 16:12 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe
2014-12-30 17:56 - 2014-10-20 05:41 - 00000000 ____D () C:\Users\*****\AppData\Local\TomTom
2014-12-30 16:59 - 2010-09-08 03:20 - 00000000 ____D () C:\Windows\OEMTemp
2014-12-30 16:57 - 2014-01-17 18:20 - 00000000 ____D () C:\Users\*****\Documents\*****
2014-12-25 08:40 - 2010-11-26 05:10 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-12-25 08:40 - 2010-11-26 05:10 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-12-25 08:40 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-24 22:05 - 2011-01-14 15:32 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Skype
2014-12-24 21:52 - 2014-04-11 20:29 - 00039936 ___SH () C:\Users\*****\Thumbs.db
2014-12-24 21:37 - 2014-03-04 23:21 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-24 21:37 - 2011-01-14 15:32 - 00000000 ____D () C:\ProgramData\Skype
2014-12-22 22:09 - 2011-01-13 11:51 - 00000000 ____D () C:\Users\*****\AppData\Local\VirtualStore
2014-12-20 15:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-20 05:49 - 2009-07-14 05:45 - 00342592 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-19 07:39 - 2013-05-18 23:08 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-12-18 07:29 - 2011-01-13 11:52 - 00001421 _____ () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-18 07:15 - 2014-07-11 06:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-18 07:15 - 2009-07-14 08:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-18 07:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-12-18 07:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-12-18 07:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-12-18 07:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-12-18 07:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-18 07:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-18 07:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-18 07:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-12-18 07:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-12-17 10:13 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-12-17 10:01 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-12-17 10:01 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-12-17 10:01 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-12-17 10:01 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-12-17 10:01 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-12-17 10:01 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-12-17 10:01 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-12-17 10:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2014-12-17 10:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-17 10:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-12-17 10:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-12-17 10:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-12-17 10:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-12-17 10:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-12-17 10:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-12-17 09:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-12-17 09:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-12-17 09:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-12-17 09:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-12-17 09:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-12-17 09:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-12-17 05:02 - 2009-07-14 03:36 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2014-12-17 05:01 - 2009-07-14 03:36 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2014-12-13 12:20 - 2013-10-03 14:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-13 10:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 12:27 - 2011-01-13 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 13:54 - 2013-12-29 21:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 13:54 - 2012-11-04 17:46 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-11 13:54 - 2012-03-26 18:10 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-08 20:10 - 2012-05-09 17:29 - 00000000 ____D () C:\Users\*****\Handy
Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\AskSLib.dll
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\COMAP.EXE
C:\Users\*****\AppData\Local\Temp\MSN209.exe
C:\Users\*****\AppData\Local\Temp\Quarantine.exe
C:\Users\*****\AppData\Local\Temp\SkypeSetup.exe
C:\Users\*****\AppData\Local\Temp\SpOrder.dll
C:\Users\*****\AppData\Local\Temp\sqlite3.dll
C:\Users\*****\AppData\Local\Temp\uninst1.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-30 21:56
==================== End Of Log ============================
Außerdem hat Avast diverse Dinge gefunden, ich finde allerdings keinen gescheiten log davon. Er zeigt mir: Win32: Maleware-gen, Win32: Dropper-gen[Drp] an. Liebe Grüße und vielen Dank, Mathias Geändert von Paenkie (02.01.2015 um 16:30 Uhr) |
|
02.01.2015, 18:04
| #9 |
| /// the machine /// TB-Ausbilder | C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.01.2015, 22:30
| #10 |
| | C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert Hallo Schrauber, hier nun die beiden neuen logs: mbar.log Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org
Database version: v2015.01.02.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Kerstin :: KERSTIN-PC [administrator]
02.01.2015 21:13:28
mbar-log-2015-01-02 (21-13-28).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 368852
Time elapsed: 32 minute(s), 7 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 21:57:20.0842 0x0c7c TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
21:57:25.0952 0x0c7c ============================================================
21:57:25.0953 0x0c7c Current date / time: 2015/01/02 21:57:25.0952
21:57:25.0953 0x0c7c SystemInfo:
21:57:25.0953 0x0c7c
21:57:25.0953 0x0c7c OS Version: 6.1.7601 ServicePack: 1.0
21:57:25.0953 0x0c7c Product type: Workstation
21:57:25.0953 0x0c7c ComputerName: *****-PC
21:57:25.0953 0x0c7c UserName: *****
21:57:25.0953 0x0c7c Windows directory: C:\Windows
21:57:25.0953 0x0c7c System windows directory: C:\Windows
21:57:25.0953 0x0c7c Running under WOW64
21:57:25.0953 0x0c7c Processor architecture: Intel x64
21:57:25.0953 0x0c7c Number of processors: 4
21:57:25.0953 0x0c7c Page size: 0x1000
21:57:25.0953 0x0c7c Boot type: Normal boot
21:57:25.0953 0x0c7c ============================================================
21:57:26.0385 0x0c7c KLMD registered as C:\Windows\system32\drivers\43990910.sys
21:57:26.0998 0x0c7c System UUID: {604D0E78-24CB-04A7-CFCE-9554F14D1DA1}
21:57:28.0178 0x0c7c Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:57:28.0187 0x0c7c ============================================================
21:57:28.0187 0x0c7c \Device\Harddisk0\DR0:
21:57:28.0188 0x0c7c MBR partitions:
21:57:28.0188 0x0c7c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
21:57:28.0188 0x0c7c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x237FB800
21:57:28.0188 0x0c7c ============================================================
21:57:28.0212 0x0c7c C: <-> \Device\Harddisk0\DR0\Partition2
21:57:28.0212 0x0c7c ============================================================
21:57:28.0212 0x0c7c Initialize success
21:57:28.0212 0x0c7c ============================================================
22:00:10.0927 0x0dd8 ============================================================
22:00:10.0927 0x0dd8 Scan started
22:00:10.0927 0x0dd8 Mode: Manual; SigCheck; TDLFS;
22:00:10.0927 0x0dd8 ============================================================
22:00:10.0927 0x0dd8 KSN ping started
22:00:13.0927 0x0dd8 KSN ping finished: true
22:00:15.0827 0x0dd8 ================ Scan system memory ========================
22:00:15.0827 0x0dd8 System memory - ok
22:00:15.0827 0x0dd8 ================ Scan services =============================
22:00:16.0107 0x0dd8 [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:00:16.0237 0x0dd8 !SASCORE - ok
22:00:16.0777 0x0dd8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:00:16.0937 0x0dd8 1394ohci - ok
22:00:16.0997 0x0dd8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:00:17.0057 0x0dd8 ACPI - ok
22:00:17.0107 0x0dd8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:00:17.0217 0x0dd8 AcpiPmi - ok
22:00:17.0387 0x0dd8 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:00:17.0427 0x0dd8 AdobeARMservice - ok
22:00:17.0627 0x0dd8 [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:00:17.0717 0x0dd8 AdobeFlashPlayerUpdateSvc - ok
22:00:17.0807 0x0dd8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:00:17.0937 0x0dd8 adp94xx - ok
22:00:17.0987 0x0dd8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:00:18.0057 0x0dd8 adpahci - ok
22:00:18.0077 0x0dd8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:00:18.0137 0x0dd8 adpu320 - ok
22:00:18.0177 0x0dd8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:00:18.0397 0x0dd8 AeLookupSvc - ok
22:00:18.0527 0x0dd8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
22:00:18.0747 0x0dd8 AFD - ok
22:00:18.0827 0x0dd8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
22:00:18.0877 0x0dd8 agp440 - ok
22:00:18.0897 0x0dd8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
22:00:19.0017 0x0dd8 ALG - ok
22:00:19.0097 0x0dd8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
22:00:19.0157 0x0dd8 aliide - ok
22:00:19.0207 0x0dd8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
22:00:19.0297 0x0dd8 amdide - ok
22:00:19.0347 0x0dd8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:00:19.0447 0x0dd8 AmdK8 - ok
22:00:19.0477 0x0dd8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:00:19.0567 0x0dd8 AmdPPM - ok
22:00:19.0627 0x0dd8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:00:19.0727 0x0dd8 amdsata - ok
22:00:19.0767 0x0dd8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:00:19.0857 0x0dd8 amdsbs - ok
22:00:19.0907 0x0dd8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:00:19.0957 0x0dd8 amdxata - ok
22:00:20.0027 0x0dd8 [ 391887990CDAA83DE5C56C3FDE966DA1, BC55E21E03B3FE7BBDBB13D56AADB8FBA74F58521AC73B105AD9788E7AE18F0B ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
22:00:20.0167 0x0dd8 AmUStor - ok
22:00:20.0427 0x0dd8 [ 051A7A9C035BBAB779E2C96E65C32600, 22B9FB02A24A64F8CD2C99BAA3AC0CD4ABD42FBAD495EBB2CE24504A1E44A184 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
22:00:20.0597 0x0dd8 AntiVirWebService - ok
22:00:20.0707 0x0dd8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
22:00:21.0307 0x0dd8 AppID - ok
22:00:21.0347 0x0dd8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:00:21.0537 0x0dd8 AppIDSvc - ok
22:00:22.0157 0x0dd8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
22:00:22.0347 0x0dd8 Appinfo - ok
22:00:22.0417 0x0dd8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
22:00:22.0487 0x0dd8 arc - ok
22:00:22.0517 0x0dd8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:00:22.0587 0x0dd8 arcsas - ok
22:00:22.0857 0x0dd8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:00:22.0957 0x0dd8 aspnet_state - ok
22:00:23.0127 0x0dd8 [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
22:00:23.0227 0x0dd8 aswHwid - ok
22:00:23.0257 0x0dd8 [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:00:23.0327 0x0dd8 aswMonFlt - ok
22:00:23.0347 0x0dd8 [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
22:00:23.0427 0x0dd8 aswRdr - ok
22:00:23.0477 0x0dd8 [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
22:00:23.0547 0x0dd8 aswRvrt - ok
22:00:23.0657 0x0dd8 [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:00:23.0857 0x0dd8 aswSnx - ok
22:00:23.0927 0x0dd8 [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:00:23.0977 0x0dd8 aswSP - ok
22:00:24.0007 0x0dd8 [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm C:\Windows\system32\drivers\aswStm.sys
22:00:24.0037 0x0dd8 aswStm - ok
22:00:24.0077 0x0dd8 [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
22:00:24.0127 0x0dd8 aswVmm - ok
22:00:24.0177 0x0dd8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:00:24.0317 0x0dd8 AsyncMac - ok
22:00:24.0377 0x0dd8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
22:00:24.0417 0x0dd8 atapi - ok
22:00:24.0697 0x0dd8 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:00:24.0817 0x0dd8 AudioEndpointBuilder - ok
22:00:24.0847 0x0dd8 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:00:24.0897 0x0dd8 AudioSrv - ok
22:00:24.0977 0x0dd8 [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:00:25.0037 0x0dd8 avast! Antivirus - ok
22:00:25.0557 0x0dd8 [ 4F4EBF6163D3A02D52A66BBD145B0069, 179B2FD2671F6BB8D3F77B39001F546A0DEBE85BFF9782060AF1DC50DFA071EF ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
22:00:26.0177 0x0dd8 AvastVBoxSvc - ok
22:00:26.0327 0x0dd8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:00:26.0507 0x0dd8 AxInstSV - ok
22:00:26.0607 0x0dd8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:00:26.0777 0x0dd8 b06bdrv - ok
22:00:26.0867 0x0dd8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:00:26.0987 0x0dd8 b57nd60a - ok
22:00:27.0687 0x0dd8 [ 2D659B569A76CDB83B815675A80D7096, 8246BD350017B6CBADA4BBDBAB8B708B0A8F1AD5ADD4B2DE1BA610B4A188C262 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
22:00:27.0917 0x0dd8 BCM43XX - ok
22:00:27.0977 0x0dd8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
22:00:28.0097 0x0dd8 BDESVC - ok
22:00:28.0157 0x0dd8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
22:00:28.0347 0x0dd8 Beep - ok
22:00:28.0477 0x0dd8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
22:00:28.0637 0x0dd8 BFE - ok
22:00:28.0877 0x0dd8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
22:00:29.0077 0x0dd8 BITS - ok
22:00:29.0117 0x0dd8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:00:29.0257 0x0dd8 blbdrive - ok
22:00:29.0337 0x0dd8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:00:29.0417 0x0dd8 bowser - ok
22:00:29.0447 0x0dd8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:00:29.0597 0x0dd8 BrFiltLo - ok
22:00:29.0617 0x0dd8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:00:29.0677 0x0dd8 BrFiltUp - ok
22:00:29.0757 0x0dd8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
22:00:29.0877 0x0dd8 Browser - ok
22:00:29.0987 0x0dd8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:00:30.0107 0x0dd8 Brserid - ok
22:00:30.0127 0x0dd8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:00:30.0207 0x0dd8 BrSerWdm - ok
22:00:30.0227 0x0dd8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:00:30.0307 0x0dd8 BrUsbMdm - ok
22:00:30.0327 0x0dd8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:00:30.0397 0x0dd8 BrUsbSer - ok
22:00:30.0467 0x0dd8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:00:30.0627 0x0dd8 BthEnum - ok
22:00:30.0657 0x0dd8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:00:30.0737 0x0dd8 BTHMODEM - ok
22:00:30.0787 0x0dd8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:00:30.0847 0x0dd8 BthPan - ok
22:00:30.0907 0x0dd8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:00:31.0047 0x0dd8 BTHPORT - ok
22:00:31.0087 0x0dd8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
22:00:31.0207 0x0dd8 bthserv - ok
22:00:31.0227 0x0dd8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:00:31.0297 0x0dd8 BTHUSB - ok
22:00:31.0377 0x0dd8 [ 73A1C54749FE4F0019241E36C796AB86, B7E6217F699469DDD76751FBACD25AE9AF56A63FAA8F3C7E0A3FAADA2030AB94 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
22:00:31.0437 0x0dd8 btwampfl - ok
22:00:31.0477 0x0dd8 [ 1872074ED0A3FB22E3F1E3197B984BFA, 112F289BFE63B46D1E007E3C6761B5C5C8F499B6638CE896DF528FDDBBC1EA12 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
22:00:31.0537 0x0dd8 btwaudio - ok
22:00:31.0627 0x0dd8 [ 691CF076C33AB1C3A5B2FD5450300733, C2C943D42B0A135BD255FA8985A00D36B0DD91546291E2D819FACE7C0B08287D ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
22:00:31.0677 0x0dd8 btwavdt - ok
22:00:31.0817 0x0dd8 [ 4E6AC6475EF653BDFFDA67A74B9591D8, 2F13D29BF48D2E982AF0BA4F3B6C38B2651E87F898B4A290AE12C5B78306639B ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:00:31.0907 0x0dd8 btwdins - ok
22:00:31.0947 0x0dd8 [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
22:00:31.0987 0x0dd8 btwl2cap - ok
22:00:32.0007 0x0dd8 [ C9273B20DEC8CE38DBCE5D29DE63C907, 71D67A1A2EDA81351E8D8129824565E2ECA0CFA4DC844CE12F90AB7906ABA737 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
22:00:32.0047 0x0dd8 btwrchid - ok
22:00:32.0107 0x0dd8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:00:32.0237 0x0dd8 cdfs - ok
22:00:32.0357 0x0dd8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
22:00:32.0497 0x0dd8 cdrom - ok
22:00:32.0557 0x0dd8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
22:00:32.0667 0x0dd8 CertPropSvc - ok
22:00:32.0707 0x0dd8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:00:32.0797 0x0dd8 circlass - ok
22:00:32.0867 0x0dd8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
22:00:32.0937 0x0dd8 CLFS - ok
22:00:33.0017 0x0dd8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:00:33.0077 0x0dd8 clr_optimization_v2.0.50727_32 - ok
22:00:33.0157 0x0dd8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:00:33.0217 0x0dd8 clr_optimization_v2.0.50727_64 - ok
22:00:33.0317 0x0dd8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:00:33.0457 0x0dd8 clr_optimization_v4.0.30319_32 - ok
22:00:33.0497 0x0dd8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:00:33.0617 0x0dd8 clr_optimization_v4.0.30319_64 - ok
22:00:33.0657 0x0dd8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:00:33.0747 0x0dd8 CmBatt - ok
22:00:33.0787 0x0dd8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:00:33.0817 0x0dd8 cmdide - ok
22:00:33.0897 0x0dd8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
22:00:33.0977 0x0dd8 CNG - ok
22:00:33.0997 0x0dd8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:00:34.0037 0x0dd8 Compbatt - ok
22:00:34.0097 0x0dd8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:00:34.0187 0x0dd8 CompositeBus - ok
22:00:34.0207 0x0dd8 COMSysApp - ok
22:00:34.0227 0x0dd8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:00:34.0267 0x0dd8 crcdisk - ok
22:00:34.0317 0x0dd8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:00:34.0447 0x0dd8 CryptSvc - ok
22:00:34.0527 0x0dd8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:00:34.0707 0x0dd8 DcomLaunch - ok
22:00:34.0777 0x0dd8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
22:00:34.0917 0x0dd8 defragsvc - ok
22:00:34.0967 0x0dd8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:00:35.0087 0x0dd8 DfsC - ok
22:00:35.0157 0x0dd8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:00:35.0287 0x0dd8 Dhcp - ok
22:00:35.0327 0x0dd8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
22:00:35.0447 0x0dd8 discache - ok
22:00:35.0507 0x0dd8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:00:35.0547 0x0dd8 Disk - ok
22:00:35.0597 0x0dd8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:00:35.0707 0x0dd8 Dnscache - ok
22:00:35.0757 0x0dd8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
22:00:35.0837 0x0dd8 dot3svc - ok
22:00:35.0897 0x0dd8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
22:00:35.0987 0x0dd8 DPS - ok
22:00:36.0067 0x0dd8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:00:36.0147 0x0dd8 drmkaud - ok
22:00:36.0217 0x0dd8 [ 9CF46FDF163E06B83D03FF929EF2296C, 40BB0226361DEC2E6CBFE79CA092083986BD3D94564ED5F3E54CA2EE9A756837 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
22:00:36.0327 0x0dd8 DsiWMIService - ok
22:00:36.0727 0x0dd8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:00:36.0797 0x0dd8 DXGKrnl - ok
22:00:36.0897 0x0dd8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
22:00:37.0057 0x0dd8 EapHost - ok
22:00:37.0997 0x0dd8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:00:38.0377 0x0dd8 ebdrv - ok
22:00:38.0477 0x0dd8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
22:00:38.0687 0x0dd8 EFS - ok
22:00:39.0247 0x0dd8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:00:39.0477 0x0dd8 ehRecvr - ok
22:00:39.0527 0x0dd8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
22:00:39.0647 0x0dd8 ehSched - ok
22:00:39.0787 0x0dd8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:00:39.0967 0x0dd8 elxstor - ok
22:00:40.0107 0x0dd8 [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
22:00:40.0217 0x0dd8 ePowerSvc - ok
22:00:40.0277 0x0dd8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:00:40.0487 0x0dd8 ErrDev - ok
22:00:40.0587 0x0dd8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
22:00:40.0757 0x0dd8 EventSystem - ok
22:00:40.0837 0x0dd8 [ 251AF86E0A4DDF3A6B181ED5103B06B1, 1823E7C87F0D8972A89D71B1FB633C5D43744F9803E6A8B866F6EA610032437C ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
22:00:40.0947 0x0dd8 ewusbnet - ok
22:00:40.0987 0x0dd8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
22:00:41.0097 0x0dd8 exfat - ok
22:00:41.0197 0x0dd8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:00:41.0397 0x0dd8 fastfat - ok
22:00:41.0487 0x0dd8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
22:00:41.0627 0x0dd8 Fax - ok
22:00:41.0667 0x0dd8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:00:41.0747 0x0dd8 fdc - ok
22:00:41.0797 0x0dd8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
22:00:41.0967 0x0dd8 fdPHost - ok
22:00:41.0997 0x0dd8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
22:00:42.0127 0x0dd8 FDResPub - ok
22:00:42.0167 0x0dd8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:00:42.0207 0x0dd8 FileInfo - ok
22:00:42.0227 0x0dd8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:00:42.0347 0x0dd8 Filetrace - ok
22:00:42.0377 0x0dd8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:00:42.0417 0x0dd8 flpydisk - ok
22:00:42.0467 0x0dd8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:00:42.0527 0x0dd8 FltMgr - ok
22:00:42.0627 0x0dd8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
22:00:42.0837 0x0dd8 FontCache - ok
22:00:42.0907 0x0dd8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:00:42.0947 0x0dd8 FontCache3.0.0.0 - ok
22:00:42.0967 0x0dd8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:00:43.0027 0x0dd8 FsDepends - ok
22:00:43.0117 0x0dd8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:00:43.0187 0x0dd8 Fs_Rec - ok
22:00:43.0307 0x0dd8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:00:43.0407 0x0dd8 fvevol - ok
22:00:43.0437 0x0dd8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:00:43.0497 0x0dd8 gagp30kx - ok
22:00:43.0717 0x0dd8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
22:00:43.0837 0x0dd8 gpsvc - ok
22:00:43.0977 0x0dd8 [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
22:00:44.0037 0x0dd8 GREGService - ok
22:00:44.0067 0x0dd8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:00:44.0177 0x0dd8 hcw85cir - ok
22:00:44.0247 0x0dd8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:00:44.0347 0x0dd8 HdAudAddService - ok
22:00:44.0407 0x0dd8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:00:44.0477 0x0dd8 HDAudBus - ok
22:00:44.0517 0x0dd8 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:00:44.0587 0x0dd8 HECIx64 - ok
22:00:44.0607 0x0dd8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:00:44.0717 0x0dd8 HidBatt - ok
22:00:44.0747 0x0dd8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:00:44.0847 0x0dd8 HidBth - ok
22:00:44.0887 0x0dd8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:00:44.0957 0x0dd8 HidIr - ok
22:00:44.0997 0x0dd8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
22:00:45.0117 0x0dd8 hidserv - ok
22:00:45.0157 0x0dd8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
22:00:45.0227 0x0dd8 HidUsb - ok
22:00:45.0297 0x0dd8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:00:45.0437 0x0dd8 hkmsvc - ok
22:00:45.0537 0x0dd8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:00:45.0637 0x0dd8 HomeGroupListener - ok
22:00:45.0707 0x0dd8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:00:45.0757 0x0dd8 HomeGroupProvider - ok
22:00:45.0817 0x0dd8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:00:45.0837 0x0dd8 HpSAMD - ok
22:00:46.0267 0x0dd8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:00:46.0447 0x0dd8 HTTP - ok
22:00:46.0507 0x0dd8 [ 4B5C07DB91A0099272FAAE732E1152BD, E0408F85A2E1E310F5143A01A34456F120875D21E0E9D0A9F9EBC96514CFC47C ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
22:00:46.0627 0x0dd8 hwdatacard - ok
22:00:46.0677 0x0dd8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:00:46.0727 0x0dd8 hwpolicy - ok
22:00:46.0777 0x0dd8 [ 9C13A2691AC410CC7469F298684DCA5D, 2B07FE759B479A36AB4DE185AF8B4295396A1F8674587721BE7C92FC31ADFF0D ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
22:00:46.0957 0x0dd8 hwusbfake - ok
22:00:47.0017 0x0dd8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:00:47.0107 0x0dd8 i8042prt - ok
22:00:47.0307 0x0dd8 [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:00:47.0397 0x0dd8 iaStor - ok
22:00:47.0507 0x0dd8 [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:00:47.0587 0x0dd8 IAStorDataMgrSvc - ok
22:00:47.0667 0x0dd8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:00:47.0787 0x0dd8 iaStorV - ok
22:00:47.0917 0x0dd8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:00:48.0147 0x0dd8 idsvc - ok
22:00:48.0157 0x0dd8 IEEtwCollectorService - ok
22:00:49.0727 0x0dd8 [ 2A22AB054F4630D2EF4BAB2853F6D5F6, 9CD7A5FFB7E25B51E9D311531EE5EC20CEAC356C7A27D52B61DA810DB412437B ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:00:50.0487 0x0dd8 igfx - ok
22:00:50.0557 0x0dd8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:00:50.0637 0x0dd8 iirsp - ok
22:00:50.0767 0x0dd8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
22:00:50.0937 0x0dd8 IKEEXT - ok
22:00:51.0007 0x0dd8 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
22:00:51.0117 0x0dd8 Impcd - ok
22:00:51.0337 0x0dd8 [ CB5FD9B681AD43B560490B5283DDC1C1, 359F4ACE7BE0FD6BF710AD1EEA48ED3F9E4A97A2B8318EC5616E34449D0C774F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:00:51.0747 0x0dd8 IntcAzAudAddService - ok
22:00:51.0837 0x0dd8 [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:00:51.0957 0x0dd8 IntcDAud - ok
22:00:51.0987 0x0dd8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
22:00:52.0027 0x0dd8 intelide - ok
22:00:52.0087 0x0dd8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:00:52.0137 0x0dd8 intelppm - ok
22:00:52.0227 0x0dd8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:00:52.0357 0x0dd8 IPBusEnum - ok
22:00:52.0967 0x0dd8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:00:53.0107 0x0dd8 IpFilterDriver - ok
22:00:53.0257 0x0dd8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:00:53.0397 0x0dd8 iphlpsvc - ok
22:00:53.0447 0x0dd8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:00:53.0537 0x0dd8 IPMIDRV - ok
22:00:53.0607 0x0dd8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:00:53.0767 0x0dd8 IPNAT - ok
22:00:53.0797 0x0dd8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:00:53.0927 0x0dd8 IRENUM - ok
22:00:53.0947 0x0dd8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:00:53.0987 0x0dd8 isapnp - ok
22:00:54.0037 0x0dd8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:00:54.0117 0x0dd8 iScsiPrt - ok
22:00:54.0157 0x0dd8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:00:54.0197 0x0dd8 kbdclass - ok
22:00:54.0247 0x0dd8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:00:54.0297 0x0dd8 kbdhid - ok
22:00:54.0327 0x0dd8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
22:00:54.0357 0x0dd8 KeyIso - ok
22:00:54.0417 0x0dd8 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:00:54.0587 0x0dd8 KSecDD - ok
22:00:54.0637 0x0dd8 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:00:54.0697 0x0dd8 KSecPkg - ok
22:00:54.0737 0x0dd8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:00:54.0847 0x0dd8 ksthunk - ok
22:00:54.0887 0x0dd8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
22:00:55.0017 0x0dd8 KtmRm - ok
22:00:55.0067 0x0dd8 [ A4A9CA24E54E81C6C3E469EAEB4B3F42, FB6B72BF973EC2EE2D81AAAF47B030C0A5E7E7B079DAB257C52FEFC3F222CDC8 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
22:00:55.0127 0x0dd8 L1C - ok
22:00:55.0197 0x0dd8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:00:55.0357 0x0dd8 LanmanServer - ok
22:00:55.0427 0x0dd8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:00:55.0557 0x0dd8 LanmanWorkstation - ok
22:00:55.0627 0x0dd8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:00:55.0787 0x0dd8 lltdio - ok
22:00:55.0857 0x0dd8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:00:55.0977 0x0dd8 lltdsvc - ok
22:00:56.0017 0x0dd8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:00:56.0127 0x0dd8 lmhosts - ok
22:00:56.0197 0x0dd8 [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:00:56.0307 0x0dd8 LMS - detected UnsignedFile.Multi.Generic ( 1 )
22:00:59.0237 0x0dd8 Detect skipped due to KSN trusted
22:00:59.0237 0x0dd8 LMS - ok
22:00:59.0277 0x0dd8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:00:59.0347 0x0dd8 LSI_FC - ok
22:00:59.0387 0x0dd8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:00:59.0427 0x0dd8 LSI_SAS - ok
22:00:59.0457 0x0dd8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:00:59.0527 0x0dd8 LSI_SAS2 - ok
22:00:59.0597 0x0dd8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:00:59.0627 0x0dd8 LSI_SCSI - ok
22:00:59.0687 0x0dd8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
22:00:59.0827 0x0dd8 luafv - ok
22:00:59.0867 0x0dd8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:00:59.0937 0x0dd8 Mcx2Svc - ok
22:00:59.0957 0x0dd8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:00:59.0997 0x0dd8 megasas - ok
22:01:00.0027 0x0dd8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:01:00.0087 0x0dd8 MegaSR - ok
22:01:00.0157 0x0dd8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
22:01:00.0277 0x0dd8 MMCSS - ok
22:01:00.0287 0x0dd8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
22:01:00.0387 0x0dd8 Modem - ok
22:01:00.0417 0x0dd8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:01:00.0507 0x0dd8 monitor - ok
22:01:00.0537 0x0dd8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
22:01:00.0567 0x0dd8 mouclass - ok
22:01:00.0607 0x0dd8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:01:00.0677 0x0dd8 mouhid - ok
22:01:00.0737 0x0dd8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:01:00.0777 0x0dd8 mountmgr - ok
22:01:00.0887 0x0dd8 [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:01:00.0937 0x0dd8 MozillaMaintenance - ok
22:01:01.0037 0x0dd8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
22:01:01.0107 0x0dd8 mpio - ok
22:01:01.0157 0x0dd8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:01:01.0247 0x0dd8 mpsdrv - ok
22:01:01.0327 0x0dd8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:01:01.0527 0x0dd8 MpsSvc - ok
22:01:01.0577 0x0dd8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:01:01.0617 0x0dd8 MRxDAV - ok
22:01:01.0657 0x0dd8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:01:01.0767 0x0dd8 mrxsmb - ok
22:01:01.0817 0x0dd8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:01:01.0887 0x0dd8 mrxsmb10 - ok
22:01:01.0917 0x0dd8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:01:01.0967 0x0dd8 mrxsmb20 - ok
22:01:02.0007 0x0dd8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
22:01:02.0077 0x0dd8 msahci - ok
22:01:02.0107 0x0dd8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:01:02.0177 0x0dd8 msdsm - ok
22:01:02.0207 0x0dd8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
22:01:02.0297 0x0dd8 MSDTC - ok
22:01:02.0347 0x0dd8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:01:02.0467 0x0dd8 Msfs - ok
22:01:02.0497 0x0dd8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:01:02.0577 0x0dd8 mshidkmdf - ok
22:01:02.0627 0x0dd8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:01:02.0667 0x0dd8 msisadrv - ok
22:01:02.0737 0x0dd8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:01:02.0877 0x0dd8 MSiSCSI - ok
22:01:02.0877 0x0dd8 msiserver - ok
22:01:02.0907 0x0dd8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:01:03.0007 0x0dd8 MSKSSRV - ok
22:01:03.0047 0x0dd8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:01:03.0127 0x0dd8 MSPCLOCK - ok
22:01:03.0147 0x0dd8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:01:03.0277 0x0dd8 MSPQM - ok
22:01:03.0327 0x0dd8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:01:03.0437 0x0dd8 MsRPC - ok
22:01:03.0467 0x0dd8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:01:03.0527 0x0dd8 mssmbios - ok
22:01:03.0547 0x0dd8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:01:03.0637 0x0dd8 MSTEE - ok
22:01:03.0647 0x0dd8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:01:03.0717 0x0dd8 MTConfig - ok
22:01:03.0747 0x0dd8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
22:01:03.0817 0x0dd8 Mup - ok
22:01:03.0857 0x0dd8 [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
22:01:03.0907 0x0dd8 mwlPSDFilter - ok
22:01:03.0947 0x0dd8 [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
22:01:03.0977 0x0dd8 mwlPSDNServ - ok
22:01:04.0007 0x0dd8 [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
22:01:04.0077 0x0dd8 mwlPSDVDisk - ok
22:01:04.0157 0x0dd8 [ 3E5E20817259F7328C8F3BE5421F35B9, 9BF20E1CE75647BF5654AD603BD7D17E36CC0AD15EEAFF4FACE637D235C34190 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
22:01:04.0217 0x0dd8 MWLService - ok
22:01:04.0437 0x0dd8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
22:01:04.0577 0x0dd8 napagent - ok
22:01:04.0647 0x0dd8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:01:04.0757 0x0dd8 NativeWifiP - ok
22:01:04.0847 0x0dd8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
22:01:04.0947 0x0dd8 NDIS - ok
22:01:04.0987 0x0dd8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:01:05.0057 0x0dd8 NdisCap - ok
22:01:05.0077 0x0dd8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:01:05.0177 0x0dd8 NdisTapi - ok
22:01:05.0207 0x0dd8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:01:05.0287 0x0dd8 Ndisuio - ok
22:01:05.0327 0x0dd8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:01:05.0407 0x0dd8 NdisWan - ok
22:01:05.0447 0x0dd8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:01:05.0537 0x0dd8 NDProxy - ok
22:01:05.0567 0x0dd8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:01:05.0657 0x0dd8 NetBIOS - ok
22:01:05.0747 0x0dd8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:01:05.0877 0x0dd8 NetBT - ok
22:01:05.0897 0x0dd8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
22:01:05.0927 0x0dd8 Netlogon - ok
22:01:05.0967 0x0dd8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
22:01:06.0047 0x0dd8 Netman - ok
22:01:06.0107 0x0dd8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:01:06.0237 0x0dd8 NetMsmqActivator - ok
22:01:06.0277 0x0dd8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:01:06.0337 0x0dd8 NetPipeActivator - ok
22:01:06.0507 0x0dd8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
22:01:06.0637 0x0dd8 netprofm - ok
22:01:06.0667 0x0dd8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:01:06.0707 0x0dd8 NetTcpActivator - ok
22:01:06.0707 0x0dd8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:01:06.0747 0x0dd8 NetTcpPortSharing - ok
22:01:06.0787 0x0dd8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:01:06.0817 0x0dd8 nfrd960 - ok
22:01:06.0857 0x0dd8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:01:06.0917 0x0dd8 NlaSvc - ok
22:01:06.0957 0x0dd8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:01:07.0047 0x0dd8 Npfs - ok
22:01:07.0087 0x0dd8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
22:01:07.0217 0x0dd8 nsi - ok
22:01:07.0247 0x0dd8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:01:07.0347 0x0dd8 nsiproxy - ok
22:01:07.0467 0x0dd8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:01:07.0647 0x0dd8 Ntfs - ok
22:01:07.0797 0x0dd8 [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
22:01:07.0867 0x0dd8 NTI IScheduleSvc - ok
22:01:07.0907 0x0dd8 [ 28C59F594044CBF8598B18C927097091, 7B7633A9BCB1E0A3F89DD697C296D77955907DCF239B4B9D155AD7B90F2A1E7A ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
22:01:07.0947 0x0dd8 NTIBackupSvc - ok
22:01:07.0997 0x0dd8 [ 710263B44C1D1AEE07525A53401FBE48, 9E30D956099F42A7F8125664E671AEE49A6EDE0C2B717EC9B4488556A386FA21 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
22:01:08.0047 0x0dd8 NTIDrvr - ok
22:01:08.0127 0x0dd8 [ B8D903B2894FF9AFBD99CA51C35590D7, AAC96724781EC5A715CEF85C65D4AE15283522D3F19020FC456BA0F73BAA22F9 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
22:01:08.0217 0x0dd8 NTISchedulerSvc - ok
22:01:08.0247 0x0dd8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
22:01:08.0397 0x0dd8 Null - ok
22:01:08.0437 0x0dd8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:01:08.0497 0x0dd8 nvraid - ok
22:01:08.0577 0x0dd8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:01:08.0627 0x0dd8 nvstor - ok
22:01:08.0657 0x0dd8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:01:08.0707 0x0dd8 nv_agp - ok
22:01:08.0877 0x0dd8 [ BA7DAC1B8A86D9402C3E04E1FCAA600D, 20DB46EA6D7FA2AEEDCF6D88E6E07D75219E14AFFD60D76D0A066429B34F7033 ] ODDPwrSvc C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
22:01:08.0937 0x0dd8 ODDPwrSvc - ok
22:01:08.0977 0x0dd8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:01:09.0037 0x0dd8 ohci1394 - ok
22:01:09.0117 0x0dd8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:01:09.0187 0x0dd8 ose - ok
22:01:09.0937 0x0dd8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:01:10.0187 0x0dd8 osppsvc - ok
22:01:10.0327 0x0dd8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:01:10.0447 0x0dd8 p2pimsvc - ok
22:01:10.0507 0x0dd8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
22:01:10.0637 0x0dd8 p2psvc - ok
22:01:10.0687 0x0dd8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:01:10.0767 0x0dd8 Parport - ok
22:01:10.0807 0x0dd8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:01:10.0847 0x0dd8 partmgr - ok
22:01:10.0867 0x0dd8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
22:01:10.0937 0x0dd8 PcaSvc - ok
22:01:10.0967 0x0dd8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
22:01:11.0027 0x0dd8 pci - ok
22:01:11.0097 0x0dd8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
22:01:11.0137 0x0dd8 pciide - ok
22:01:11.0157 0x0dd8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:01:11.0197 0x0dd8 pcmcia - ok
22:01:11.0217 0x0dd8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
22:01:11.0257 0x0dd8 pcw - ok
22:01:11.0297 0x0dd8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:01:11.0427 0x0dd8 PEAUTH - ok
22:01:11.0677 0x0dd8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:01:11.0747 0x0dd8 PerfHost - ok
22:01:11.0877 0x0dd8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
22:01:12.0147 0x0dd8 pla - ok
22:01:12.0247 0x0dd8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:01:12.0407 0x0dd8 PlugPlay - ok
22:01:12.0437 0x0dd8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:01:12.0487 0x0dd8 PNRPAutoReg - ok
22:01:12.0517 0x0dd8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:01:12.0577 0x0dd8 PNRPsvc - ok
22:01:12.0657 0x0dd8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:01:12.0787 0x0dd8 PolicyAgent - ok
22:01:12.0807 0x0dd8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
22:01:12.0887 0x0dd8 Power - ok
22:01:12.0947 0x0dd8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:01:13.0087 0x0dd8 PptpMiniport - ok
22:01:13.0127 0x0dd8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:01:13.0237 0x0dd8 Processor - ok
22:01:13.0357 0x0dd8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
22:01:13.0447 0x0dd8 ProfSvc - ok
22:01:13.0457 0x0dd8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:01:13.0497 0x0dd8 ProtectedStorage - ok
22:01:13.0587 0x0dd8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:01:13.0687 0x0dd8 Psched - ok
22:01:13.0827 0x0dd8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:01:13.0997 0x0dd8 ql2300 - ok
22:01:14.0027 0x0dd8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:01:14.0067 0x0dd8 ql40xx - ok
22:01:14.0137 0x0dd8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
22:01:14.0227 0x0dd8 QWAVE - ok
22:01:14.0247 0x0dd8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:01:14.0307 0x0dd8 QWAVEdrv - ok
22:01:14.0337 0x0dd8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:01:14.0427 0x0dd8 RasAcd - ok
22:01:14.0477 0x0dd8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:01:14.0607 0x0dd8 RasAgileVpn - ok
22:01:14.0677 0x0dd8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
22:01:14.0827 0x0dd8 RasAuto - ok
22:01:14.0867 0x0dd8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:01:14.0967 0x0dd8 Rasl2tp - ok
22:01:15.0027 0x0dd8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
22:01:15.0107 0x0dd8 RasMan - ok
22:01:15.0107 0x0dd8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:01:15.0187 0x0dd8 RasPppoe - ok
22:01:15.0227 0x0dd8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:01:15.0327 0x0dd8 RasSstp - ok
22:01:15.0457 0x0dd8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:01:15.0597 0x0dd8 rdbss - ok
22:01:15.0627 0x0dd8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:01:15.0667 0x0dd8 rdpbus - ok
22:01:15.0697 0x0dd8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:01:15.0767 0x0dd8 RDPCDD - ok
22:01:15.0797 0x0dd8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:01:15.0887 0x0dd8 RDPENCDD - ok
22:01:15.0907 0x0dd8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:01:15.0987 0x0dd8 RDPREFMP - ok
22:01:16.0017 0x0dd8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:01:16.0067 0x0dd8 RDPWD - ok
22:01:16.0117 0x0dd8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:01:16.0197 0x0dd8 rdyboost - ok
22:01:16.0247 0x0dd8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:01:16.0337 0x0dd8 RemoteAccess - ok
22:01:16.0357 0x0dd8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:01:16.0437 0x0dd8 RemoteRegistry - ok
22:01:16.0477 0x0dd8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:01:16.0537 0x0dd8 RFCOMM - ok
22:01:16.0607 0x0dd8 [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
22:01:16.0717 0x0dd8 RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
22:01:19.0607 0x0dd8 Detect skipped due to KSN trusted
22:01:19.0607 0x0dd8 RichVideo - ok
22:01:19.0657 0x0dd8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:01:19.0847 0x0dd8 RpcEptMapper - ok
22:01:19.0887 0x0dd8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
22:01:19.0957 0x0dd8 RpcLocator - ok
22:01:20.0017 0x0dd8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
22:01:20.0167 0x0dd8 RpcSs - ok
22:01:20.0217 0x0dd8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:01:20.0357 0x0dd8 rspndr - ok
22:01:20.0447 0x0dd8 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A, A6810A901620119E1809297A568DC903729471F4F4F813F1C60378E122D2358E ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
22:01:20.0527 0x0dd8 RS_Service - ok
22:01:20.0557 0x0dd8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
22:01:20.0597 0x0dd8 SamSs - ok
22:01:20.0697 0x0dd8 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:01:20.0747 0x0dd8 SASDIFSV - ok
22:01:20.0797 0x0dd8 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:01:20.0847 0x0dd8 SASKUTIL - ok
22:01:20.0897 0x0dd8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:01:20.0957 0x0dd8 sbp2port - ok
22:01:21.0007 0x0dd8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:01:21.0167 0x0dd8 SCardSvr - ok
22:01:21.0217 0x0dd8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:01:21.0317 0x0dd8 scfilter - ok
22:01:21.0547 0x0dd8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
22:01:21.0687 0x0dd8 Schedule - ok
22:01:21.0767 0x0dd8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:01:21.0847 0x0dd8 SCPolicySvc - ok
22:01:21.0877 0x0dd8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:01:21.0957 0x0dd8 SDRSVC - ok
22:01:22.0297 0x0dd8 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
22:01:22.0507 0x0dd8 SDScannerService - ok
22:01:22.0697 0x0dd8 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
22:01:22.0927 0x0dd8 SDUpdateService - ok
22:01:23.0027 0x0dd8 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
22:01:23.0077 0x0dd8 SDWSCService - ok
22:01:23.0117 0x0dd8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:01:23.0247 0x0dd8 secdrv - ok
22:01:23.0307 0x0dd8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
22:01:23.0437 0x0dd8 seclogon - ok
22:01:23.0497 0x0dd8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
22:01:23.0617 0x0dd8 SENS - ok
22:01:23.0647 0x0dd8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:01:23.0727 0x0dd8 SensrSvc - ok
22:01:23.0747 0x0dd8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:01:23.0827 0x0dd8 Serenum - ok
22:01:23.0857 0x0dd8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:01:23.0927 0x0dd8 Serial - ok
22:01:23.0987 0x0dd8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:01:24.0067 0x0dd8 sermouse - ok
22:01:24.0117 0x0dd8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
22:01:24.0267 0x0dd8 SessionEnv - ok
22:01:24.0387 0x0dd8 settings - ok
22:01:24.0457 0x0dd8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:01:24.0577 0x0dd8 sffdisk - ok
22:01:24.0597 0x0dd8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:01:24.0667 0x0dd8 sffp_mmc - ok
22:01:24.0687 0x0dd8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:01:24.0757 0x0dd8 sffp_sd - ok
22:01:24.0817 0x0dd8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:01:24.0887 0x0dd8 sfloppy - ok
22:01:24.0957 0x0dd8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:01:25.0087 0x0dd8 SharedAccess - ok
22:01:25.0177 0x0dd8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:01:25.0287 0x0dd8 ShellHWDetection - ok
22:01:25.0327 0x0dd8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:01:25.0387 0x0dd8 SiSRaid2 - ok
22:01:25.0407 0x0dd8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:01:25.0457 0x0dd8 SiSRaid4 - ok
22:01:25.0517 0x0dd8 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:01:25.0627 0x0dd8 SkypeUpdate - ok
22:01:25.0697 0x0dd8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:01:25.0807 0x0dd8 Smb - ok
22:01:25.0877 0x0dd8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:01:25.0997 0x0dd8 SNMPTRAP - ok
22:01:26.0017 0x0dd8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
22:01:26.0047 0x0dd8 spldr - ok
22:01:26.0167 0x0dd8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
22:01:26.0307 0x0dd8 Spooler - ok
22:01:27.0077 0x0dd8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
22:01:27.0367 0x0dd8 sppsvc - ok
22:01:27.0407 0x0dd8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:01:27.0537 0x0dd8 sppuinotify - ok
22:01:27.0637 0x0dd8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:01:27.0767 0x0dd8 srv - ok
22:01:27.0817 0x0dd8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:01:27.0927 0x0dd8 srv2 - ok
22:01:28.0027 0x0dd8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:01:28.0157 0x0dd8 srvnet - ok
22:01:28.0207 0x0dd8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:01:28.0367 0x0dd8 SSDPSRV - ok
22:01:28.0387 0x0dd8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:01:28.0517 0x0dd8 SstpSvc - ok
22:01:28.0547 0x0dd8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:01:28.0617 0x0dd8 stexstor - ok
22:01:28.0777 0x0dd8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
22:01:28.0917 0x0dd8 stisvc - ok
22:01:28.0957 0x0dd8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
22:01:29.0007 0x0dd8 swenum - ok
22:01:29.0067 0x0dd8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
22:01:29.0237 0x0dd8 swprv - ok
22:01:29.0297 0x0dd8 [ CE9B5A79AEE330BC7E88C0441E5727BB, 315A6803DCAD670BDC30C74CC1040D73DA9B617C32F5B42FB09ABD549FCA4AE0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:01:29.0387 0x0dd8 SynTP - ok
22:01:29.0597 0x0dd8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
22:01:29.0757 0x0dd8 SysMain - ok
22:01:29.0817 0x0dd8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:01:29.0907 0x0dd8 TabletInputService - ok
22:01:29.0967 0x0dd8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
22:01:30.0067 0x0dd8 TapiSrv - ok
22:01:30.0087 0x0dd8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
22:01:30.0177 0x0dd8 TBS - ok
22:01:30.0317 0x0dd8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:01:30.0457 0x0dd8 Tcpip - ok
22:01:30.0527 0x0dd8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:01:30.0627 0x0dd8 TCPIP6 - ok
22:01:30.0677 0x0dd8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:01:30.0697 0x0dd8 tcpipreg - ok
22:01:30.0727 0x0dd8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:01:30.0807 0x0dd8 TDPIPE - ok
22:01:30.0847 0x0dd8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:01:30.0917 0x0dd8 TDTCP - ok
22:01:30.0967 0x0dd8 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:01:31.0077 0x0dd8 tdx - ok
22:01:31.0127 0x0dd8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
22:01:31.0167 0x0dd8 TermDD - ok
22:01:31.0237 0x0dd8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
22:01:31.0387 0x0dd8 TermService - ok
22:01:31.0427 0x0dd8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
22:01:31.0517 0x0dd8 Themes - ok
22:01:31.0547 0x0dd8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
22:01:31.0607 0x0dd8 THREADORDER - ok
22:01:32.0697 0x0dd8 [ 506B0B498216371D64ABB69145B70E4C, 94FE0E8A61C506FBA45D14571A14DC259E1D52778CEF8366CE8CBDCD871E28DB ] tor C:\Program Files (x86)\Tor\tor.exe
22:01:32.0917 0x0dd8 tor - detected UnsignedFile.Multi.Generic ( 1 )
22:01:35.0787 0x0dd8 Detect skipped due to KSN trusted
22:01:35.0787 0x0dd8 tor - ok
22:01:35.0827 0x0dd8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
22:01:35.0947 0x0dd8 TrkWks - ok
22:01:36.0037 0x0dd8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:01:36.0177 0x0dd8 TrustedInstaller - ok
22:01:36.0217 0x0dd8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:01:36.0287 0x0dd8 tssecsrv - ok
22:01:36.0357 0x0dd8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:01:36.0447 0x0dd8 TsUsbFlt - ok
22:01:36.0517 0x0dd8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:01:36.0637 0x0dd8 tunnel - ok
22:01:36.0697 0x0dd8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:01:36.0747 0x0dd8 uagp35 - ok
22:01:36.0757 0x0dd8 [ 40079B0B801C5432BA435B5AD61CE6E3, 709EFA377470234DE21B03AB50A70C9E9DA8F3D22F026D80340EC69C21595892 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
22:01:36.0807 0x0dd8 UBHelper - ok
22:01:36.0857 0x0dd8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:01:37.0007 0x0dd8 udfs - ok
22:01:37.0047 0x0dd8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:01:37.0117 0x0dd8 UI0Detect - ok
22:01:37.0147 0x0dd8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:01:37.0177 0x0dd8 uliagpkx - ok
22:01:37.0207 0x0dd8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
22:01:37.0277 0x0dd8 umbus - ok
22:01:37.0307 0x0dd8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:01:37.0347 0x0dd8 UmPass - ok
22:01:37.0547 0x0dd8 [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:01:37.0827 0x0dd8 UNS - detected UnsignedFile.Multi.Generic ( 1 )
22:01:40.0717 0x0dd8 Detect skipped due to KSN trusted
22:01:40.0717 0x0dd8 UNS - ok
22:01:40.0757 0x0dd8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
22:01:40.0947 0x0dd8 upnphost - ok
22:01:41.0027 0x0dd8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:01:41.0097 0x0dd8 usbaudio - ok
22:01:41.0147 0x0dd8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:01:41.0247 0x0dd8 usbccgp - ok
22:01:41.0287 0x0dd8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:01:41.0347 0x0dd8 usbcir - ok
22:01:41.0397 0x0dd8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:01:41.0487 0x0dd8 usbehci - ok
22:01:41.0537 0x0dd8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:01:41.0647 0x0dd8 usbhub - ok
22:01:41.0667 0x0dd8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:01:41.0727 0x0dd8 usbohci - ok
22:01:41.0767 0x0dd8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:01:41.0837 0x0dd8 usbprint - ok
22:01:41.0897 0x0dd8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:01:41.0987 0x0dd8 usbscan - ok
22:01:42.0027 0x0dd8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
22:01:42.0147 0x0dd8 USBSTOR - ok
22:01:42.0167 0x0dd8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:01:42.0217 0x0dd8 usbuhci - ok
22:01:42.0267 0x0dd8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:01:42.0317 0x0dd8 usbvideo - ok
22:01:42.0357 0x0dd8 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
22:01:42.0437 0x0dd8 usb_rndisx - ok
22:01:42.0457 0x0dd8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
22:01:42.0557 0x0dd8 UxSms - ok
22:01:42.0577 0x0dd8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
22:01:42.0607 0x0dd8 VaultSvc - ok
22:01:42.0717 0x0dd8 [ 1352B215BDC5807A5641E7C143796DD7, B54F95307253BB81E4CEE4F2033782210652364DE6A1E833B27ECE7E04A2BD51 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
22:01:42.0797 0x0dd8 VBoxAswDrv - ok
22:01:42.0817 0x0dd8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:01:42.0857 0x0dd8 vdrvroot - ok
22:01:42.0917 0x0dd8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
22:01:43.0097 0x0dd8 vds - ok
22:01:43.0177 0x0dd8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:01:43.0247 0x0dd8 vga - ok
22:01:43.0267 0x0dd8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:01:43.0357 0x0dd8 VgaSave - ok
22:01:43.0397 0x0dd8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:01:43.0437 0x0dd8 vhdmp - ok
22:01:43.0497 0x0dd8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
22:01:43.0537 0x0dd8 viaide - ok
22:01:43.0677 0x0dd8 [ 1B0D441D8AB264D39C2B09130CC28045, 15589A3A30B05AAD35152289AAF42CB792198FD15B55D6A7D5E4C1CE58459680 ] VMCService C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
22:01:43.0727 0x0dd8 VMCService - detected UnsignedFile.Multi.Generic ( 1 )
22:01:46.0597 0x0dd8 Detect skipped due to KSN trusted
22:01:46.0597 0x0dd8 VMCService - ok
22:01:46.0647 0x0dd8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:01:46.0717 0x0dd8 volmgr - ok
22:01:46.0757 0x0dd8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:01:46.0807 0x0dd8 volmgrx - ok
22:01:46.0827 0x0dd8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:01:46.0877 0x0dd8 volsnap - ok
22:01:46.0937 0x0dd8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:01:46.0987 0x0dd8 vsmraid - ok
22:01:47.0107 0x0dd8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
22:01:47.0317 0x0dd8 VSS - ok
22:01:47.0347 0x0dd8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:01:47.0427 0x0dd8 vwifibus - ok
22:01:47.0467 0x0dd8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:01:47.0517 0x0dd8 vwififlt - ok
22:01:47.0567 0x0dd8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
22:01:47.0677 0x0dd8 W32Time - ok
22:01:47.0707 0x0dd8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:01:47.0747 0x0dd8 WacomPen - ok
22:01:47.0787 0x0dd8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:01:47.0857 0x0dd8 WANARP - ok
22:01:47.0887 0x0dd8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:01:47.0937 0x0dd8 Wanarpv6 - ok
22:01:48.0047 0x0dd8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
22:01:48.0357 0x0dd8 wbengine - ok
22:01:48.0427 0x0dd8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:01:48.0527 0x0dd8 WbioSrvc - ok
22:01:48.0587 0x0dd8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:01:48.0747 0x0dd8 wcncsvc - ok
22:01:48.0777 0x0dd8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:01:48.0847 0x0dd8 WcsPlugInService - ok
22:01:48.0877 0x0dd8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:01:48.0917 0x0dd8 Wd - ok
22:01:48.0987 0x0dd8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:01:49.0077 0x0dd8 Wdf01000 - ok
22:01:49.0107 0x0dd8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:01:49.0247 0x0dd8 WdiServiceHost - ok
22:01:49.0257 0x0dd8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:01:49.0307 0x0dd8 WdiSystemHost - ok
22:01:49.0357 0x0dd8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
22:01:49.0477 0x0dd8 WebClient - ok
22:01:49.0517 0x0dd8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:01:49.0587 0x0dd8 Wecsvc - ok
22:01:49.0607 0x0dd8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:01:49.0687 0x0dd8 wercplsupport - ok
22:01:49.0717 0x0dd8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
22:01:49.0777 0x0dd8 WerSvc - ok
22:01:49.0787 0x0dd8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:01:49.0867 0x0dd8 WfpLwf - ok
22:01:49.0897 0x0dd8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:01:49.0917 0x0dd8 WIMMount - ok
22:01:49.0947 0x0dd8 WinDefend - ok
22:01:49.0957 0x0dd8 WinHttpAutoProxySvc - ok
22:01:50.0047 0x0dd8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:01:50.0207 0x0dd8 Winmgmt - ok
22:01:50.0347 0x0dd8 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
22:01:50.0637 0x0dd8 WinRM - ok
22:01:50.0697 0x0dd8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:01:50.0757 0x0dd8 WinUsb - ok
22:01:50.0797 0x0dd8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:01:50.0887 0x0dd8 Wlansvc - ok
22:01:50.0937 0x0dd8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:01:51.0007 0x0dd8 WmiAcpi - ok
22:01:51.0047 0x0dd8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:01:51.0137 0x0dd8 wmiApSrv - ok
22:01:51.0157 0x0dd8 WMPNetworkSvc - ok
22:01:51.0167 0x0dd8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:01:51.0237 0x0dd8 WPCSvc - ok
22:01:51.0277 0x0dd8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:01:51.0367 0x0dd8 WPDBusEnum - ok
22:01:51.0397 0x0dd8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:01:51.0497 0x0dd8 ws2ifsl - ok
22:01:51.0537 0x0dd8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
22:01:51.0637 0x0dd8 wscsvc - ok
22:01:51.0647 0x0dd8 WSearch - ok
22:01:51.0797 0x0dd8 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
22:01:52.0037 0x0dd8 wuauserv - ok
22:01:52.0087 0x0dd8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:01:52.0177 0x0dd8 WudfPf - ok
22:01:52.0237 0x0dd8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:01:52.0297 0x0dd8 WUDFRd - ok
22:01:52.0337 0x0dd8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:01:52.0427 0x0dd8 wudfsvc - ok
22:01:52.0477 0x0dd8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
22:01:52.0617 0x0dd8 WwanSvc - ok
22:01:52.0667 0x0dd8 ================ Scan global ===============================
22:01:52.0707 0x0dd8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:01:52.0757 0x0dd8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:01:52.0787 0x0dd8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:01:52.0827 0x0dd8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:01:52.0867 0x0dd8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:01:52.0887 0x0dd8 [ Global ] - ok
22:01:52.0887 0x0dd8 ================ Scan MBR ==================================
22:01:52.0907 0x0dd8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:01:53.0407 0x0dd8 \Device\Harddisk0\DR0 - ok
22:01:53.0417 0x0dd8 ================ Scan VBR ==================================
22:01:53.0417 0x0dd8 [ 484B90EF01A50CE9D8BEFFB4B26BD896 ] \Device\Harddisk0\DR0\Partition1
22:01:53.0477 0x0dd8 \Device\Harddisk0\DR0\Partition1 - ok
22:01:53.0477 0x0dd8 [ DFAD496DF6C758342F14DE358F14DC01 ] \Device\Harddisk0\DR0\Partition2
22:01:53.0527 0x0dd8 \Device\Harddisk0\DR0\Partition2 - ok
22:01:53.0527 0x0dd8 ================ Scan generic autorun ======================
22:01:54.0007 0x0dd8 [ 63C3AED5744F0BB8884413D19BFDB99A, 84DDF092DDAF6109D6185E86165CE60CD43A03F4B3C2ECAA7B109F17BED43BDB ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:01:54.0577 0x0dd8 RtHDVCpl - ok
22:01:54.0827 0x0dd8 [ 6F8BE1586785892C50D664BEDD906AF2, F9B7CC3DA226D107AB8CF9E6C73871B88B082763DE3EA01B6FE9A60C233BC01B ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:01:54.0987 0x0dd8 RtHDVBg - ok
22:01:55.0067 0x0dd8 [ 2C2C3D428E6581CF56A80416AA327425, F4C57B5C2233707B21444C9EB516CD00B07F13B610730ADC0C85E626180D567A ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
22:01:55.0107 0x0dd8 AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
22:01:58.0007 0x0dd8 Detect skipped due to KSN trusted
22:01:58.0007 0x0dd8 AmIcoSinglun64 - ok
22:01:58.0077 0x0dd8 [ A5F30B7295A8D0CE87FDE15FCF9646E1, ECF3B268BB74CFFCC3CEEF4A396D2D9F43561B4AEC70085A0637BE2B44401298 ] C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe
22:01:58.0127 0x0dd8 ODDPwr - ok
22:01:58.0177 0x0dd8 [ 0D6972A795995F07B6D78CA7724744FB, AA5E21F2957CCA7FBB0A2D006054E43BE4992BDEBAAC26A217C741FF36276B1B ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
22:01:58.0247 0x0dd8 mwlDaemon - ok
22:01:58.0307 0x0dd8 [ 2EC361CC83F0B718DA834A1CF3571F38, CD456DBEDD9A7FE75862A8289CBDD4663263E9F728BFAE6E0492E286BB441AFB ] C:\Windows\system32\igfxtray.exe
22:01:58.0377 0x0dd8 IgfxTray - ok
22:01:58.0397 0x0dd8 [ 48708AA53EE3A697E0B7E429F8A09663, 1A1F6E86BA8033D6A43E1EEAA9104C5C1F20BFA089AE86212B341EBCAC4859B7 ] C:\Windows\system32\hkcmd.exe
22:01:58.0467 0x0dd8 HotKeysCmds - ok
22:01:58.0507 0x0dd8 [ 0B8DF7C18D4CC7B3D14CE9C3411038AB, 2922BCF795123758CD1999FC3B739EE1AEA09FED10A817E8BA94CE418BDE2CB6 ] C:\Windows\system32\igfxpers.exe
22:01:58.0587 0x0dd8 Persistence - ok
22:01:58.0587 0x0dd8 SynTPEnh - ok
22:01:58.0697 0x0dd8 [ 147B96A5AEA8CEF3A34D8E378EAAA9B2, AC60E8184AC0DF277C26617AAD06F13A315B459AE47D9093161FB3DD652195B1 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
22:01:58.0787 0x0dd8 Acer ePower Management - ok
22:01:58.0827 0x0dd8 [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
22:01:58.0877 0x0dd8 IAStorIcon - ok
22:01:58.0917 0x0dd8 [ AF7DE2922E01EFA48BF5F2A8511CF896, C0488146EC4600DBD9BF35C3C2DAE38714A4AEBB5341539237CAD1B3BBED3051 ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
22:01:58.0967 0x0dd8 SuiteTray - ok
22:01:59.0017 0x0dd8 [ F255E48EA981E943A14CF16269F3F3AF, DDA7829AE5D4E2EC0CB11581F4CB3AA70366021BFB70B678A54D050F2EEC0F4B ] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
22:01:59.0067 0x0dd8 EgisUpdate - ok
22:01:59.0097 0x0dd8 [ 0ADF079D36B2C25E6E9BECE1BD937ACE, E90188F60B942A9A7586E39DDE3871B1ED9D5F4D32AB70297CBE69B465609BEE ] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
22:01:59.0147 0x0dd8 EgisTecPMMUpdate - ok
22:01:59.0197 0x0dd8 [ 94F80155B91B8DF7A0EAD527C853D377, 3E35B686DB526592F2ABF4B3E6EAACE1E784A5552C1CE074E85661388E66C153 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
22:01:59.0257 0x0dd8 BackupManagerTray - ok
22:01:59.0357 0x0dd8 [ 38218E47372B77DDB3C9DDD4390CB960, C665FCFE08A4C1F9C3FBA73A220AAB7344C2BF203B62FAB76EF1F659A78F007C ] C:\Program Files (x86)\Launch Manager\LManager.exe
22:01:59.0517 0x0dd8 LManager - ok
22:01:59.0607 0x0dd8 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe
22:01:59.0657 0x0dd8 MDS_Menu - ok
22:01:59.0697 0x0dd8 [ 506FCC5EEE85B165498513022EF26E65, 0DB381917F22158F87A4B58B683320985C654E0F203E57D255F464C57E26631A ] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
22:01:59.0747 0x0dd8 ArcadeMovieService - ok
22:01:59.0877 0x0dd8 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:01:59.0967 0x0dd8 Adobe ARM - ok
22:02:00.0097 0x0dd8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:02:00.0317 0x0dd8 Sidebar - ok
22:02:00.0357 0x0dd8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:02:00.0437 0x0dd8 mctadmin - ok
22:02:00.0477 0x0dd8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:02:00.0557 0x0dd8 Sidebar - ok
22:02:00.0567 0x0dd8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:02:00.0597 0x0dd8 mctadmin - ok
22:02:00.0717 0x0dd8 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
22:02:00.0887 0x0dd8 Sidebar - ok
22:02:00.0997 0x0dd8 [ BAD6C301B193809BBFA4A38F3D184628, F85AB67E4072E0BB6132856318F5D8595FA1E395C869DC0B41BFDA1A731F83B7 ] C:\Users\*****\AppData\Roaming\Izlwcl\jhhhxzuhxz.exe
22:02:00.0997 0x0dd8 Suspicious file ( NoAccess ): C:\Users\*****\AppData\Roaming\Izlwcl\jhhhxzuhxz.exe. md5: BAD6C301B193809BBFA4A38F3D184628, sha256: F85AB67E4072E0BB6132856318F5D8595FA1E395C869DC0B41BFDA1A731F83B7
22:02:01.0007 0x0dd8 nlsluhxz - detected LockedFile.Multi.Generic ( 1 )
22:02:03.0907 0x0dd8 Detect turned to UDS exact due to KSN untrusted
22:02:03.0997 0x0dd8 nlsluhxz ( UDS:DangerousObject.Multi.Generic ) - infected
22:02:03.0997 0x0dd8 Force sending object to P2P due to detect: C:\Users\*****\AppData\Roaming\Izlwcl\jhhhxzuhxz.exe
22:02:06.0967 0x0dd8 Object send P2P result: true
22:02:09.0887 0x0dd8 [ B3FD7BE5ACA41067CC8AC0BCD64455A9, F0E5942F72A28EC49971E57C5AADC82D1FF814E676849BA90B03D2C3C8409695 ] C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe
22:02:09.0887 0x0dd8 Suspicious file ( NoAccess ): C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe. md5: B3FD7BE5ACA41067CC8AC0BCD64455A9, sha256: F0E5942F72A28EC49971E57C5AADC82D1FF814E676849BA90B03D2C3C8409695
22:02:09.0887 0x0dd8 poet-tear - detected LockedFile.Multi.Generic ( 1 )
22:02:12.0787 0x0dd8 Detect turned to UDS exact due to KSN untrusted
22:02:12.0787 0x0dd8 poet-tear ( UDS:DangerousObject.Multi.Generic ) - infected
22:02:12.0787 0x0dd8 Force sending object to P2P due to detect: C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe
22:02:22.0507 0x0dd8 Object send P2P result: true
22:02:25.0337 0x0dd8 audience-scratch - ok
22:02:25.0517 0x0dd8 courage-adjust - ok
22:02:25.0867 0x0dd8 [ 69CFED513B87D6FE10DBE421708501B3, DE7F8F22EB5C88DF11C51E5FD69A18EDAFDA6873AAFFBC5BD134DC67E2E75813 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
22:02:26.0327 0x0dd8 SUPERAntiSpyware - ok
22:02:26.0637 0x0dd8 [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
22:02:26.0907 0x0dd8 Spybot-S&D Cleaning - ok
22:02:27.0047 0x0dd8 [ B3FD7BE5ACA41067CC8AC0BCD64455A9, F0E5942F72A28EC49971E57C5AADC82D1FF814E676849BA90B03D2C3C8409695 ] C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe
22:02:27.0057 0x0dd8 Suspicious file ( NoAccess ): C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe. md5: B3FD7BE5ACA41067CC8AC0BCD64455A9, sha256: F0E5942F72A28EC49971E57C5AADC82D1FF814E676849BA90B03D2C3C8409695
22:02:27.0057 0x0dd8 poet-tear - detected LockedFile.Multi.Generic ( 1 )
22:02:27.0057 0x0dd8 Detect turned to UDS exact due to KSN untrusted
22:02:27.0057 0x0dd8 poet-tear ( UDS:DangerousObject.Multi.Generic ) - infected
22:02:27.0057 0x0dd8 Force sending object to P2P due to detect: C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe
22:02:34.0117 0x0dd8 Object send P2P result: true
22:02:37.0567 0x0dd8 [ 7999235AE6A9F0FE1C007203F03A4618, D552A169E7E5EC43B675120F11E6A1790902C4068FAAFC2DE81DDB5FA50F18E8 ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe
22:02:37.0637 0x0dd8 FlashPlayerUpdate - ok
22:02:37.0647 0x0dd8 Waiting for KSN requests completion. In queue: 1
22:02:38.0647 0x0dd8 Waiting for KSN requests completion. In queue: 1
22:02:39.0647 0x0dd8 Waiting for KSN requests completion. In queue: 1
22:02:40.0727 0x0dd8 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
22:02:40.0767 0x0dd8 Win FW state via NFP2: enabled
22:02:43.0557 0x0dd8 ============================================================
22:02:43.0557 0x0dd8 Scan finished
22:02:43.0557 0x0dd8 ============================================================
22:02:43.0577 0x1488 Detected object count: 3
22:02:43.0577 0x1488 Actual detected object count: 3
22:04:02.0077 0x1488 nlsluhxz ( UDS:DangerousObject.Multi.Generic ) - skipped by user
22:04:02.0077 0x1488 nlsluhxz ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
22:04:02.0077 0x1488 poet-tear ( UDS:DangerousObject.Multi.Generic ) - skipped by user
22:04:02.0077 0x1488 poet-tear ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
22:04:02.0077 0x1488 poet-tear ( UDS:DangerousObject.Multi.Generic ) - skipped by user
22:04:02.0077 0x1488 poet-tear ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
22:04:37.0687 0x12b0 Deinitialize success
|
|
03.01.2015, 11:48
| #11 | |
| /// the machine /// TB-Ausbilder | C:\Windows\SysWOW64\cleanmgr.exe wurde blockiertZitat:
Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.01.2015, 12:16
| #12 |
| | C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert Hallo Schrauber, hier nun die neue TDSSKiller.log Code:
ATTFilter 12:01:59.0502 0x1a88 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
12:02:05.0773 0x1a88 ============================================================
12:02:05.0773 0x1a88 Current date / time: 2015/01/03 12:02:05.0773
12:02:05.0773 0x1a88 SystemInfo:
12:02:05.0773 0x1a88
12:02:05.0773 0x1a88 OS Version: 6.1.7601 ServicePack: 1.0
12:02:05.0773 0x1a88 Product type: Workstation
12:02:05.0773 0x1a88 ComputerName: *****-PC
12:02:05.0773 0x1a88 UserName: *****
12:02:05.0773 0x1a88 Windows directory: C:\Windows
12:02:05.0773 0x1a88 System windows directory: C:\Windows
12:02:05.0773 0x1a88 Running under WOW64
12:02:05.0773 0x1a88 Processor architecture: Intel x64
12:02:05.0773 0x1a88 Number of processors: 4
12:02:05.0773 0x1a88 Page size: 0x1000
12:02:05.0773 0x1a88 Boot type: Normal boot
12:02:05.0773 0x1a88 ============================================================
12:02:06.0007 0x1a88 KLMD registered as C:\Windows\system32\drivers\91709247.sys
12:02:06.0475 0x1a88 System UUID: {604D0E78-24CB-04A7-CFCE-9554F14D1DA1}
12:02:07.0068 0x1a88 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:02:07.0084 0x1a88 ============================================================
12:02:07.0084 0x1a88 \Device\Harddisk0\DR0:
12:02:07.0084 0x1a88 MBR partitions:
12:02:07.0084 0x1a88 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
12:02:07.0084 0x1a88 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x237FB800
12:02:07.0084 0x1a88 ============================================================
12:02:07.0115 0x1a88 C: <-> \Device\Harddisk0\DR0\Partition2
12:02:07.0115 0x1a88 ============================================================
12:02:07.0115 0x1a88 Initialize success
12:02:07.0115 0x1a88 ============================================================
12:03:26.0372 0x15a4 ============================================================
12:03:26.0372 0x15a4 Scan started
12:03:26.0372 0x15a4 Mode: Manual; SigCheck; TDLFS;
12:03:26.0372 0x15a4 ============================================================
12:03:26.0372 0x15a4 KSN ping started
12:03:29.0180 0x15a4 KSN ping finished: true
12:03:29.0913 0x15a4 ================ Scan system memory ========================
12:03:29.0913 0x15a4 System memory - ok
12:03:29.0913 0x15a4 ================ Scan services =============================
12:03:30.0053 0x15a4 [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:03:30.0163 0x15a4 !SASCORE - ok
12:03:30.0381 0x15a4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:03:30.0459 0x15a4 1394ohci - ok
12:03:30.0537 0x15a4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:03:30.0599 0x15a4 ACPI - ok
12:03:30.0646 0x15a4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:03:30.0709 0x15a4 AcpiPmi - ok
12:03:30.0849 0x15a4 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:03:30.0896 0x15a4 AdobeARMservice - ok
12:03:31.0067 0x15a4 [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:03:31.0114 0x15a4 AdobeFlashPlayerUpdateSvc - ok
12:03:31.0161 0x15a4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:03:31.0208 0x15a4 adp94xx - ok
12:03:31.0223 0x15a4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:03:31.0255 0x15a4 adpahci - ok
12:03:31.0286 0x15a4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:03:31.0301 0x15a4 adpu320 - ok
12:03:31.0333 0x15a4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:03:31.0395 0x15a4 AeLookupSvc - ok
12:03:31.0457 0x15a4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:03:31.0504 0x15a4 AFD - ok
12:03:31.0535 0x15a4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:03:31.0582 0x15a4 agp440 - ok
12:03:31.0613 0x15a4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:03:31.0660 0x15a4 ALG - ok
12:03:31.0707 0x15a4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:03:31.0738 0x15a4 aliide - ok
12:03:31.0785 0x15a4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:03:31.0832 0x15a4 amdide - ok
12:03:31.0847 0x15a4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:03:31.0894 0x15a4 AmdK8 - ok
12:03:31.0910 0x15a4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:03:31.0941 0x15a4 AmdPPM - ok
12:03:31.0972 0x15a4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:03:32.0003 0x15a4 amdsata - ok
12:03:32.0035 0x15a4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:03:32.0081 0x15a4 amdsbs - ok
12:03:32.0097 0x15a4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:03:32.0128 0x15a4 amdxata - ok
12:03:32.0159 0x15a4 [ 391887990CDAA83DE5C56C3FDE966DA1, BC55E21E03B3FE7BBDBB13D56AADB8FBA74F58521AC73B105AD9788E7AE18F0B ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
12:03:32.0191 0x15a4 AmUStor - ok
12:03:32.0378 0x15a4 [ 051A7A9C035BBAB779E2C96E65C32600, 22B9FB02A24A64F8CD2C99BAA3AC0CD4ABD42FBAD495EBB2CE24504A1E44A184 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
12:03:32.0456 0x15a4 AntiVirWebService - ok
12:03:32.0534 0x15a4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
12:03:32.0612 0x15a4 AppID - ok
12:03:32.0643 0x15a4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:03:32.0690 0x15a4 AppIDSvc - ok
12:03:32.0737 0x15a4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:03:32.0768 0x15a4 Appinfo - ok
12:03:32.0893 0x15a4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:03:32.0924 0x15a4 arc - ok
12:03:32.0955 0x15a4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:03:32.0971 0x15a4 arcsas - ok
12:03:33.0111 0x15a4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:03:33.0142 0x15a4 aspnet_state - ok
12:03:33.0220 0x15a4 [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
12:03:33.0267 0x15a4 aswHwid - ok
12:03:33.0298 0x15a4 [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
12:03:33.0329 0x15a4 aswMonFlt - ok
12:03:33.0392 0x15a4 [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
12:03:33.0423 0x15a4 aswRdr - ok
12:03:33.0501 0x15a4 [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
12:03:33.0532 0x15a4 aswRvrt - ok
12:03:33.0626 0x15a4 [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
12:03:33.0688 0x15a4 aswSnx - ok
12:03:33.0719 0x15a4 [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP C:\Windows\system32\drivers\aswSP.sys
12:03:33.0766 0x15a4 aswSP - ok
12:03:33.0797 0x15a4 [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm C:\Windows\system32\drivers\aswStm.sys
12:03:33.0829 0x15a4 aswStm - ok
12:03:33.0860 0x15a4 [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
12:03:33.0922 0x15a4 aswVmm - ok
12:03:33.0953 0x15a4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:03:34.0000 0x15a4 AsyncMac - ok
12:03:34.0078 0x15a4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:03:34.0109 0x15a4 atapi - ok
12:03:34.0203 0x15a4 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:03:34.0343 0x15a4 AudioEndpointBuilder - ok
12:03:34.0375 0x15a4 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:03:34.0453 0x15a4 AudioSrv - ok
12:03:34.0546 0x15a4 [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:03:34.0593 0x15a4 avast! Antivirus - ok
12:03:34.0827 0x15a4 [ 4F4EBF6163D3A02D52A66BBD145B0069, 179B2FD2671F6BB8D3F77B39001F546A0DEBE85BFF9782060AF1DC50DFA071EF ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
12:03:35.0077 0x15a4 AvastVBoxSvc - ok
12:03:35.0201 0x15a4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:03:35.0264 0x15a4 AxInstSV - ok
12:03:35.0342 0x15a4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:03:35.0420 0x15a4 b06bdrv - ok
12:03:35.0451 0x15a4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:03:35.0498 0x15a4 b57nd60a - ok
12:03:35.0701 0x15a4 [ 2D659B569A76CDB83B815675A80D7096, 8246BD350017B6CBADA4BBDBAB8B708B0A8F1AD5ADD4B2DE1BA610B4A188C262 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
12:03:35.0935 0x15a4 BCM43XX - ok
12:03:35.0981 0x15a4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:03:36.0028 0x15a4 BDESVC - ok
12:03:36.0059 0x15a4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:03:36.0106 0x15a4 Beep - ok
12:03:36.0215 0x15a4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:03:36.0309 0x15a4 BFE - ok
12:03:36.0387 0x15a4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:03:36.0512 0x15a4 BITS - ok
12:03:36.0559 0x15a4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:03:36.0590 0x15a4 blbdrive - ok
12:03:36.0621 0x15a4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:03:36.0652 0x15a4 bowser - ok
12:03:36.0668 0x15a4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:03:36.0699 0x15a4 BrFiltLo - ok
12:03:36.0715 0x15a4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:03:36.0746 0x15a4 BrFiltUp - ok
12:03:36.0793 0x15a4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:03:36.0855 0x15a4 Browser - ok
12:03:36.0886 0x15a4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:03:36.0964 0x15a4 Brserid - ok
12:03:36.0995 0x15a4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:03:37.0027 0x15a4 BrSerWdm - ok
12:03:37.0027 0x15a4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:03:37.0058 0x15a4 BrUsbMdm - ok
12:03:37.0073 0x15a4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:03:37.0089 0x15a4 BrUsbSer - ok
12:03:37.0167 0x15a4 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:03:37.0214 0x15a4 BthEnum - ok
12:03:37.0245 0x15a4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:03:37.0307 0x15a4 BTHMODEM - ok
12:03:37.0354 0x15a4 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:03:37.0417 0x15a4 BthPan - ok
12:03:37.0448 0x15a4 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
12:03:37.0510 0x15a4 BTHPORT - ok
12:03:37.0541 0x15a4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:03:37.0635 0x15a4 bthserv - ok
12:03:37.0666 0x15a4 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
12:03:37.0697 0x15a4 BTHUSB - ok
12:03:37.0744 0x15a4 [ 73A1C54749FE4F0019241E36C796AB86, B7E6217F699469DDD76751FBACD25AE9AF56A63FAA8F3C7E0A3FAADA2030AB94 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
12:03:37.0822 0x15a4 btwampfl - ok
12:03:37.0853 0x15a4 [ 1872074ED0A3FB22E3F1E3197B984BFA, 112F289BFE63B46D1E007E3C6761B5C5C8F499B6638CE896DF528FDDBBC1EA12 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
12:03:37.0900 0x15a4 btwaudio - ok
12:03:37.0931 0x15a4 [ 691CF076C33AB1C3A5B2FD5450300733, C2C943D42B0A135BD255FA8985A00D36B0DD91546291E2D819FACE7C0B08287D ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
12:03:37.0978 0x15a4 btwavdt - ok
12:03:38.0087 0x15a4 [ 4E6AC6475EF653BDFFDA67A74B9591D8, 2F13D29BF48D2E982AF0BA4F3B6C38B2651E87F898B4A290AE12C5B78306639B ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:03:38.0275 0x15a4 btwdins - ok
12:03:38.0290 0x15a4 [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
12:03:38.0321 0x15a4 btwl2cap - ok
12:03:38.0337 0x15a4 [ C9273B20DEC8CE38DBCE5D29DE63C907, 71D67A1A2EDA81351E8D8129824565E2ECA0CFA4DC844CE12F90AB7906ABA737 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
12:03:38.0353 0x15a4 btwrchid - ok
12:03:38.0399 0x15a4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:03:38.0493 0x15a4 cdfs - ok
12:03:38.0555 0x15a4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:03:38.0602 0x15a4 cdrom - ok
12:03:38.0665 0x15a4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:03:38.0774 0x15a4 CertPropSvc - ok
12:03:38.0805 0x15a4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:03:38.0852 0x15a4 circlass - ok
12:03:38.0914 0x15a4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:03:38.0992 0x15a4 CLFS - ok
12:03:39.0070 0x15a4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:03:39.0117 0x15a4 clr_optimization_v2.0.50727_32 - ok
12:03:39.0164 0x15a4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:03:39.0211 0x15a4 clr_optimization_v2.0.50727_64 - ok
12:03:39.0289 0x15a4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:03:39.0367 0x15a4 clr_optimization_v4.0.30319_32 - ok
12:03:39.0398 0x15a4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:03:39.0445 0x15a4 clr_optimization_v4.0.30319_64 - ok
12:03:39.0491 0x15a4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:03:39.0554 0x15a4 CmBatt - ok
12:03:39.0601 0x15a4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:03:39.0647 0x15a4 cmdide - ok
12:03:39.0710 0x15a4 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:03:39.0803 0x15a4 CNG - ok
12:03:39.0819 0x15a4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:03:39.0850 0x15a4 Compbatt - ok
12:03:39.0897 0x15a4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:03:39.0959 0x15a4 CompositeBus - ok
12:03:39.0959 0x15a4 COMSysApp - ok
12:03:39.0991 0x15a4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:03:40.0006 0x15a4 crcdisk - ok
12:03:40.0084 0x15a4 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:03:40.0178 0x15a4 CryptSvc - ok
12:03:40.0240 0x15a4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:03:40.0318 0x15a4 DcomLaunch - ok
12:03:40.0381 0x15a4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:03:40.0474 0x15a4 defragsvc - ok
12:03:40.0505 0x15a4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:03:40.0599 0x15a4 DfsC - ok
12:03:40.0677 0x15a4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:03:40.0771 0x15a4 Dhcp - ok
12:03:40.0802 0x15a4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:03:40.0864 0x15a4 discache - ok
12:03:40.0880 0x15a4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:03:40.0911 0x15a4 Disk - ok
12:03:40.0942 0x15a4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:03:40.0989 0x15a4 Dnscache - ok
12:03:41.0036 0x15a4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:03:41.0161 0x15a4 dot3svc - ok
12:03:41.0192 0x15a4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:03:41.0285 0x15a4 DPS - ok
12:03:41.0348 0x15a4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:03:41.0410 0x15a4 drmkaud - ok
12:03:41.0473 0x15a4 [ 9CF46FDF163E06B83D03FF929EF2296C, 40BB0226361DEC2E6CBFE79CA092083986BD3D94564ED5F3E54CA2EE9A756837 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
12:03:41.0519 0x15a4 DsiWMIService - ok
12:03:41.0613 0x15a4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:03:41.0707 0x15a4 DXGKrnl - ok
12:03:41.0753 0x15a4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:03:41.0831 0x15a4 EapHost - ok
12:03:42.0003 0x15a4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:03:42.0237 0x15a4 ebdrv - ok
12:03:42.0299 0x15a4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
12:03:42.0346 0x15a4 EFS - ok
12:03:42.0471 0x15a4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:03:42.0533 0x15a4 ehRecvr - ok
12:03:42.0580 0x15a4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:03:42.0611 0x15a4 ehSched - ok
12:03:42.0627 0x15a4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:03:42.0674 0x15a4 elxstor - ok
12:03:42.0783 0x15a4 [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
12:03:42.0861 0x15a4 ePowerSvc - ok
12:03:42.0892 0x15a4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:03:42.0923 0x15a4 ErrDev - ok
12:03:42.0986 0x15a4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:03:43.0079 0x15a4 EventSystem - ok
12:03:43.0173 0x15a4 [ 251AF86E0A4DDF3A6B181ED5103B06B1, 1823E7C87F0D8972A89D71B1FB633C5D43744F9803E6A8B866F6EA610032437C ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
12:03:43.0235 0x15a4 ewusbnet - ok
12:03:43.0267 0x15a4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:03:43.0329 0x15a4 exfat - ok
12:03:43.0360 0x15a4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:03:43.0407 0x15a4 fastfat - ok
12:03:43.0485 0x15a4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:03:43.0563 0x15a4 Fax - ok
12:03:43.0579 0x15a4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:03:43.0610 0x15a4 fdc - ok
12:03:43.0645 0x15a4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:03:43.0695 0x15a4 fdPHost - ok
12:03:43.0705 0x15a4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:03:43.0755 0x15a4 FDResPub - ok
12:03:43.0775 0x15a4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:03:43.0795 0x15a4 FileInfo - ok
12:03:43.0815 0x15a4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:03:43.0865 0x15a4 Filetrace - ok
12:03:43.0885 0x15a4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:03:43.0915 0x15a4 flpydisk - ok
12:03:43.0965 0x15a4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:03:44.0015 0x15a4 FltMgr - ok
12:03:44.0095 0x15a4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:03:44.0175 0x15a4 FontCache - ok
12:03:44.0255 0x15a4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:03:44.0285 0x15a4 FontCache3.0.0.0 - ok
12:03:44.0315 0x15a4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:03:44.0355 0x15a4 FsDepends - ok
12:03:44.0395 0x15a4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:03:44.0435 0x15a4 Fs_Rec - ok
12:03:44.0495 0x15a4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:03:44.0535 0x15a4 fvevol - ok
12:03:44.0555 0x15a4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:03:44.0585 0x15a4 gagp30kx - ok
12:03:44.0665 0x15a4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:03:44.0765 0x15a4 gpsvc - ok
12:03:44.0815 0x15a4 [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
12:03:44.0855 0x15a4 GREGService - ok
12:03:44.0865 0x15a4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:03:44.0905 0x15a4 hcw85cir - ok
12:03:44.0965 0x15a4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:03:45.0015 0x15a4 HdAudAddService - ok
12:03:45.0055 0x15a4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:03:45.0105 0x15a4 HDAudBus - ok
12:03:45.0125 0x15a4 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:03:45.0155 0x15a4 HECIx64 - ok
12:03:45.0185 0x15a4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:03:45.0215 0x15a4 HidBatt - ok
12:03:45.0235 0x15a4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:03:45.0275 0x15a4 HidBth - ok
12:03:45.0315 0x15a4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:03:45.0355 0x15a4 HidIr - ok
12:03:45.0385 0x15a4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:03:45.0465 0x15a4 hidserv - ok
12:03:45.0485 0x15a4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
12:03:45.0515 0x15a4 HidUsb - ok
12:03:45.0555 0x15a4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:03:45.0605 0x15a4 hkmsvc - ok
12:03:45.0665 0x15a4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:03:45.0735 0x15a4 HomeGroupListener - ok
12:03:45.0795 0x15a4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:03:45.0855 0x15a4 HomeGroupProvider - ok
12:03:45.0875 0x15a4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:03:45.0905 0x15a4 HpSAMD - ok
12:03:45.0995 0x15a4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:03:46.0105 0x15a4 HTTP - ok
12:03:46.0165 0x15a4 [ 4B5C07DB91A0099272FAAE732E1152BD, E0408F85A2E1E310F5143A01A34456F120875D21E0E9D0A9F9EBC96514CFC47C ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
12:03:46.0225 0x15a4 hwdatacard - ok
12:03:46.0245 0x15a4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:03:46.0275 0x15a4 hwpolicy - ok
12:03:46.0325 0x15a4 [ 9C13A2691AC410CC7469F298684DCA5D, 2B07FE759B479A36AB4DE185AF8B4295396A1F8674587721BE7C92FC31ADFF0D ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
12:03:46.0375 0x15a4 hwusbfake - ok
12:03:46.0415 0x15a4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:03:46.0455 0x15a4 i8042prt - ok
12:03:46.0505 0x15a4 [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:03:46.0555 0x15a4 iaStor - ok
12:03:46.0625 0x15a4 [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:03:46.0665 0x15a4 IAStorDataMgrSvc - ok
12:03:46.0735 0x15a4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:03:46.0795 0x15a4 iaStorV - ok
12:03:46.0905 0x15a4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:03:46.0995 0x15a4 idsvc - ok
12:03:47.0005 0x15a4 IEEtwCollectorService - ok
12:03:47.0341 0x15a4 [ 2A22AB054F4630D2EF4BAB2853F6D5F6, 9CD7A5FFB7E25B51E9D311531EE5EC20CEAC356C7A27D52B61DA810DB412437B ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:03:47.0763 0x15a4 igfx - ok
12:03:47.0794 0x15a4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:03:47.0809 0x15a4 iirsp - ok
12:03:47.0934 0x15a4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:03:48.0012 0x15a4 IKEEXT - ok
12:03:48.0059 0x15a4 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
12:03:48.0121 0x15a4 Impcd - ok
12:03:48.0262 0x15a4 [ CB5FD9B681AD43B560490B5283DDC1C1, 359F4ACE7BE0FD6BF710AD1EEA48ED3F9E4A97A2B8318EC5616E34449D0C774F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:03:48.0355 0x15a4 IntcAzAudAddService - ok
12:03:48.0433 0x15a4 [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:03:48.0496 0x15a4 IntcDAud - ok
12:03:48.0511 0x15a4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:03:48.0543 0x15a4 intelide - ok
12:03:48.0574 0x15a4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:03:48.0605 0x15a4 intelppm - ok
12:03:48.0636 0x15a4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:03:48.0714 0x15a4 IPBusEnum - ok
12:03:48.0745 0x15a4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:03:48.0808 0x15a4 IpFilterDriver - ok
12:03:48.0901 0x15a4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:03:48.0979 0x15a4 iphlpsvc - ok
12:03:49.0011 0x15a4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:03:49.0073 0x15a4 IPMIDRV - ok
12:03:49.0089 0x15a4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:03:49.0167 0x15a4 IPNAT - ok
12:03:49.0198 0x15a4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:03:49.0229 0x15a4 IRENUM - ok
12:03:49.0245 0x15a4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:03:49.0276 0x15a4 isapnp - ok
12:03:49.0307 0x15a4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:03:49.0338 0x15a4 iScsiPrt - ok
12:03:49.0369 0x15a4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:03:49.0385 0x15a4 kbdclass - ok
12:03:49.0432 0x15a4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:03:49.0479 0x15a4 kbdhid - ok
12:03:49.0494 0x15a4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
12:03:49.0525 0x15a4 KeyIso - ok
12:03:49.0572 0x15a4 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:03:49.0588 0x15a4 KSecDD - ok
12:03:49.0635 0x15a4 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:03:49.0666 0x15a4 KSecPkg - ok
12:03:49.0697 0x15a4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:03:49.0744 0x15a4 ksthunk - ok
12:03:49.0806 0x15a4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:03:49.0900 0x15a4 KtmRm - ok
12:03:49.0947 0x15a4 [ A4A9CA24E54E81C6C3E469EAEB4B3F42, FB6B72BF973EC2EE2D81AAAF47B030C0A5E7E7B079DAB257C52FEFC3F222CDC8 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
12:03:49.0978 0x15a4 L1C - ok
12:03:50.0040 0x15a4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:03:50.0118 0x15a4 LanmanServer - ok
12:03:50.0181 0x15a4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:03:50.0274 0x15a4 LanmanWorkstation - ok
12:03:50.0305 0x15a4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:03:50.0352 0x15a4 lltdio - ok
12:03:50.0399 0x15a4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:03:50.0493 0x15a4 lltdsvc - ok
12:03:50.0524 0x15a4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:03:50.0633 0x15a4 lmhosts - ok
12:03:50.0711 0x15a4 [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:03:50.0773 0x15a4 LMS - detected UnsignedFile.Multi.Generic ( 1 )
12:03:53.0659 0x15a4 Detect skipped due to KSN trusted
12:03:53.0659 0x15a4 LMS - ok
12:03:53.0706 0x15a4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:03:53.0769 0x15a4 LSI_FC - ok
12:03:53.0784 0x15a4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:03:53.0831 0x15a4 LSI_SAS - ok
12:03:53.0847 0x15a4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:03:53.0878 0x15a4 LSI_SAS2 - ok
12:03:53.0893 0x15a4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:03:53.0925 0x15a4 LSI_SCSI - ok
12:03:53.0940 0x15a4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:03:54.0003 0x15a4 luafv - ok
12:03:54.0034 0x15a4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:03:54.0096 0x15a4 Mcx2Svc - ok
12:03:54.0112 0x15a4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:03:54.0159 0x15a4 megasas - ok
12:03:54.0190 0x15a4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:03:54.0237 0x15a4 MegaSR - ok
12:03:54.0252 0x15a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:03:54.0299 0x15a4 MMCSS - ok
12:03:54.0315 0x15a4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:03:54.0361 0x15a4 Modem - ok
12:03:54.0393 0x15a4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:03:54.0424 0x15a4 monitor - ok
12:03:54.0455 0x15a4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
12:03:54.0471 0x15a4 mouclass - ok
12:03:54.0486 0x15a4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:03:54.0517 0x15a4 mouhid - ok
12:03:54.0549 0x15a4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:03:54.0595 0x15a4 mountmgr - ok
12:03:54.0673 0x15a4 [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:03:54.0720 0x15a4 MozillaMaintenance - ok
12:03:54.0767 0x15a4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:03:54.0814 0x15a4 mpio - ok
12:03:54.0845 0x15a4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:03:54.0907 0x15a4 mpsdrv - ok
12:03:55.0001 0x15a4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:03:55.0095 0x15a4 MpsSvc - ok
12:03:55.0141 0x15a4 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:03:55.0188 0x15a4 MRxDAV - ok
12:03:55.0235 0x15a4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:03:55.0282 0x15a4 mrxsmb - ok
12:03:55.0329 0x15a4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:03:55.0375 0x15a4 mrxsmb10 - ok
12:03:55.0391 0x15a4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:03:55.0438 0x15a4 mrxsmb20 - ok
12:03:55.0485 0x15a4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:03:55.0516 0x15a4 msahci - ok
12:03:55.0547 0x15a4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:03:55.0563 0x15a4 msdsm - ok
12:03:55.0609 0x15a4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:03:55.0672 0x15a4 MSDTC - ok
12:03:55.0703 0x15a4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:03:55.0765 0x15a4 Msfs - ok
12:03:55.0797 0x15a4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:03:55.0843 0x15a4 mshidkmdf - ok
12:03:55.0890 0x15a4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:03:55.0937 0x15a4 msisadrv - ok
12:03:55.0968 0x15a4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:03:56.0062 0x15a4 MSiSCSI - ok
12:03:56.0062 0x15a4 msiserver - ok
12:03:56.0093 0x15a4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:03:56.0140 0x15a4 MSKSSRV - ok
12:03:56.0155 0x15a4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:03:56.0202 0x15a4 MSPCLOCK - ok
12:03:56.0218 0x15a4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:03:56.0265 0x15a4 MSPQM - ok
12:03:56.0327 0x15a4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:03:56.0389 0x15a4 MsRPC - ok
12:03:56.0405 0x15a4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:03:56.0436 0x15a4 mssmbios - ok
12:03:56.0452 0x15a4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:03:56.0530 0x15a4 MSTEE - ok
12:03:56.0530 0x15a4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:03:56.0561 0x15a4 MTConfig - ok
12:03:56.0592 0x15a4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:03:56.0608 0x15a4 Mup - ok
12:03:56.0639 0x15a4 [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
12:03:56.0655 0x15a4 mwlPSDFilter - ok
12:03:56.0670 0x15a4 [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
12:03:56.0686 0x15a4 mwlPSDNServ - ok
12:03:56.0701 0x15a4 [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
12:03:56.0733 0x15a4 mwlPSDVDisk - ok
12:03:56.0795 0x15a4 [ 3E5E20817259F7328C8F3BE5421F35B9, 9BF20E1CE75647BF5654AD603BD7D17E36CC0AD15EEAFF4FACE637D235C34190 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
12:03:56.0873 0x15a4 MWLService - ok
12:03:56.0935 0x15a4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:03:57.0029 0x15a4 napagent - ok
12:03:57.0076 0x15a4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:03:57.0123 0x15a4 NativeWifiP - ok
12:03:57.0216 0x15a4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:03:57.0294 0x15a4 NDIS - ok
12:03:57.0310 0x15a4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:03:57.0372 0x15a4 NdisCap - ok
12:03:57.0372 0x15a4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:03:57.0419 0x15a4 NdisTapi - ok
12:03:57.0466 0x15a4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:03:57.0559 0x15a4 Ndisuio - ok
12:03:57.0606 0x15a4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:03:57.0653 0x15a4 NdisWan - ok
12:03:57.0700 0x15a4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:03:57.0809 0x15a4 NDProxy - ok
12:03:57.0825 0x15a4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:03:57.0903 0x15a4 NetBIOS - ok
12:03:57.0934 0x15a4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:03:57.0996 0x15a4 NetBT - ok
12:03:57.0996 0x15a4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
12:03:58.0027 0x15a4 Netlogon - ok
12:03:58.0090 0x15a4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:03:58.0183 0x15a4 Netman - ok
12:03:58.0230 0x15a4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:03:58.0293 0x15a4 NetMsmqActivator - ok
12:03:58.0324 0x15a4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:03:58.0371 0x15a4 NetPipeActivator - ok
12:03:58.0417 0x15a4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:03:58.0495 0x15a4 netprofm - ok
12:03:58.0511 0x15a4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:03:58.0542 0x15a4 NetTcpActivator - ok
12:03:58.0558 0x15a4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:03:58.0589 0x15a4 NetTcpPortSharing - ok
12:03:58.0605 0x15a4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:03:58.0620 0x15a4 nfrd960 - ok
12:03:58.0667 0x15a4 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:03:58.0698 0x15a4 NlaSvc - ok
12:03:58.0714 0x15a4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:03:58.0761 0x15a4 Npfs - ok
12:03:58.0776 0x15a4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:03:58.0823 0x15a4 nsi - ok
12:03:58.0839 0x15a4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:03:58.0885 0x15a4 nsiproxy - ok
12:03:59.0010 0x15a4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:03:59.0135 0x15a4 Ntfs - ok
12:03:59.0197 0x15a4 [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
12:03:59.0244 0x15a4 NTI IScheduleSvc - ok
12:03:59.0275 0x15a4 [ 28C59F594044CBF8598B18C927097091, 7B7633A9BCB1E0A3F89DD697C296D77955907DCF239B4B9D155AD7B90F2A1E7A ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
12:03:59.0307 0x15a4 NTIBackupSvc - ok
12:03:59.0353 0x15a4 [ 710263B44C1D1AEE07525A53401FBE48, 9E30D956099F42A7F8125664E671AEE49A6EDE0C2B717EC9B4488556A386FA21 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
12:03:59.0400 0x15a4 NTIDrvr - ok
12:03:59.0447 0x15a4 [ B8D903B2894FF9AFBD99CA51C35590D7, AAC96724781EC5A715CEF85C65D4AE15283522D3F19020FC456BA0F73BAA22F9 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
12:03:59.0509 0x15a4 NTISchedulerSvc - ok
12:03:59.0541 0x15a4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:03:59.0619 0x15a4 Null - ok
12:03:59.0681 0x15a4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:03:59.0743 0x15a4 nvraid - ok
12:03:59.0806 0x15a4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:03:59.0884 0x15a4 nvstor - ok
12:03:59.0962 0x15a4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:04:00.0024 0x15a4 nv_agp - ok
12:04:00.0133 0x15a4 [ BA7DAC1B8A86D9402C3E04E1FCAA600D, 20DB46EA6D7FA2AEEDCF6D88E6E07D75219E14AFFD60D76D0A066429B34F7033 ] ODDPwrSvc C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
12:04:00.0180 0x15a4 ODDPwrSvc - ok
12:04:00.0227 0x15a4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:04:00.0258 0x15a4 ohci1394 - ok
12:04:00.0336 0x15a4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:04:00.0383 0x15a4 ose - ok
12:04:00.0617 0x15a4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:04:00.0789 0x15a4 osppsvc - ok
12:04:00.0867 0x15a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:04:00.0929 0x15a4 p2pimsvc - ok
12:04:00.0976 0x15a4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:04:01.0007 0x15a4 p2psvc - ok
12:04:01.0038 0x15a4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:04:01.0085 0x15a4 Parport - ok
12:04:01.0116 0x15a4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:04:01.0163 0x15a4 partmgr - ok
12:04:01.0194 0x15a4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
12:04:01.0257 0x15a4 PcaSvc - ok
12:04:01.0272 0x15a4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:04:01.0319 0x15a4 pci - ok
12:04:01.0350 0x15a4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:04:01.0397 0x15a4 pciide - ok
12:04:01.0428 0x15a4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:04:01.0506 0x15a4 pcmcia - ok
12:04:01.0522 0x15a4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:04:01.0553 0x15a4 pcw - ok
12:04:01.0584 0x15a4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:04:01.0662 0x15a4 PEAUTH - ok
12:04:01.0756 0x15a4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:04:01.0818 0x15a4 PerfHost - ok
12:04:01.0943 0x15a4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:04:02.0099 0x15a4 pla - ok
12:04:02.0224 0x15a4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:04:02.0302 0x15a4 PlugPlay - ok
12:04:02.0317 0x15a4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:04:02.0364 0x15a4 PNRPAutoReg - ok
12:04:02.0395 0x15a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:04:02.0458 0x15a4 PNRPsvc - ok
12:04:02.0520 0x15a4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:04:02.0583 0x15a4 PolicyAgent - ok
12:04:02.0629 0x15a4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:04:02.0723 0x15a4 Power - ok
12:04:02.0770 0x15a4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:04:02.0832 0x15a4 PptpMiniport - ok
12:04:02.0848 0x15a4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:04:02.0863 0x15a4 Processor - ok
12:04:02.0926 0x15a4 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:04:02.0957 0x15a4 ProfSvc - ok
12:04:03.0004 0x15a4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:04:03.0051 0x15a4 ProtectedStorage - ok
12:04:03.0129 0x15a4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:04:03.0238 0x15a4 Psched - ok
12:04:03.0347 0x15a4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:04:03.0425 0x15a4 ql2300 - ok
12:04:03.0441 0x15a4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:04:03.0472 0x15a4 ql40xx - ok
12:04:03.0503 0x15a4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:04:03.0550 0x15a4 QWAVE - ok
12:04:03.0565 0x15a4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:04:03.0597 0x15a4 QWAVEdrv - ok
12:04:03.0612 0x15a4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:04:03.0659 0x15a4 RasAcd - ok
12:04:03.0690 0x15a4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:04:03.0737 0x15a4 RasAgileVpn - ok
12:04:03.0753 0x15a4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:04:03.0815 0x15a4 RasAuto - ok
12:04:03.0846 0x15a4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:04:03.0940 0x15a4 Rasl2tp - ok
12:04:03.0971 0x15a4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:04:04.0033 0x15a4 RasMan - ok
12:04:04.0049 0x15a4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:04:04.0096 0x15a4 RasPppoe - ok
12:04:04.0127 0x15a4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:04:04.0174 0x15a4 RasSstp - ok
12:04:04.0236 0x15a4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:04:04.0330 0x15a4 rdbss - ok
12:04:04.0345 0x15a4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:04:04.0361 0x15a4 rdpbus - ok
12:04:04.0377 0x15a4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:04:04.0423 0x15a4 RDPCDD - ok
12:04:04.0455 0x15a4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:04:04.0548 0x15a4 RDPENCDD - ok
12:04:04.0564 0x15a4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:04:04.0611 0x15a4 RDPREFMP - ok
12:04:04.0642 0x15a4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:04:04.0673 0x15a4 RDPWD - ok
12:04:04.0720 0x15a4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:04:04.0751 0x15a4 rdyboost - ok
12:04:04.0782 0x15a4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:04:04.0829 0x15a4 RemoteAccess - ok
12:04:04.0845 0x15a4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:04:04.0907 0x15a4 RemoteRegistry - ok
12:04:04.0938 0x15a4 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:04:05.0016 0x15a4 RFCOMM - ok
12:04:05.0079 0x15a4 [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
12:04:05.0125 0x15a4 RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
12:04:08.0027 0x15a4 Detect skipped due to KSN trusted
12:04:08.0027 0x15a4 RichVideo - ok
12:04:08.0058 0x15a4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:04:08.0152 0x15a4 RpcEptMapper - ok
12:04:08.0183 0x15a4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:04:08.0214 0x15a4 RpcLocator - ok
12:04:08.0277 0x15a4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:04:08.0370 0x15a4 RpcSs - ok
12:04:08.0386 0x15a4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:04:08.0448 0x15a4 rspndr - ok
12:04:08.0511 0x15a4 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A, A6810A901620119E1809297A568DC903729471F4F4F813F1C60378E122D2358E ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
12:04:08.0557 0x15a4 RS_Service - ok
12:04:08.0573 0x15a4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
12:04:08.0604 0x15a4 SamSs - ok
12:04:08.0667 0x15a4 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:04:08.0698 0x15a4 SASDIFSV - ok
12:04:08.0729 0x15a4 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:04:08.0760 0x15a4 SASKUTIL - ok
12:04:08.0807 0x15a4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:04:08.0838 0x15a4 sbp2port - ok
12:04:08.0885 0x15a4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:04:08.0932 0x15a4 SCardSvr - ok
12:04:08.0979 0x15a4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:04:09.0057 0x15a4 scfilter - ok
12:04:09.0150 0x15a4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:04:09.0275 0x15a4 Schedule - ok
12:04:09.0306 0x15a4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:04:09.0400 0x15a4 SCPolicySvc - ok
12:04:09.0462 0x15a4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:04:09.0509 0x15a4 SDRSVC - ok
12:04:09.0712 0x15a4 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
12:04:09.0805 0x15a4 SDScannerService - ok
12:04:09.0961 0x15a4 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:04:10.0102 0x15a4 SDUpdateService - ok
12:04:10.0149 0x15a4 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:04:10.0211 0x15a4 SDWSCService - ok
12:04:10.0273 0x15a4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:04:10.0351 0x15a4 secdrv - ok
12:04:10.0383 0x15a4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:04:10.0445 0x15a4 seclogon - ok
12:04:10.0461 0x15a4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:04:10.0507 0x15a4 SENS - ok
12:04:10.0539 0x15a4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:04:10.0585 0x15a4 SensrSvc - ok
12:04:10.0617 0x15a4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:04:10.0663 0x15a4 Serenum - ok
12:04:10.0679 0x15a4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:04:10.0726 0x15a4 Serial - ok
12:04:10.0773 0x15a4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:04:10.0819 0x15a4 sermouse - ok
12:04:10.0866 0x15a4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:04:10.0929 0x15a4 SessionEnv - ok
12:04:11.0053 0x15a4 settings - ok
12:04:11.0085 0x15a4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:04:11.0131 0x15a4 sffdisk - ok
12:04:11.0178 0x15a4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:04:11.0225 0x15a4 sffp_mmc - ok
12:04:11.0256 0x15a4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:04:11.0287 0x15a4 sffp_sd - ok
12:04:11.0303 0x15a4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:04:11.0334 0x15a4 sfloppy - ok
12:04:11.0381 0x15a4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:04:11.0443 0x15a4 SharedAccess - ok
12:04:11.0506 0x15a4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:04:11.0599 0x15a4 ShellHWDetection - ok
12:04:11.0615 0x15a4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:04:11.0646 0x15a4 SiSRaid2 - ok
12:04:11.0662 0x15a4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:04:11.0677 0x15a4 SiSRaid4 - ok
12:04:11.0755 0x15a4 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:04:11.0818 0x15a4 SkypeUpdate - ok
12:04:11.0849 0x15a4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:04:11.0943 0x15a4 Smb - ok
12:04:11.0989 0x15a4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:04:12.0036 0x15a4 SNMPTRAP - ok
12:04:12.0052 0x15a4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:04:12.0067 0x15a4 spldr - ok
12:04:12.0145 0x15a4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:04:12.0208 0x15a4 Spooler - ok
12:04:12.0379 0x15a4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:04:12.0567 0x15a4 sppsvc - ok
12:04:12.0598 0x15a4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:04:12.0660 0x15a4 sppuinotify - ok
12:04:12.0691 0x15a4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:04:12.0738 0x15a4 srv - ok
12:04:12.0769 0x15a4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:04:12.0816 0x15a4 srv2 - ok
12:04:12.0832 0x15a4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:04:12.0863 0x15a4 srvnet - ok
12:04:12.0894 0x15a4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:04:12.0941 0x15a4 SSDPSRV - ok
12:04:12.0972 0x15a4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:04:13.0019 0x15a4 SstpSvc - ok
12:04:13.0035 0x15a4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:04:13.0050 0x15a4 stexstor - ok
12:04:13.0128 0x15a4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:04:13.0191 0x15a4 stisvc - ok
12:04:13.0222 0x15a4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
12:04:13.0237 0x15a4 swenum - ok
12:04:13.0284 0x15a4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:04:13.0347 0x15a4 swprv - ok
12:04:13.0409 0x15a4 [ CE9B5A79AEE330BC7E88C0441E5727BB, 315A6803DCAD670BDC30C74CC1040D73DA9B617C32F5B42FB09ABD549FCA4AE0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:04:13.0456 0x15a4 SynTP - ok
12:04:13.0581 0x15a4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:04:13.0705 0x15a4 SysMain - ok
12:04:13.0737 0x15a4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:04:13.0815 0x15a4 TabletInputService - ok
12:04:13.0861 0x15a4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:04:13.0939 0x15a4 TapiSrv - ok
12:04:13.0971 0x15a4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:04:14.0017 0x15a4 TBS - ok
12:04:14.0158 0x15a4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:04:14.0236 0x15a4 Tcpip - ok
12:04:14.0361 0x15a4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:04:14.0485 0x15a4 TCPIP6 - ok
12:04:14.0563 0x15a4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:04:14.0626 0x15a4 tcpipreg - ok
12:04:14.0641 0x15a4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:04:14.0673 0x15a4 TDPIPE - ok
12:04:14.0719 0x15a4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:04:14.0766 0x15a4 TDTCP - ok
12:04:14.0813 0x15a4 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:04:14.0875 0x15a4 tdx - ok
12:04:14.0891 0x15a4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
12:04:14.0922 0x15a4 TermDD - ok
12:04:15.0000 0x15a4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:04:15.0078 0x15a4 TermService - ok
12:04:15.0094 0x15a4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:04:15.0125 0x15a4 Themes - ok
12:04:15.0156 0x15a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:04:15.0203 0x15a4 THREADORDER - ok
12:04:15.0468 0x15a4 [ 506B0B498216371D64ABB69145B70E4C, 94FE0E8A61C506FBA45D14571A14DC259E1D52778CEF8366CE8CBDCD871E28DB ] tor C:\Program Files (x86)\Tor\tor.exe
12:04:15.0609 0x15a4 tor - detected UnsignedFile.Multi.Generic ( 1 )
12:04:18.0495 0x15a4 Detect skipped due to KSN trusted
12:04:18.0495 0x15a4 tor - ok
12:04:18.0541 0x15a4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:04:18.0619 0x15a4 TrkWks - ok
12:04:18.0682 0x15a4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:04:18.0775 0x15a4 TrustedInstaller - ok
12:04:18.0822 0x15a4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:04:18.0838 0x15a4 tssecsrv - ok
12:04:18.0885 0x15a4 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:04:18.0931 0x15a4 TsUsbFlt - ok
12:04:19.0009 0x15a4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:04:19.0087 0x15a4 tunnel - ok
12:04:19.0119 0x15a4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:04:19.0150 0x15a4 uagp35 - ok
12:04:19.0165 0x15a4 [ 40079B0B801C5432BA435B5AD61CE6E3, 709EFA377470234DE21B03AB50A70C9E9DA8F3D22F026D80340EC69C21595892 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
12:04:19.0197 0x15a4 UBHelper - ok
12:04:19.0243 0x15a4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:04:19.0337 0x15a4 udfs - ok
12:04:19.0353 0x15a4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:04:19.0399 0x15a4 UI0Detect - ok
12:04:19.0431 0x15a4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:04:19.0462 0x15a4 uliagpkx - ok
12:04:19.0493 0x15a4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
12:04:19.0524 0x15a4 umbus - ok
12:04:19.0555 0x15a4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:04:19.0587 0x15a4 UmPass - ok
12:04:19.0789 0x15a4 [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:04:19.0914 0x15a4 UNS - detected UnsignedFile.Multi.Generic ( 1 )
12:04:22.0785 0x15a4 Detect skipped due to KSN trusted
12:04:22.0785 0x15a4 UNS - ok
12:04:22.0847 0x15a4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:04:22.0941 0x15a4 upnphost - ok
12:04:22.0987 0x15a4 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:04:23.0034 0x15a4 usbaudio - ok
12:04:23.0065 0x15a4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:04:23.0112 0x15a4 usbccgp - ok
12:04:23.0143 0x15a4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:04:23.0206 0x15a4 usbcir - ok
12:04:23.0253 0x15a4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:04:23.0299 0x15a4 usbehci - ok
12:04:23.0315 0x15a4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:04:23.0362 0x15a4 usbhub - ok
12:04:23.0393 0x15a4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:04:23.0409 0x15a4 usbohci - ok
12:04:23.0424 0x15a4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:04:23.0455 0x15a4 usbprint - ok
12:04:23.0487 0x15a4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:04:23.0518 0x15a4 usbscan - ok
12:04:23.0533 0x15a4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
12:04:23.0565 0x15a4 USBSTOR - ok
12:04:23.0580 0x15a4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:04:23.0611 0x15a4 usbuhci - ok
12:04:23.0658 0x15a4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:04:23.0705 0x15a4 usbvideo - ok
12:04:23.0736 0x15a4 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
12:04:23.0752 0x15a4 usb_rndisx - ok
12:04:23.0783 0x15a4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:04:23.0845 0x15a4 UxSms - ok
12:04:23.0861 0x15a4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
12:04:23.0892 0x15a4 VaultSvc - ok
12:04:24.0001 0x15a4 [ 1352B215BDC5807A5641E7C143796DD7, B54F95307253BB81E4CEE4F2033782210652364DE6A1E833B27ECE7E04A2BD51 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
12:04:24.0048 0x15a4 VBoxAswDrv - ok
12:04:24.0064 0x15a4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:04:24.0095 0x15a4 vdrvroot - ok
12:04:24.0157 0x15a4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:04:24.0282 0x15a4 vds - ok
12:04:24.0298 0x15a4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:04:24.0329 0x15a4 vga - ok
12:04:24.0345 0x15a4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:04:24.0391 0x15a4 VgaSave - ok
12:04:24.0454 0x15a4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:04:24.0516 0x15a4 vhdmp - ok
12:04:24.0547 0x15a4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:04:24.0579 0x15a4 viaide - ok
12:04:24.0688 0x15a4 [ 1B0D441D8AB264D39C2B09130CC28045, 15589A3A30B05AAD35152289AAF42CB792198FD15B55D6A7D5E4C1CE58459680 ] VMCService C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
12:04:24.0719 0x15a4 VMCService - detected UnsignedFile.Multi.Generic ( 1 )
12:04:27.0605 0x15a4 Detect skipped due to KSN trusted
12:04:27.0605 0x15a4 VMCService - ok
12:04:27.0636 0x15a4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:04:27.0683 0x15a4 volmgr - ok
12:04:27.0745 0x15a4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:04:27.0777 0x15a4 volmgrx - ok
12:04:27.0808 0x15a4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:04:27.0839 0x15a4 volsnap - ok
12:04:27.0870 0x15a4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:04:27.0901 0x15a4 vsmraid - ok
12:04:28.0026 0x15a4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:04:28.0182 0x15a4 VSS - ok
12:04:28.0245 0x15a4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:04:28.0291 0x15a4 vwifibus - ok
12:04:28.0323 0x15a4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:04:28.0369 0x15a4 vwififlt - ok
12:04:28.0416 0x15a4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:04:28.0510 0x15a4 W32Time - ok
12:04:28.0541 0x15a4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:04:28.0557 0x15a4 WacomPen - ok
12:04:28.0603 0x15a4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:04:28.0650 0x15a4 WANARP - ok
12:04:28.0666 0x15a4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:04:28.0713 0x15a4 Wanarpv6 - ok
12:04:28.0822 0x15a4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:04:28.0931 0x15a4 wbengine - ok
12:04:28.0947 0x15a4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:04:28.0978 0x15a4 WbioSrvc - ok
12:04:29.0025 0x15a4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:04:29.0071 0x15a4 wcncsvc - ok
12:04:29.0087 0x15a4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:04:29.0118 0x15a4 WcsPlugInService - ok
12:04:29.0134 0x15a4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:04:29.0149 0x15a4 Wd - ok
12:04:29.0227 0x15a4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:04:29.0290 0x15a4 Wdf01000 - ok
12:04:29.0305 0x15a4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:04:29.0337 0x15a4 WdiServiceHost - ok
12:04:29.0352 0x15a4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:04:29.0383 0x15a4 WdiSystemHost - ok
12:04:29.0446 0x15a4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:04:29.0508 0x15a4 WebClient - ok
12:04:29.0524 0x15a4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:04:29.0602 0x15a4 Wecsvc - ok
12:04:29.0649 0x15a4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:04:29.0727 0x15a4 wercplsupport - ok
12:04:29.0773 0x15a4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:04:29.0836 0x15a4 WerSvc - ok
12:04:29.0851 0x15a4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:04:29.0898 0x15a4 WfpLwf - ok
12:04:29.0929 0x15a4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:04:29.0945 0x15a4 WIMMount - ok
12:04:29.0961 0x15a4 WinDefend - ok
12:04:29.0976 0x15a4 WinHttpAutoProxySvc - ok
12:04:30.0070 0x15a4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:04:30.0195 0x15a4 Winmgmt - ok
12:04:30.0304 0x15a4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
12:04:30.0429 0x15a4 WinRM - ok
12:04:30.0491 0x15a4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:04:30.0538 0x15a4 WinUsb - ok
12:04:30.0600 0x15a4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:04:30.0678 0x15a4 Wlansvc - ok
12:04:30.0741 0x15a4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:04:30.0787 0x15a4 WmiAcpi - ok
12:04:30.0834 0x15a4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:04:30.0912 0x15a4 wmiApSrv - ok
12:04:30.0928 0x15a4 WMPNetworkSvc - ok
12:04:30.0928 0x15a4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:04:30.0975 0x15a4 WPCSvc - ok
12:04:31.0021 0x15a4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:04:31.0068 0x15a4 WPDBusEnum - ok
12:04:31.0084 0x15a4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:04:31.0146 0x15a4 ws2ifsl - ok
12:04:31.0162 0x15a4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:04:31.0209 0x15a4 wscsvc - ok
12:04:31.0209 0x15a4 WSearch - ok
12:04:31.0365 0x15a4 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
12:04:31.0489 0x15a4 wuauserv - ok
12:04:31.0583 0x15a4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:04:31.0645 0x15a4 WudfPf - ok
12:04:31.0692 0x15a4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:04:31.0739 0x15a4 WUDFRd - ok
12:04:31.0786 0x15a4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:04:31.0833 0x15a4 wudfsvc - ok
12:04:31.0879 0x15a4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:04:31.0957 0x15a4 WwanSvc - ok
12:04:32.0004 0x15a4 ================ Scan global ===============================
12:04:32.0020 0x15a4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:04:32.0082 0x15a4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:04:32.0113 0x15a4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:04:32.0160 0x15a4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:04:32.0207 0x15a4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:04:32.0223 0x15a4 [ Global ] - ok
12:04:32.0223 0x15a4 ================ Scan MBR ==================================
12:04:32.0238 0x15a4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:04:32.0659 0x15a4 \Device\Harddisk0\DR0 - ok
12:04:32.0659 0x15a4 ================ Scan VBR ==================================
12:04:32.0675 0x15a4 [ 484B90EF01A50CE9D8BEFFB4B26BD896 ] \Device\Harddisk0\DR0\Partition1
12:04:32.0722 0x15a4 \Device\Harddisk0\DR0\Partition1 - ok
12:04:32.0737 0x15a4 [ DFAD496DF6C758342F14DE358F14DC01 ] \Device\Harddisk0\DR0\Partition2
12:04:32.0769 0x15a4 \Device\Harddisk0\DR0\Partition2 - ok
12:04:32.0769 0x15a4 ================ Scan generic autorun ======================
12:04:33.0190 0x15a4 [ 63C3AED5744F0BB8884413D19BFDB99A, 84DDF092DDAF6109D6185E86165CE60CD43A03F4B3C2ECAA7B109F17BED43BDB ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:04:33.0549 0x15a4 RtHDVCpl - ok
12:04:33.0689 0x15a4 [ 6F8BE1586785892C50D664BEDD906AF2, F9B7CC3DA226D107AB8CF9E6C73871B88B082763DE3EA01B6FE9A60C233BC01B ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
12:04:33.0783 0x15a4 RtHDVBg - ok
12:04:33.0861 0x15a4 [ 2C2C3D428E6581CF56A80416AA327425, F4C57B5C2233707B21444C9EB516CD00B07F13B610730ADC0C85E626180D567A ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
12:04:33.0907 0x15a4 AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
12:04:36.0778 0x15a4 Detect skipped due to KSN trusted
12:04:36.0778 0x15a4 AmIcoSinglun64 - ok
12:04:36.0856 0x15a4 [ A5F30B7295A8D0CE87FDE15FCF9646E1, ECF3B268BB74CFFCC3CEEF4A396D2D9F43561B4AEC70085A0637BE2B44401298 ] C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe
12:04:36.0903 0x15a4 ODDPwr - ok
12:04:36.0949 0x15a4 [ 0D6972A795995F07B6D78CA7724744FB, AA5E21F2957CCA7FBB0A2D006054E43BE4992BDEBAAC26A217C741FF36276B1B ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
12:04:36.0981 0x15a4 mwlDaemon - ok
12:04:37.0012 0x15a4 [ 2EC361CC83F0B718DA834A1CF3571F38, CD456DBEDD9A7FE75862A8289CBDD4663263E9F728BFAE6E0492E286BB441AFB ] C:\Windows\system32\igfxtray.exe
12:04:37.0043 0x15a4 IgfxTray - ok
12:04:37.0059 0x15a4 [ 48708AA53EE3A697E0B7E429F8A09663, 1A1F6E86BA8033D6A43E1EEAA9104C5C1F20BFA089AE86212B341EBCAC4859B7 ] C:\Windows\system32\hkcmd.exe
12:04:37.0090 0x15a4 HotKeysCmds - ok
12:04:37.0105 0x15a4 [ 0B8DF7C18D4CC7B3D14CE9C3411038AB, 2922BCF795123758CD1999FC3B739EE1AEA09FED10A817E8BA94CE418BDE2CB6 ] C:\Windows\system32\igfxpers.exe
12:04:37.0137 0x15a4 Persistence - ok
12:04:37.0152 0x15a4 SynTPEnh - ok
12:04:37.0246 0x15a4 [ 147B96A5AEA8CEF3A34D8E378EAAA9B2, AC60E8184AC0DF277C26617AAD06F13A315B459AE47D9093161FB3DD652195B1 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
12:04:37.0308 0x15a4 Acer ePower Management - ok
12:04:37.0324 0x15a4 [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
12:04:37.0355 0x15a4 IAStorIcon - ok
12:04:37.0402 0x15a4 [ AF7DE2922E01EFA48BF5F2A8511CF896, C0488146EC4600DBD9BF35C3C2DAE38714A4AEBB5341539237CAD1B3BBED3051 ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
12:04:37.0417 0x15a4 SuiteTray - ok
12:04:37.0449 0x15a4 [ F255E48EA981E943A14CF16269F3F3AF, DDA7829AE5D4E2EC0CB11581F4CB3AA70366021BFB70B678A54D050F2EEC0F4B ] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
12:04:37.0464 0x15a4 EgisUpdate - ok
12:04:37.0495 0x15a4 [ 0ADF079D36B2C25E6E9BECE1BD937ACE, E90188F60B942A9A7586E39DDE3871B1ED9D5F4D32AB70297CBE69B465609BEE ] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
12:04:37.0527 0x15a4 EgisTecPMMUpdate - ok
12:04:37.0573 0x15a4 [ 94F80155B91B8DF7A0EAD527C853D377, 3E35B686DB526592F2ABF4B3E6EAACE1E784A5552C1CE074E85661388E66C153 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
12:04:37.0620 0x15a4 BackupManagerTray - ok
12:04:37.0729 0x15a4 [ 38218E47372B77DDB3C9DDD4390CB960, C665FCFE08A4C1F9C3FBA73A220AAB7344C2BF203B62FAB76EF1F659A78F007C ] C:\Program Files (x86)\Launch Manager\LManager.exe
12:04:37.0792 0x15a4 LManager - ok
12:04:37.0854 0x15a4 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe
12:04:37.0885 0x15a4 MDS_Menu - ok
12:04:37.0917 0x15a4 [ 506FCC5EEE85B165498513022EF26E65, 0DB381917F22158F87A4B58B683320985C654E0F203E57D255F464C57E26631A ] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
12:04:37.0948 0x15a4 ArcadeMovieService - ok
12:04:38.0088 0x15a4 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:04:38.0151 0x15a4 Adobe ARM - ok
12:04:38.0291 0x15a4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:04:38.0416 0x15a4 Sidebar - ok
12:04:38.0447 0x15a4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:04:38.0478 0x15a4 mctadmin - ok
12:04:38.0541 0x15a4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:04:38.0666 0x15a4 Sidebar - ok
12:04:38.0666 0x15a4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:04:38.0697 0x15a4 mctadmin - ok
12:04:38.0806 0x15a4 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:04:38.0884 0x15a4 Sidebar - ok
12:04:38.0993 0x15a4 [ BAD6C301B193809BBFA4A38F3D184628, F85AB67E4072E0BB6132856318F5D8595FA1E395C869DC0B41BFDA1A731F83B7 ] C:\Users\*****\AppData\Roaming\Izlwcl\jhhhxzuhxz.exe
12:04:38.0993 0x15a4 Suspicious file ( NoAccess ): C:\Users\*****\AppData\Roaming\Izlwcl\jhhhxzuhxz.exe. md5: BAD6C301B193809BBFA4A38F3D184628, sha256: F85AB67E4072E0BB6132856318F5D8595FA1E395C869DC0B41BFDA1A731F83B7
12:04:39.0009 0x15a4 nlsluhxz - detected LockedFile.Multi.Generic ( 1 )
12:04:41.0895 0x15a4 Detect turned to UDS exact due to KSN untrusted
12:04:41.0973 0x15a4 nlsluhxz ( UDS:DangerousObject.Multi.Generic ) - infected
12:04:41.0973 0x15a4 Force sending object to P2P due to detect: C:\Users\*****\AppData\Roaming\Izlwcl\jhhhxzuhxz.exe
12:04:44.0952 0x15a4 Object send P2P result: true
12:04:47.0870 0x15a4 [ B3FD7BE5ACA41067CC8AC0BCD64455A9, F0E5942F72A28EC49971E57C5AADC82D1FF814E676849BA90B03D2C3C8409695 ] C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe
12:04:47.0870 0x15a4 Suspicious file ( NoAccess ): C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe. md5: B3FD7BE5ACA41067CC8AC0BCD64455A9, sha256: F0E5942F72A28EC49971E57C5AADC82D1FF814E676849BA90B03D2C3C8409695
12:04:47.0870 0x15a4 poet-tear - detected LockedFile.Multi.Generic ( 1 )
12:04:50.0756 0x15a4 Detect turned to UDS exact due to KSN untrusted
12:04:50.0756 0x15a4 poet-tear ( UDS:DangerousObject.Multi.Generic ) - infected
12:04:50.0756 0x15a4 Force sending object to P2P due to detect: C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe
12:04:57.0947 0x15a4 Object send P2P result: true
12:05:00.0764 0x15a4 audience-scratch - ok
12:05:00.0914 0x15a4 courage-adjust - ok
12:05:01.0264 0x15a4 [ 69CFED513B87D6FE10DBE421708501B3, DE7F8F22EB5C88DF11C51E5FD69A18EDAFDA6873AAFFBC5BD134DC67E2E75813 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
12:05:01.0514 0x15a4 SUPERAntiSpyware - ok
12:05:01.0825 0x15a4 [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
12:05:01.0996 0x15a4 Spybot-S&D Cleaning - ok
12:05:02.0090 0x15a4 [ B3FD7BE5ACA41067CC8AC0BCD64455A9, F0E5942F72A28EC49971E57C5AADC82D1FF814E676849BA90B03D2C3C8409695 ] C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe
12:05:02.0090 0x15a4 Suspicious file ( NoAccess ): C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe. md5: B3FD7BE5ACA41067CC8AC0BCD64455A9, sha256: F0E5942F72A28EC49971E57C5AADC82D1FF814E676849BA90B03D2C3C8409695
12:05:02.0090 0x15a4 poet-tear - detected LockedFile.Multi.Generic ( 1 )
12:05:02.0090 0x15a4 Detect turned to UDS exact due to KSN untrusted
12:05:02.0090 0x15a4 poet-tear ( UDS:DangerousObject.Multi.Generic ) - infected
12:05:02.0090 0x15a4 Force sending object to P2P due to detect: C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe
12:05:08.0938 0x15a4 Object send P2P result: true
12:05:11.0958 0x15a4 [ 7999235AE6A9F0FE1C007203F03A4618, D552A169E7E5EC43B675120F11E6A1790902C4068FAAFC2DE81DDB5FA50F18E8 ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe
12:05:12.0008 0x15a4 FlashPlayerUpdate - ok
12:05:12.0018 0x15a4 Waiting for KSN requests completion. In queue: 1
12:05:13.0026 0x15a4 Waiting for KSN requests completion. In queue: 1
12:05:14.0040 0x15a4 Waiting for KSN requests completion. In queue: 1
12:05:15.0070 0x15a4 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
12:05:15.0086 0x15a4 Win FW state via NFP2: enabled
12:05:17.0940 0x15a4 ============================================================
12:05:17.0940 0x15a4 Scan finished
12:05:17.0940 0x15a4 ============================================================
12:05:17.0956 0x1418 Detected object count: 3
12:05:17.0956 0x1418 Actual detected object count: 3
12:06:10.0060 0x1418 C:\Users\*****\AppData\Roaming\Izlwcl\jhhhxzuhxz.exe - copied to quarantine
12:06:10.0076 0x1418 HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows\CurrentVersion\Run:nlsluhxz - will be deleted on reboot
12:06:10.0076 0x1418 C:\Users\*****\AppData\Roaming\Izlwcl\jhhhxzuhxz.exe - will be deleted on reboot
12:06:10.0076 0x1418 nlsluhxz ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
12:06:10.0091 0x1418 C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe - copied to quarantine
12:06:13.0944 0x1418 HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows\CurrentVersion\Run:poet-tear - will be deleted on reboot
12:06:13.0944 0x1418 C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe - will be deleted on reboot
12:06:13.0944 0x1418 poet-tear ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
12:06:13.0960 0x1418 C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe - copied to quarantine
12:06:17.0559 0x1418 HKU\S-1-5-21-1902139459-1109185879-2378804310-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce:poet-tear - will be deleted on reboot
12:06:17.0559 0x1418 C:\Users\*****\AppData\Roaming\Poet_value\poetorganize.exe - will be deleted on reboot
12:06:17.0559 0x1418 poet-tear ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
12:06:17.0703 0x1418 KLMD registered as C:\Windows\system32\drivers\19980180.sys
12:06:22.0864 0x1938 Deinitialize success
Wie geht es weiter? Vielen Dank schon einmal bis hierher, Mathias |
|
03.01.2015, 12:20
| #13 |
| /// the machine /// TB-Ausbilder | C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert nochmal mit TDSSKIller scannen. Log posten. Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.01.2015, 13:38
| #14 |
| | C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert Hallo Schrauber, hier nun die neue TDSSKiller.txt Code:
ATTFilter 12:39:30.0781 0x1038 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
12:39:41.0311 0x1038 ============================================================
12:39:41.0311 0x1038 Current date / time: 2015/01/03 12:39:41.0311
12:39:41.0311 0x1038 SystemInfo:
12:39:41.0311 0x1038
12:39:41.0311 0x1038 OS Version: 6.1.7601 ServicePack: 1.0
12:39:41.0311 0x1038 Product type: Workstation
12:39:41.0311 0x1038 ComputerName: *****-PC
12:39:41.0311 0x1038 UserName: *****
12:39:41.0311 0x1038 Windows directory: C:\Windows
12:39:41.0311 0x1038 System windows directory: C:\Windows
12:39:41.0311 0x1038 Running under WOW64
12:39:41.0311 0x1038 Processor architecture: Intel x64
12:39:41.0311 0x1038 Number of processors: 4
12:39:41.0311 0x1038 Page size: 0x1000
12:39:41.0311 0x1038 Boot type: Normal boot
12:39:41.0311 0x1038 ============================================================
12:39:41.0311 0x1038 BG loaded
12:39:41.0591 0x1038 System UUID: {604D0E78-24CB-04A7-CFCE-9554F14D1DA1}
12:39:42.0044 0x1038 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:39:42.0059 0x1038 ============================================================
12:39:42.0059 0x1038 \Device\Harddisk0\DR0:
12:39:42.0059 0x1038 MBR partitions:
12:39:42.0059 0x1038 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
12:39:42.0059 0x1038 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x237FB800
12:39:42.0059 0x1038 ============================================================
12:39:42.0075 0x1038 C: <-> \Device\Harddisk0\DR0\Partition2
12:39:42.0075 0x1038 ============================================================
12:39:42.0075 0x1038 Initialize success
12:39:42.0075 0x1038 ============================================================
12:39:50.0468 0x0f00 ============================================================
12:39:50.0468 0x0f00 Scan started
12:39:50.0468 0x0f00 Mode: Manual; SigCheck; TDLFS;
12:39:50.0468 0x0f00 ============================================================
12:39:50.0468 0x0f00 KSN ping started
12:39:53.0292 0x0f00 KSN ping finished: true
12:39:55.0585 0x0f00 ================ Scan system memory ========================
12:39:55.0585 0x0f00 System memory - ok
12:39:55.0585 0x0f00 ================ Scan services =============================
12:39:55.0741 0x0f00 [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:39:55.0803 0x0f00 !SASCORE - ok
12:39:56.0178 0x0f00 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:39:56.0240 0x0f00 1394ohci - ok
12:39:56.0334 0x0f00 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:39:56.0365 0x0f00 ACPI - ok
12:39:56.0427 0x0f00 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:39:56.0474 0x0f00 AcpiPmi - ok
12:39:56.0661 0x0f00 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:39:56.0677 0x0f00 AdobeARMservice - ok
12:39:56.0911 0x0f00 [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:39:56.0926 0x0f00 AdobeFlashPlayerUpdateSvc - ok
12:39:57.0020 0x0f00 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:39:57.0067 0x0f00 adp94xx - ok
12:39:57.0114 0x0f00 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:39:57.0145 0x0f00 adpahci - ok
12:39:57.0192 0x0f00 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:39:57.0223 0x0f00 adpu320 - ok
12:39:57.0254 0x0f00 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:39:57.0316 0x0f00 AeLookupSvc - ok
12:39:57.0410 0x0f00 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:39:57.0488 0x0f00 AFD - ok
12:39:57.0597 0x0f00 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:39:57.0613 0x0f00 agp440 - ok
12:39:57.0644 0x0f00 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:39:57.0706 0x0f00 ALG - ok
12:39:57.0784 0x0f00 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:39:57.0800 0x0f00 aliide - ok
12:39:57.0862 0x0f00 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:39:57.0878 0x0f00 amdide - ok
12:39:57.0940 0x0f00 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:39:57.0987 0x0f00 AmdK8 - ok
12:39:58.0018 0x0f00 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:39:58.0065 0x0f00 AmdPPM - ok
12:39:58.0128 0x0f00 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:39:58.0143 0x0f00 amdsata - ok
12:39:58.0206 0x0f00 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:39:58.0221 0x0f00 amdsbs - ok
12:39:58.0252 0x0f00 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:39:58.0284 0x0f00 amdxata - ok
12:39:58.0346 0x0f00 [ 391887990CDAA83DE5C56C3FDE966DA1, BC55E21E03B3FE7BBDBB13D56AADB8FBA74F58521AC73B105AD9788E7AE18F0B ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
12:39:58.0393 0x0f00 AmUStor - ok
12:39:58.0533 0x0f00 [ 051A7A9C035BBAB779E2C96E65C32600, 22B9FB02A24A64F8CD2C99BAA3AC0CD4ABD42FBAD495EBB2CE24504A1E44A184 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
12:39:58.0642 0x0f00 AntiVirWebService - ok
12:39:58.0720 0x0f00 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
12:39:58.0783 0x0f00 AppID - ok
12:39:58.0845 0x0f00 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:39:58.0939 0x0f00 AppIDSvc - ok
12:39:58.0970 0x0f00 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:39:59.0032 0x0f00 Appinfo - ok
12:39:59.0079 0x0f00 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:39:59.0095 0x0f00 arc - ok
12:39:59.0110 0x0f00 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:39:59.0142 0x0f00 arcsas - ok
12:39:59.0282 0x0f00 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:39:59.0469 0x0f00 aspnet_state - ok
12:39:59.0532 0x0f00 [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
12:39:59.0563 0x0f00 aswHwid - ok
12:39:59.0594 0x0f00 [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
12:39:59.0625 0x0f00 aswMonFlt - ok
12:39:59.0719 0x0f00 [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
12:39:59.0750 0x0f00 aswRdr - ok
12:39:59.0781 0x0f00 [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
12:39:59.0797 0x0f00 aswRvrt - ok
12:39:59.0890 0x0f00 [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
12:39:59.0937 0x0f00 aswSnx - ok
12:39:59.0984 0x0f00 [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP C:\Windows\system32\drivers\aswSP.sys
12:40:00.0031 0x0f00 aswSP - ok
12:40:00.0046 0x0f00 [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm C:\Windows\system32\drivers\aswStm.sys
12:40:00.0078 0x0f00 aswStm - ok
12:40:00.0109 0x0f00 [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
12:40:00.0140 0x0f00 aswVmm - ok
12:40:00.0171 0x0f00 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:40:00.0234 0x0f00 AsyncMac - ok
12:40:00.0296 0x0f00 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:40:00.0327 0x0f00 atapi - ok
12:40:00.0405 0x0f00 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:40:00.0483 0x0f00 AudioEndpointBuilder - ok
12:40:00.0530 0x0f00 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:40:00.0577 0x0f00 AudioSrv - ok
12:40:00.0655 0x0f00 [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:40:00.0670 0x0f00 avast! Antivirus - ok
12:40:00.0873 0x0f00 [ 4F4EBF6163D3A02D52A66BBD145B0069, 179B2FD2671F6BB8D3F77B39001F546A0DEBE85BFF9782060AF1DC50DFA071EF ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
12:40:01.0060 0x0f00 AvastVBoxSvc - ok
12:40:01.0138 0x0f00 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:40:01.0201 0x0f00 AxInstSV - ok
12:40:01.0263 0x0f00 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:40:01.0341 0x0f00 b06bdrv - ok
12:40:01.0404 0x0f00 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:40:01.0482 0x0f00 b57nd60a - ok
12:40:01.0653 0x0f00 [ 2D659B569A76CDB83B815675A80D7096, 8246BD350017B6CBADA4BBDBAB8B708B0A8F1AD5ADD4B2DE1BA610B4A188C262 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
12:40:01.0809 0x0f00 BCM43XX - ok
12:40:01.0856 0x0f00 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:40:01.0903 0x0f00 BDESVC - ok
12:40:01.0934 0x0f00 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:40:02.0028 0x0f00 Beep - ok
12:40:02.0106 0x0f00 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:40:02.0168 0x0f00 BFE - ok
12:40:02.0215 0x0f00 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:40:02.0340 0x0f00 BITS - ok
12:40:02.0371 0x0f00 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:40:02.0418 0x0f00 blbdrive - ok
12:40:02.0464 0x0f00 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:40:02.0496 0x0f00 bowser - ok
12:40:02.0511 0x0f00 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:40:02.0542 0x0f00 BrFiltLo - ok
12:40:02.0558 0x0f00 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:40:02.0574 0x0f00 BrFiltUp - ok
12:40:02.0620 0x0f00 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:40:02.0683 0x0f00 Browser - ok
12:40:02.0714 0x0f00 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:40:02.0776 0x0f00 Brserid - ok
12:40:02.0792 0x0f00 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:40:02.0839 0x0f00 BrSerWdm - ok
12:40:02.0854 0x0f00 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:40:02.0886 0x0f00 BrUsbMdm - ok
12:40:02.0901 0x0f00 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:40:02.0948 0x0f00 BrUsbSer - ok
12:40:03.0026 0x0f00 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:40:03.0088 0x0f00 BthEnum - ok
12:40:03.0120 0x0f00 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:40:03.0182 0x0f00 BTHMODEM - ok
12:40:03.0213 0x0f00 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:40:03.0276 0x0f00 BthPan - ok
12:40:03.0307 0x0f00 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
12:40:03.0385 0x0f00 BTHPORT - ok
12:40:03.0432 0x0f00 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:40:03.0494 0x0f00 bthserv - ok
12:40:03.0525 0x0f00 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
12:40:03.0572 0x0f00 BTHUSB - ok
12:40:03.0634 0x0f00 [ 73A1C54749FE4F0019241E36C796AB86, B7E6217F699469DDD76751FBACD25AE9AF56A63FAA8F3C7E0A3FAADA2030AB94 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
12:40:03.0666 0x0f00 btwampfl - ok
12:40:03.0728 0x0f00 [ 1872074ED0A3FB22E3F1E3197B984BFA, 112F289BFE63B46D1E007E3C6761B5C5C8F499B6638CE896DF528FDDBBC1EA12 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
12:40:03.0744 0x0f00 btwaudio - ok
12:40:03.0790 0x0f00 [ 691CF076C33AB1C3A5B2FD5450300733, C2C943D42B0A135BD255FA8985A00D36B0DD91546291E2D819FACE7C0B08287D ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
12:40:03.0822 0x0f00 btwavdt - ok
12:40:03.0884 0x0f00 [ 4E6AC6475EF653BDFFDA67A74B9591D8, 2F13D29BF48D2E982AF0BA4F3B6C38B2651E87F898B4A290AE12C5B78306639B ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:40:03.0946 0x0f00 btwdins - ok
12:40:03.0978 0x0f00 [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
12:40:03.0993 0x0f00 btwl2cap - ok
12:40:04.0009 0x0f00 [ C9273B20DEC8CE38DBCE5D29DE63C907, 71D67A1A2EDA81351E8D8129824565E2ECA0CFA4DC844CE12F90AB7906ABA737 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
12:40:04.0024 0x0f00 btwrchid - ok
12:40:04.0056 0x0f00 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:40:04.0134 0x0f00 cdfs - ok
12:40:04.0196 0x0f00 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:40:04.0227 0x0f00 cdrom - ok
12:40:04.0290 0x0f00 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:40:04.0368 0x0f00 CertPropSvc - ok
12:40:04.0399 0x0f00 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:40:04.0446 0x0f00 circlass - ok
12:40:04.0492 0x0f00 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:40:04.0524 0x0f00 CLFS - ok
12:40:04.0633 0x0f00 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:40:04.0664 0x0f00 clr_optimization_v2.0.50727_32 - ok
12:40:04.0742 0x0f00 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:40:04.0773 0x0f00 clr_optimization_v2.0.50727_64 - ok
12:40:04.0882 0x0f00 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:40:05.0054 0x0f00 clr_optimization_v4.0.30319_32 - ok
12:40:05.0085 0x0f00 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:40:05.0163 0x0f00 clr_optimization_v4.0.30319_64 - ok
12:40:05.0194 0x0f00 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:40:05.0241 0x0f00 CmBatt - ok
12:40:05.0257 0x0f00 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:40:05.0288 0x0f00 cmdide - ok
12:40:05.0350 0x0f00 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:40:05.0382 0x0f00 CNG - ok
12:40:05.0413 0x0f00 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:40:05.0428 0x0f00 Compbatt - ok
12:40:05.0475 0x0f00 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:40:05.0522 0x0f00 CompositeBus - ok
12:40:05.0538 0x0f00 COMSysApp - ok
12:40:05.0553 0x0f00 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:40:05.0584 0x0f00 crcdisk - ok
12:40:05.0647 0x0f00 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:40:05.0709 0x0f00 CryptSvc - ok
12:40:05.0756 0x0f00 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:40:05.0850 0x0f00 DcomLaunch - ok
12:40:05.0896 0x0f00 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:40:05.0974 0x0f00 defragsvc - ok
12:40:06.0006 0x0f00 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:40:06.0068 0x0f00 DfsC - ok
12:40:06.0130 0x0f00 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:40:06.0208 0x0f00 Dhcp - ok
12:40:06.0224 0x0f00 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:40:06.0302 0x0f00 discache - ok
12:40:06.0333 0x0f00 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:40:06.0364 0x0f00 Disk - ok
12:40:06.0396 0x0f00 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:40:06.0442 0x0f00 Dnscache - ok
12:40:06.0489 0x0f00 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:40:06.0552 0x0f00 dot3svc - ok
12:40:06.0583 0x0f00 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:40:06.0645 0x0f00 DPS - ok
12:40:06.0708 0x0f00 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:40:06.0754 0x0f00 drmkaud - ok
12:40:06.0817 0x0f00 [ 9CF46FDF163E06B83D03FF929EF2296C, 40BB0226361DEC2E6CBFE79CA092083986BD3D94564ED5F3E54CA2EE9A756837 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
12:40:06.0848 0x0f00 DsiWMIService - ok
12:40:06.0926 0x0f00 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:40:06.0973 0x0f00 DXGKrnl - ok
12:40:07.0020 0x0f00 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:40:07.0098 0x0f00 EapHost - ok
12:40:07.0207 0x0f00 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:40:07.0425 0x0f00 ebdrv - ok
12:40:07.0488 0x0f00 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
12:40:07.0534 0x0f00 EFS - ok
12:40:07.0644 0x0f00 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:40:07.0737 0x0f00 ehRecvr - ok
12:40:07.0768 0x0f00 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:40:07.0831 0x0f00 ehSched - ok
12:40:07.0878 0x0f00 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:40:07.0924 0x0f00 elxstor - ok
12:40:08.0018 0x0f00 [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
12:40:08.0065 0x0f00 ePowerSvc - ok
12:40:08.0112 0x0f00 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:40:08.0143 0x0f00 ErrDev - ok
12:40:08.0221 0x0f00 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:40:08.0299 0x0f00 EventSystem - ok
12:40:08.0346 0x0f00 [ 251AF86E0A4DDF3A6B181ED5103B06B1, 1823E7C87F0D8972A89D71B1FB633C5D43744F9803E6A8B866F6EA610032437C ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
12:40:08.0392 0x0f00 ewusbnet - ok
12:40:08.0439 0x0f00 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:40:08.0517 0x0f00 exfat - ok
12:40:08.0533 0x0f00 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:40:08.0611 0x0f00 fastfat - ok
12:40:08.0673 0x0f00 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:40:08.0751 0x0f00 Fax - ok
12:40:08.0767 0x0f00 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:40:08.0814 0x0f00 fdc - ok
12:40:08.0845 0x0f00 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:40:08.0907 0x0f00 fdPHost - ok
12:40:08.0938 0x0f00 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:40:09.0016 0x0f00 FDResPub - ok
12:40:09.0048 0x0f00 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:40:09.0079 0x0f00 FileInfo - ok
12:40:09.0079 0x0f00 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:40:09.0172 0x0f00 Filetrace - ok
12:40:09.0188 0x0f00 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:40:09.0219 0x0f00 flpydisk - ok
12:40:09.0250 0x0f00 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:40:09.0282 0x0f00 FltMgr - ok
12:40:09.0360 0x0f00 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:40:09.0453 0x0f00 FontCache - ok
12:40:09.0531 0x0f00 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:40:09.0547 0x0f00 FontCache3.0.0.0 - ok
12:40:09.0578 0x0f00 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:40:09.0625 0x0f00 FsDepends - ok
12:40:09.0672 0x0f00 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:40:09.0703 0x0f00 Fs_Rec - ok
12:40:09.0765 0x0f00 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:40:09.0796 0x0f00 fvevol - ok
12:40:09.0843 0x0f00 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:40:09.0859 0x0f00 gagp30kx - ok
12:40:09.0952 0x0f00 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:40:10.0077 0x0f00 gpsvc - ok
12:40:10.0155 0x0f00 [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
12:40:10.0171 0x0f00 GREGService - ok
12:40:10.0171 0x0f00 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:40:10.0233 0x0f00 hcw85cir - ok
12:40:10.0296 0x0f00 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:40:10.0358 0x0f00 HdAudAddService - ok
12:40:10.0405 0x0f00 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:40:10.0452 0x0f00 HDAudBus - ok
12:40:10.0483 0x0f00 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:40:10.0514 0x0f00 HECIx64 - ok
12:40:10.0530 0x0f00 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:40:10.0576 0x0f00 HidBatt - ok
12:40:10.0608 0x0f00 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:40:10.0654 0x0f00 HidBth - ok
12:40:10.0686 0x0f00 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:40:10.0717 0x0f00 HidIr - ok
12:40:10.0748 0x0f00 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:40:10.0810 0x0f00 hidserv - ok
12:40:10.0857 0x0f00 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
12:40:10.0888 0x0f00 HidUsb - ok
12:40:10.0920 0x0f00 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:40:10.0982 0x0f00 hkmsvc - ok
12:40:11.0013 0x0f00 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:40:11.0076 0x0f00 HomeGroupListener - ok
12:40:11.0107 0x0f00 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:40:11.0169 0x0f00 HomeGroupProvider - ok
12:40:11.0200 0x0f00 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:40:11.0232 0x0f00 HpSAMD - ok
12:40:11.0294 0x0f00 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:40:11.0388 0x0f00 HTTP - ok
12:40:11.0450 0x0f00 [ 4B5C07DB91A0099272FAAE732E1152BD, E0408F85A2E1E310F5143A01A34456F120875D21E0E9D0A9F9EBC96514CFC47C ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
12:40:11.0497 0x0f00 hwdatacard - ok
12:40:11.0528 0x0f00 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:40:11.0544 0x0f00 hwpolicy - ok
12:40:11.0590 0x0f00 [ 9C13A2691AC410CC7469F298684DCA5D, 2B07FE759B479A36AB4DE185AF8B4295396A1F8674587721BE7C92FC31ADFF0D ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
12:40:11.0622 0x0f00 hwusbfake - ok
12:40:11.0684 0x0f00 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:40:11.0700 0x0f00 i8042prt - ok
12:40:11.0778 0x0f00 [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:40:11.0809 0x0f00 iaStor - ok
12:40:11.0871 0x0f00 [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:40:11.0887 0x0f00 IAStorDataMgrSvc - ok
12:40:11.0949 0x0f00 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:40:11.0980 0x0f00 iaStorV - ok
12:40:12.0058 0x0f00 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:40:12.0136 0x0f00 idsvc - ok
12:40:12.0136 0x0f00 IEEtwCollectorService - ok
12:40:12.0495 0x0f00 [ 2A22AB054F4630D2EF4BAB2853F6D5F6, 9CD7A5FFB7E25B51E9D311531EE5EC20CEAC356C7A27D52B61DA810DB412437B ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:40:12.0885 0x0f00 igfx - ok
12:40:12.0948 0x0f00 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:40:12.0963 0x0f00 iirsp - ok
12:40:13.0026 0x0f00 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:40:13.0088 0x0f00 IKEEXT - ok
12:40:13.0135 0x0f00 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
12:40:13.0182 0x0f00 Impcd - ok
12:40:13.0291 0x0f00 [ CB5FD9B681AD43B560490B5283DDC1C1, 359F4ACE7BE0FD6BF710AD1EEA48ED3F9E4A97A2B8318EC5616E34449D0C774F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:40:13.0400 0x0f00 IntcAzAudAddService - ok
12:40:13.0447 0x0f00 [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:40:13.0478 0x0f00 IntcDAud - ok
12:40:13.0494 0x0f00 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:40:13.0509 0x0f00 intelide - ok
12:40:13.0540 0x0f00 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:40:13.0587 0x0f00 intelppm - ok
12:40:13.0665 0x0f00 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:40:13.0743 0x0f00 IPBusEnum - ok
12:40:13.0790 0x0f00 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:40:13.0852 0x0f00 IpFilterDriver - ok
12:40:13.0930 0x0f00 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:40:13.0993 0x0f00 iphlpsvc - ok
12:40:14.0024 0x0f00 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:40:14.0071 0x0f00 IPMIDRV - ok
12:40:14.0102 0x0f00 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:40:14.0180 0x0f00 IPNAT - ok
12:40:14.0211 0x0f00 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:40:14.0258 0x0f00 IRENUM - ok
12:40:14.0274 0x0f00 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:40:14.0305 0x0f00 isapnp - ok
12:40:14.0336 0x0f00 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:40:14.0367 0x0f00 iScsiPrt - ok
12:40:14.0398 0x0f00 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:40:14.0414 0x0f00 kbdclass - ok
12:40:14.0476 0x0f00 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:40:14.0508 0x0f00 kbdhid - ok
12:40:14.0554 0x0f00 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
12:40:14.0570 0x0f00 KeyIso - ok
12:40:14.0617 0x0f00 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:40:14.0648 0x0f00 KSecDD - ok
12:40:14.0648 0x0f00 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:40:14.0679 0x0f00 KSecPkg - ok
12:40:14.0695 0x0f00 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:40:14.0773 0x0f00 ksthunk - ok
12:40:14.0820 0x0f00 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:40:14.0913 0x0f00 KtmRm - ok
12:40:15.0007 0x0f00 [ A4A9CA24E54E81C6C3E469EAEB4B3F42, FB6B72BF973EC2EE2D81AAAF47B030C0A5E7E7B079DAB257C52FEFC3F222CDC8 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
12:40:15.0022 0x0f00 L1C - ok
12:40:15.0085 0x0f00 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:40:15.0178 0x0f00 LanmanServer - ok
12:40:15.0210 0x0f00 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:40:15.0288 0x0f00 LanmanWorkstation - ok
12:40:15.0334 0x0f00 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:40:15.0397 0x0f00 lltdio - ok
12:40:15.0444 0x0f00 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:40:15.0537 0x0f00 lltdsvc - ok
12:40:15.0568 0x0f00 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:40:15.0646 0x0f00 lmhosts - ok
12:40:15.0756 0x0f00 [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:40:15.0787 0x0f00 LMS - detected UnsignedFile.Multi.Generic ( 1 )
12:40:18.0704 0x0f00 Detect skipped due to KSN trusted
12:40:18.0704 0x0f00 LMS - ok
12:40:18.0735 0x0f00 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:40:18.0766 0x0f00 LSI_FC - ok
12:40:18.0766 0x0f00 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:40:18.0798 0x0f00 LSI_SAS - ok
12:40:18.0813 0x0f00 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:40:18.0829 0x0f00 LSI_SAS2 - ok
12:40:18.0860 0x0f00 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:40:18.0891 0x0f00 LSI_SCSI - ok
12:40:18.0907 0x0f00 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:40:18.0985 0x0f00 luafv - ok
12:40:19.0032 0x0f00 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:40:19.0063 0x0f00 Mcx2Svc - ok
12:40:19.0078 0x0f00 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:40:19.0110 0x0f00 megasas - ok
12:40:19.0125 0x0f00 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:40:19.0156 0x0f00 MegaSR - ok
12:40:19.0188 0x0f00 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:40:19.0250 0x0f00 MMCSS - ok
12:40:19.0250 0x0f00 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:40:19.0312 0x0f00 Modem - ok
12:40:19.0359 0x0f00 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:40:19.0390 0x0f00 monitor - ok
12:40:19.0453 0x0f00 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
12:40:19.0484 0x0f00 mouclass - ok
12:40:19.0500 0x0f00 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:40:19.0546 0x0f00 mouhid - ok
12:40:19.0609 0x0f00 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:40:19.0640 0x0f00 mountmgr - ok
12:40:19.0765 0x0f00 [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:40:19.0796 0x0f00 MozillaMaintenance - ok
12:40:19.0858 0x0f00 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:40:19.0905 0x0f00 mpio - ok
12:40:19.0968 0x0f00 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:40:20.0030 0x0f00 mpsdrv - ok
12:40:20.0108 0x0f00 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:40:20.0202 0x0f00 MpsSvc - ok
12:40:20.0233 0x0f00 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:40:20.0295 0x0f00 MRxDAV - ok
12:40:20.0342 0x0f00 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:40:20.0420 0x0f00 mrxsmb - ok
12:40:20.0467 0x0f00 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:40:20.0514 0x0f00 mrxsmb10 - ok
12:40:20.0529 0x0f00 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:40:20.0576 0x0f00 mrxsmb20 - ok
12:40:20.0623 0x0f00 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:40:20.0654 0x0f00 msahci - ok
12:40:20.0685 0x0f00 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:40:20.0732 0x0f00 msdsm - ok
12:40:20.0763 0x0f00 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:40:20.0810 0x0f00 MSDTC - ok
12:40:20.0826 0x0f00 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:40:20.0919 0x0f00 Msfs - ok
12:40:20.0950 0x0f00 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:40:20.0997 0x0f00 mshidkmdf - ok
12:40:21.0044 0x0f00 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:40:21.0060 0x0f00 msisadrv - ok
12:40:21.0106 0x0f00 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:40:21.0200 0x0f00 MSiSCSI - ok
12:40:21.0200 0x0f00 msiserver - ok
12:40:21.0231 0x0f00 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:40:21.0294 0x0f00 MSKSSRV - ok
12:40:21.0309 0x0f00 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:40:21.0387 0x0f00 MSPCLOCK - ok
12:40:21.0418 0x0f00 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:40:21.0512 0x0f00 MSPQM - ok
12:40:21.0574 0x0f00 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:40:21.0652 0x0f00 MsRPC - ok
12:40:21.0668 0x0f00 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:40:21.0699 0x0f00 mssmbios - ok
12:40:21.0715 0x0f00 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:40:21.0762 0x0f00 MSTEE - ok
12:40:21.0777 0x0f00 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:40:21.0824 0x0f00 MTConfig - ok
12:40:21.0840 0x0f00 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:40:21.0871 0x0f00 Mup - ok
12:40:21.0902 0x0f00 [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
12:40:21.0933 0x0f00 mwlPSDFilter - ok
12:40:21.0964 0x0f00 [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
12:40:21.0996 0x0f00 mwlPSDNServ - ok
12:40:21.0996 0x0f00 [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
12:40:22.0027 0x0f00 mwlPSDVDisk - ok
12:40:22.0089 0x0f00 [ 3E5E20817259F7328C8F3BE5421F35B9, 9BF20E1CE75647BF5654AD603BD7D17E36CC0AD15EEAFF4FACE637D235C34190 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
12:40:22.0120 0x0f00 MWLService - ok
12:40:22.0198 0x0f00 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:40:22.0308 0x0f00 napagent - ok
12:40:22.0354 0x0f00 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:40:22.0448 0x0f00 NativeWifiP - ok
12:40:22.0573 0x0f00 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:40:22.0635 0x0f00 NDIS - ok
12:40:22.0651 0x0f00 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:40:22.0698 0x0f00 NdisCap - ok
12:40:22.0713 0x0f00 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:40:22.0776 0x0f00 NdisTapi - ok
12:40:22.0807 0x0f00 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:40:22.0900 0x0f00 Ndisuio - ok
12:40:22.0947 0x0f00 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:40:23.0072 0x0f00 NdisWan - ok
12:40:23.0134 0x0f00 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:40:23.0228 0x0f00 NDProxy - ok
12:40:23.0259 0x0f00 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:40:23.0322 0x0f00 NetBIOS - ok
12:40:23.0368 0x0f00 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:40:23.0493 0x0f00 NetBT - ok
12:40:23.0509 0x0f00 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
12:40:23.0540 0x0f00 Netlogon - ok
12:40:23.0587 0x0f00 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:40:23.0665 0x0f00 Netman - ok
12:40:23.0727 0x0f00 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:40:23.0899 0x0f00 NetMsmqActivator - ok
12:40:23.0914 0x0f00 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:40:23.0946 0x0f00 NetPipeActivator - ok
12:40:23.0961 0x0f00 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:40:24.0055 0x0f00 netprofm - ok
12:40:24.0086 0x0f00 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:40:24.0102 0x0f00 NetTcpActivator - ok
12:40:24.0117 0x0f00 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:40:24.0148 0x0f00 NetTcpPortSharing - ok
12:40:24.0164 0x0f00 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:40:24.0211 0x0f00 nfrd960 - ok
12:40:24.0258 0x0f00 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:40:24.0336 0x0f00 NlaSvc - ok
12:40:24.0351 0x0f00 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:40:24.0429 0x0f00 Npfs - ok
12:40:24.0429 0x0f00 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:40:24.0492 0x0f00 nsi - ok
12:40:24.0523 0x0f00 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:40:24.0632 0x0f00 nsiproxy - ok
12:40:24.0772 0x0f00 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:40:24.0882 0x0f00 Ntfs - ok
12:40:24.0960 0x0f00 [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
12:40:24.0991 0x0f00 NTI IScheduleSvc - ok
12:40:25.0038 0x0f00 [ 28C59F594044CBF8598B18C927097091, 7B7633A9BCB1E0A3F89DD697C296D77955907DCF239B4B9D155AD7B90F2A1E7A ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
12:40:25.0084 0x0f00 NTIBackupSvc - ok
12:40:25.0131 0x0f00 [ 710263B44C1D1AEE07525A53401FBE48, 9E30D956099F42A7F8125664E671AEE49A6EDE0C2B717EC9B4488556A386FA21 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
12:40:25.0162 0x0f00 NTIDrvr - ok
12:40:25.0209 0x0f00 [ B8D903B2894FF9AFBD99CA51C35590D7, AAC96724781EC5A715CEF85C65D4AE15283522D3F19020FC456BA0F73BAA22F9 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
12:40:25.0287 0x0f00 NTISchedulerSvc - ok
12:40:25.0303 0x0f00 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:40:25.0381 0x0f00 Null - ok
12:40:25.0428 0x0f00 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:40:25.0459 0x0f00 nvraid - ok
12:40:25.0506 0x0f00 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:40:25.0552 0x0f00 nvstor - ok
12:40:25.0599 0x0f00 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:40:25.0630 0x0f00 nv_agp - ok
12:40:25.0724 0x0f00 [ BA7DAC1B8A86D9402C3E04E1FCAA600D, 20DB46EA6D7FA2AEEDCF6D88E6E07D75219E14AFFD60D76D0A066429B34F7033 ] ODDPwrSvc C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
12:40:25.0755 0x0f00 ODDPwrSvc - ok
12:40:25.0802 0x0f00 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:40:25.0833 0x0f00 ohci1394 - ok
12:40:25.0911 0x0f00 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:40:25.0942 0x0f00 ose - ok
12:40:26.0161 0x0f00 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:40:26.0379 0x0f00 osppsvc - ok
12:40:26.0426 0x0f00 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:40:26.0457 0x0f00 p2pimsvc - ok
12:40:26.0535 0x0f00 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:40:26.0598 0x0f00 p2psvc - ok
12:40:26.0644 0x0f00 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:40:26.0660 0x0f00 Parport - ok
12:40:26.0722 0x0f00 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:40:26.0754 0x0f00 partmgr - ok
12:40:26.0800 0x0f00 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
12:40:26.0847 0x0f00 PcaSvc - ok
12:40:26.0925 0x0f00 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:40:26.0956 0x0f00 pci - ok
12:40:27.0019 0x0f00 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:40:27.0034 0x0f00 pciide - ok
12:40:27.0050 0x0f00 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:40:27.0081 0x0f00 pcmcia - ok
12:40:27.0097 0x0f00 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:40:27.0128 0x0f00 pcw - ok
12:40:27.0159 0x0f00 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:40:27.0237 0x0f00 PEAUTH - ok
12:40:27.0362 0x0f00 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:40:27.0409 0x0f00 PerfHost - ok
12:40:27.0783 0x0f00 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:40:27.0924 0x0f00 pla - ok
12:40:27.0986 0x0f00 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:40:28.0048 0x0f00 PlugPlay - ok
12:40:28.0095 0x0f00 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:40:28.0142 0x0f00 PNRPAutoReg - ok
12:40:28.0189 0x0f00 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:40:28.0220 0x0f00 PNRPsvc - ok
12:40:28.0423 0x0f00 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:40:28.0516 0x0f00 PolicyAgent - ok
12:40:28.0563 0x0f00 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:40:28.0657 0x0f00 Power - ok
12:40:28.0719 0x0f00 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:40:28.0782 0x0f00 PptpMiniport - ok
12:40:28.0797 0x0f00 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:40:28.0844 0x0f00 Processor - ok
12:40:28.0891 0x0f00 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:40:28.0906 0x0f00 ProfSvc - ok
12:40:28.0922 0x0f00 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:40:28.0953 0x0f00 ProtectedStorage - ok
12:40:29.0000 0x0f00 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:40:29.0078 0x0f00 Psched - ok
12:40:29.0156 0x0f00 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:40:29.0265 0x0f00 ql2300 - ok
12:40:29.0281 0x0f00 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:40:29.0312 0x0f00 ql40xx - ok
12:40:29.0343 0x0f00 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:40:29.0390 0x0f00 QWAVE - ok
12:40:29.0406 0x0f00 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:40:29.0437 0x0f00 QWAVEdrv - ok
12:40:29.0452 0x0f00 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:40:29.0515 0x0f00 RasAcd - ok
12:40:29.0562 0x0f00 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:40:29.0608 0x0f00 RasAgileVpn - ok
12:40:29.0655 0x0f00 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:40:29.0733 0x0f00 RasAuto - ok
12:40:29.0764 0x0f00 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:40:29.0827 0x0f00 Rasl2tp - ok
12:40:29.0874 0x0f00 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:40:29.0967 0x0f00 RasMan - ok
12:40:29.0983 0x0f00 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:40:30.0061 0x0f00 RasPppoe - ok
12:40:30.0076 0x0f00 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:40:30.0154 0x0f00 RasSstp - ok
12:40:30.0201 0x0f00 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:40:30.0279 0x0f00 rdbss - ok
12:40:30.0295 0x0f00 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:40:30.0326 0x0f00 rdpbus - ok
12:40:30.0357 0x0f00 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:40:30.0420 0x0f00 RDPCDD - ok
12:40:30.0420 0x0f00 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:40:30.0482 0x0f00 RDPENCDD - ok
12:40:30.0529 0x0f00 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:40:30.0591 0x0f00 RDPREFMP - ok
12:40:30.0622 0x0f00 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:40:30.0654 0x0f00 RDPWD - ok
12:40:30.0716 0x0f00 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:40:30.0747 0x0f00 rdyboost - ok
12:40:30.0794 0x0f00 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:40:30.0888 0x0f00 RemoteAccess - ok
12:40:30.0919 0x0f00 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:40:30.0997 0x0f00 RemoteRegistry - ok
12:40:31.0059 0x0f00 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:40:31.0122 0x0f00 RFCOMM - ok
12:40:31.0200 0x0f00 [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
12:40:31.0246 0x0f00 RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
12:40:34.0164 0x0f00 Detect skipped due to KSN trusted
12:40:34.0164 0x0f00 RichVideo - ok
12:40:34.0210 0x0f00 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:40:34.0320 0x0f00 RpcEptMapper - ok
12:40:34.0398 0x0f00 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:40:34.0444 0x0f00 RpcLocator - ok
12:40:34.0569 0x0f00 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:40:34.0632 0x0f00 RpcSs - ok
12:40:34.0678 0x0f00 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:40:34.0756 0x0f00 rspndr - ok
12:40:34.0850 0x0f00 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A, A6810A901620119E1809297A568DC903729471F4F4F813F1C60378E122D2358E ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
12:40:34.0866 0x0f00 RS_Service - ok
12:40:34.0897 0x0f00 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
12:40:34.0928 0x0f00 SamSs - ok
12:40:35.0037 0x0f00 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:40:35.0053 0x0f00 SASDIFSV - ok
12:40:35.0100 0x0f00 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:40:35.0115 0x0f00 SASKUTIL - ok
12:40:35.0162 0x0f00 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:40:35.0193 0x0f00 sbp2port - ok
12:40:35.0224 0x0f00 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:40:35.0318 0x0f00 SCardSvr - ok
12:40:35.0396 0x0f00 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:40:35.0458 0x0f00 scfilter - ok
12:40:35.0583 0x0f00 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:40:35.0692 0x0f00 Schedule - ok
12:40:35.0739 0x0f00 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:40:35.0786 0x0f00 SCPolicySvc - ok
12:40:35.0833 0x0f00 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:40:35.0895 0x0f00 SDRSVC - ok
12:40:36.0238 0x0f00 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
12:40:36.0348 0x0f00 SDScannerService - ok
12:40:36.0519 0x0f00 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:40:36.0644 0x0f00 SDUpdateService - ok
12:40:36.0691 0x0f00 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:40:36.0722 0x0f00 SDWSCService - ok
12:40:36.0753 0x0f00 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:40:36.0816 0x0f00 secdrv - ok
12:40:36.0894 0x0f00 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:40:36.0972 0x0f00 seclogon - ok
12:40:37.0018 0x0f00 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:40:37.0096 0x0f00 SENS - ok
12:40:37.0112 0x0f00 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:40:37.0159 0x0f00 SensrSvc - ok
12:40:37.0190 0x0f00 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:40:37.0237 0x0f00 Serenum - ok
12:40:37.0268 0x0f00 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:40:37.0330 0x0f00 Serial - ok
12:40:37.0377 0x0f00 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:40:37.0424 0x0f00 sermouse - ok
12:40:37.0486 0x0f00 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:40:37.0564 0x0f00 SessionEnv - ok
12:40:37.0689 0x0f00 settings - ok
12:40:37.0752 0x0f00 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:40:37.0767 0x0f00 sffdisk - ok
12:40:37.0783 0x0f00 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:40:37.0830 0x0f00 sffp_mmc - ok
12:40:37.0845 0x0f00 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:40:37.0908 0x0f00 sffp_sd - ok
12:40:37.0923 0x0f00 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:40:37.0970 0x0f00 sfloppy - ok
12:40:38.0017 0x0f00 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:40:38.0095 0x0f00 SharedAccess - ok
12:40:38.0142 0x0f00 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:40:38.0220 0x0f00 ShellHWDetection - ok
12:40:38.0251 0x0f00 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:40:38.0266 0x0f00 SiSRaid2 - ok
12:40:38.0282 0x0f00 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:40:38.0313 0x0f00 SiSRaid4 - ok
12:40:38.0376 0x0f00 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:40:38.0407 0x0f00 SkypeUpdate - ok
12:40:38.0438 0x0f00 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:40:38.0516 0x0f00 Smb - ok
12:40:38.0578 0x0f00 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:40:38.0625 0x0f00 SNMPTRAP - ok
12:40:38.0641 0x0f00 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:40:38.0672 0x0f00 spldr - ok
12:40:38.0766 0x0f00 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:40:38.0812 0x0f00 Spooler - ok
12:40:39.0280 0x0f00 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:40:39.0483 0x0f00 sppsvc - ok
12:40:39.0561 0x0f00 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:40:39.0608 0x0f00 sppuinotify - ok
12:40:39.0764 0x0f00 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:40:39.0842 0x0f00 srv - ok
12:40:39.0873 0x0f00 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:40:39.0936 0x0f00 srv2 - ok
12:40:40.0014 0x0f00 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:40:40.0060 0x0f00 srvnet - ok
12:40:40.0092 0x0f00 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:40:40.0170 0x0f00 SSDPSRV - ok
12:40:40.0201 0x0f00 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:40:40.0248 0x0f00 SstpSvc - ok
12:40:40.0294 0x0f00 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:40:40.0310 0x0f00 stexstor - ok
12:40:40.0372 0x0f00 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:40:40.0450 0x0f00 stisvc - ok
12:40:40.0482 0x0f00 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
12:40:40.0513 0x0f00 swenum - ok
12:40:40.0606 0x0f00 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:40:40.0747 0x0f00 swprv - ok
12:40:40.0794 0x0f00 [ CE9B5A79AEE330BC7E88C0441E5727BB, 315A6803DCAD670BDC30C74CC1040D73DA9B617C32F5B42FB09ABD549FCA4AE0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:40:40.0825 0x0f00 SynTP - ok
12:40:40.0996 0x0f00 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:40:41.0137 0x0f00 SysMain - ok
12:40:41.0184 0x0f00 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:40:41.0230 0x0f00 TabletInputService - ok
12:40:41.0340 0x0f00 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:40:41.0433 0x0f00 TapiSrv - ok
12:40:41.0464 0x0f00 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:40:41.0542 0x0f00 TBS - ok
12:40:41.0667 0x0f00 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:40:41.0823 0x0f00 Tcpip - ok
12:40:41.0886 0x0f00 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:40:41.0979 0x0f00 TCPIP6 - ok
12:40:42.0042 0x0f00 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:40:42.0073 0x0f00 tcpipreg - ok
12:40:42.0104 0x0f00 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:40:42.0120 0x0f00 TDPIPE - ok
12:40:42.0166 0x0f00 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:40:42.0198 0x0f00 TDTCP - ok
12:40:42.0229 0x0f00 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:40:42.0276 0x0f00 tdx - ok
12:40:42.0354 0x0f00 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
12:40:42.0369 0x0f00 TermDD - ok
12:40:42.0432 0x0f00 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:40:42.0510 0x0f00 TermService - ok
12:40:42.0556 0x0f00 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:40:42.0619 0x0f00 Themes - ok
12:40:42.0666 0x0f00 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:40:42.0728 0x0f00 THREADORDER - ok
12:40:42.0962 0x0f00 [ 506B0B498216371D64ABB69145B70E4C, 94FE0E8A61C506FBA45D14571A14DC259E1D52778CEF8366CE8CBDCD871E28DB ] tor C:\Program Files (x86)\Tor\tor.exe
12:40:43.0180 0x0f00 tor - detected UnsignedFile.Multi.Generic ( 1 )
12:40:46.0082 0x0f00 Detect skipped due to KSN trusted
12:40:46.0082 0x0f00 tor - ok
12:40:46.0129 0x0f00 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:40:46.0207 0x0f00 TrkWks - ok
12:40:46.0285 0x0f00 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:40:46.0347 0x0f00 TrustedInstaller - ok
12:40:46.0456 0x0f00 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:40:46.0503 0x0f00 tssecsrv - ok
12:40:46.0581 0x0f00 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:40:46.0612 0x0f00 TsUsbFlt - ok
12:40:46.0706 0x0f00 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:40:46.0768 0x0f00 tunnel - ok
12:40:46.0831 0x0f00 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:40:46.0846 0x0f00 uagp35 - ok
12:40:46.0924 0x0f00 [ 40079B0B801C5432BA435B5AD61CE6E3, 709EFA377470234DE21B03AB50A70C9E9DA8F3D22F026D80340EC69C21595892 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
12:40:46.0940 0x0f00 UBHelper - ok
12:40:47.0002 0x0f00 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:40:47.0080 0x0f00 udfs - ok
12:40:47.0143 0x0f00 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:40:47.0190 0x0f00 UI0Detect - ok
12:40:47.0221 0x0f00 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:40:47.0252 0x0f00 uliagpkx - ok
12:40:47.0299 0x0f00 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
12:40:47.0330 0x0f00 umbus - ok
12:40:47.0346 0x0f00 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:40:47.0377 0x0f00 UmPass - ok
12:40:47.0704 0x0f00 [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:40:47.0829 0x0f00 UNS - detected UnsignedFile.Multi.Generic ( 1 )
12:40:50.0746 0x0f00 Detect skipped due to KSN trusted
12:40:50.0746 0x0f00 UNS - ok
12:40:50.0793 0x0f00 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:40:50.0887 0x0f00 upnphost - ok
12:40:50.0965 0x0f00 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:40:50.0996 0x0f00 usbaudio - ok
12:40:51.0012 0x0f00 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:40:51.0058 0x0f00 usbccgp - ok
12:40:51.0121 0x0f00 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:40:51.0152 0x0f00 usbcir - ok
12:40:51.0230 0x0f00 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:40:51.0277 0x0f00 usbehci - ok
12:40:51.0324 0x0f00 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:40:51.0386 0x0f00 usbhub - ok
12:40:51.0402 0x0f00 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:40:51.0448 0x0f00 usbohci - ok
12:40:51.0495 0x0f00 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:40:51.0558 0x0f00 usbprint - ok
12:40:51.0589 0x0f00 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:40:51.0636 0x0f00 usbscan - ok
12:40:51.0667 0x0f00 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
12:40:51.0714 0x0f00 USBSTOR - ok
12:40:51.0729 0x0f00 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:40:51.0776 0x0f00 usbuhci - ok
12:40:51.0823 0x0f00 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:40:51.0854 0x0f00 usbvideo - ok
12:40:51.0870 0x0f00 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
12:40:51.0901 0x0f00 usb_rndisx - ok
12:40:51.0932 0x0f00 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:40:51.0979 0x0f00 UxSms - ok
12:40:51.0994 0x0f00 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
12:40:52.0026 0x0f00 VaultSvc - ok
12:40:52.0135 0x0f00 [ 1352B215BDC5807A5641E7C143796DD7, B54F95307253BB81E4CEE4F2033782210652364DE6A1E833B27ECE7E04A2BD51 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
12:40:52.0166 0x0f00 VBoxAswDrv - ok
12:40:52.0182 0x0f00 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:40:52.0213 0x0f00 vdrvroot - ok
12:40:52.0260 0x0f00 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:40:52.0369 0x0f00 vds - ok
12:40:52.0416 0x0f00 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:40:52.0431 0x0f00 vga - ok
12:40:52.0462 0x0f00 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:40:52.0509 0x0f00 VgaSave - ok
12:40:52.0540 0x0f00 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:40:52.0572 0x0f00 vhdmp - ok
12:40:52.0603 0x0f00 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:40:52.0618 0x0f00 viaide - ok
12:40:52.0759 0x0f00 [ 1B0D441D8AB264D39C2B09130CC28045, 15589A3A30B05AAD35152289AAF42CB792198FD15B55D6A7D5E4C1CE58459680 ] VMCService C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
12:40:52.0806 0x0f00 VMCService - detected UnsignedFile.Multi.Generic ( 1 )
12:40:55.0738 0x0f00 Detect skipped due to KSN trusted
12:40:55.0738 0x0f00 VMCService - ok
12:40:55.0754 0x0f00 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:40:55.0785 0x0f00 volmgr - ok
12:40:55.0832 0x0f00 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:40:55.0863 0x0f00 volmgrx - ok
12:40:55.0894 0x0f00 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:40:55.0926 0x0f00 volsnap - ok
12:40:55.0972 0x0f00 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:40:56.0004 0x0f00 vsmraid - ok
12:40:56.0144 0x0f00 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:40:56.0269 0x0f00 VSS - ok
12:40:56.0300 0x0f00 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:40:56.0347 0x0f00 vwifibus - ok
12:40:56.0409 0x0f00 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:40:56.0456 0x0f00 vwififlt - ok
12:40:56.0534 0x0f00 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:40:56.0628 0x0f00 W32Time - ok
12:40:56.0659 0x0f00 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:40:56.0706 0x0f00 WacomPen - ok
12:40:56.0752 0x0f00 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:40:56.0815 0x0f00 WANARP - ok
12:40:56.0846 0x0f00 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:40:56.0893 0x0f00 Wanarpv6 - ok
12:40:57.0267 0x0f00 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:40:57.0376 0x0f00 wbengine - ok
12:40:57.0423 0x0f00 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:40:57.0470 0x0f00 WbioSrvc - ok
12:40:57.0532 0x0f00 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:40:57.0595 0x0f00 wcncsvc - ok
12:40:57.0626 0x0f00 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:40:57.0642 0x0f00 WcsPlugInService - ok
12:40:57.0657 0x0f00 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:40:57.0688 0x0f00 Wd - ok
12:40:57.0751 0x0f00 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:40:57.0813 0x0f00 Wdf01000 - ok
12:40:57.0860 0x0f00 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:40:57.0891 0x0f00 WdiServiceHost - ok
12:40:57.0891 0x0f00 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:40:57.0922 0x0f00 WdiSystemHost - ok
12:40:57.0985 0x0f00 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:40:58.0032 0x0f00 WebClient - ok
12:40:58.0078 0x0f00 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:40:58.0141 0x0f00 Wecsvc - ok
12:40:58.0172 0x0f00 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:40:58.0250 0x0f00 wercplsupport - ok
12:40:58.0266 0x0f00 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:40:58.0344 0x0f00 WerSvc - ok
12:40:58.0390 0x0f00 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:40:58.0453 0x0f00 WfpLwf - ok
12:40:58.0500 0x0f00 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:40:58.0531 0x0f00 WIMMount - ok
12:40:58.0546 0x0f00 WinDefend - ok
12:40:58.0562 0x0f00 WinHttpAutoProxySvc - ok
12:40:58.0718 0x0f00 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:40:58.0796 0x0f00 Winmgmt - ok
12:40:59.0108 0x0f00 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
12:40:59.0217 0x0f00 WinRM - ok
12:40:59.0295 0x0f00 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:40:59.0326 0x0f00 WinUsb - ok
12:40:59.0498 0x0f00 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:40:59.0560 0x0f00 Wlansvc - ok
12:40:59.0623 0x0f00 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:40:59.0670 0x0f00 WmiAcpi - ok
12:40:59.0701 0x0f00 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:40:59.0748 0x0f00 wmiApSrv - ok
12:40:59.0794 0x0f00 WMPNetworkSvc - ok
12:40:59.0810 0x0f00 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:40:59.0826 0x0f00 WPCSvc - ok
12:40:59.0872 0x0f00 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:40:59.0904 0x0f00 WPDBusEnum - ok
12:40:59.0919 0x0f00 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:40:59.0997 0x0f00 ws2ifsl - ok
12:41:00.0028 0x0f00 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:41:00.0075 0x0f00 wscsvc - ok
12:41:00.0075 0x0f00 WSearch - ok
12:41:00.0403 0x0f00 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
12:41:00.0528 0x0f00 wuauserv - ok
12:41:00.0590 0x0f00 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:41:00.0621 0x0f00 WudfPf - ok
12:41:00.0652 0x0f00 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:41:00.0699 0x0f00 WUDFRd - ok
12:41:00.0730 0x0f00 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:41:00.0762 0x0f00 wudfsvc - ok
12:41:00.0808 0x0f00 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:41:00.0855 0x0f00 WwanSvc - ok
12:41:00.0918 0x0f00 ================ Scan global ===============================
12:41:00.0933 0x0f00 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:41:00.0996 0x0f00 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:41:01.0011 0x0f00 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:41:01.0058 0x0f00 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:41:01.0183 0x0f00 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:41:01.0183 0x0f00 [ Global ] - ok
12:41:01.0183 0x0f00 ================ Scan MBR ==================================
12:41:01.0198 0x0f00 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:41:02.0587 0x0f00 \Device\Harddisk0\DR0 - ok
12:41:02.0587 0x0f00 ================ Scan VBR ==================================
12:41:02.0618 0x0f00 [ 484B90EF01A50CE9D8BEFFB4B26BD896 ] \Device\Harddisk0\DR0\Partition1
12:41:02.0696 0x0f00 \Device\Harddisk0\DR0\Partition1 - ok
12:41:02.0727 0x0f00 [ DFAD496DF6C758342F14DE358F14DC01 ] \Device\Harddisk0\DR0\Partition2
12:41:02.0821 0x0f00 \Device\Harddisk0\DR0\Partition2 - ok
12:41:02.0821 0x0f00 ================ Scan generic autorun ======================
12:41:04.0334 0x0f00 [ 63C3AED5744F0BB8884413D19BFDB99A, 84DDF092DDAF6109D6185E86165CE60CD43A03F4B3C2ECAA7B109F17BED43BDB ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:41:04.0818 0x0f00 RtHDVCpl - ok
12:41:05.0083 0x0f00 [ 6F8BE1586785892C50D664BEDD906AF2, F9B7CC3DA226D107AB8CF9E6C73871B88B082763DE3EA01B6FE9A60C233BC01B ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
12:41:05.0161 0x0f00 RtHDVBg - ok
12:41:05.0301 0x0f00 [ 2C2C3D428E6581CF56A80416AA327425, F4C57B5C2233707B21444C9EB516CD00B07F13B610730ADC0C85E626180D567A ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
12:41:05.0332 0x0f00 AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
12:41:08.0250 0x0f00 Detect skipped due to KSN trusted
12:41:08.0250 0x0f00 AmIcoSinglun64 - ok
12:41:08.0312 0x0f00 [ A5F30B7295A8D0CE87FDE15FCF9646E1, ECF3B268BB74CFFCC3CEEF4A396D2D9F43561B4AEC70085A0637BE2B44401298 ] C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe
12:41:08.0343 0x0f00 ODDPwr - ok
12:41:08.0484 0x0f00 [ 0D6972A795995F07B6D78CA7724744FB, AA5E21F2957CCA7FBB0A2D006054E43BE4992BDEBAAC26A217C741FF36276B1B ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
12:41:08.0515 0x0f00 mwlDaemon - ok
12:41:08.0577 0x0f00 [ 2EC361CC83F0B718DA834A1CF3571F38, CD456DBEDD9A7FE75862A8289CBDD4663263E9F728BFAE6E0492E286BB441AFB ] C:\Windows\system32\igfxtray.exe
12:41:08.0608 0x0f00 IgfxTray - ok
12:41:08.0686 0x0f00 [ 48708AA53EE3A697E0B7E429F8A09663, 1A1F6E86BA8033D6A43E1EEAA9104C5C1F20BFA089AE86212B341EBCAC4859B7 ] C:\Windows\system32\hkcmd.exe
12:41:08.0718 0x0f00 HotKeysCmds - ok
12:41:08.0827 0x0f00 [ 0B8DF7C18D4CC7B3D14CE9C3411038AB, 2922BCF795123758CD1999FC3B739EE1AEA09FED10A817E8BA94CE418BDE2CB6 ] C:\Windows\system32\igfxpers.exe
12:41:08.0858 0x0f00 Persistence - ok
12:41:08.0858 0x0f00 SynTPEnh - ok
12:41:09.0061 0x0f00 [ 147B96A5AEA8CEF3A34D8E378EAAA9B2, AC60E8184AC0DF277C26617AAD06F13A315B459AE47D9093161FB3DD652195B1 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
12:41:09.0108 0x0f00 Acer ePower Management - ok
12:41:09.0232 0x0f00 [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
12:41:09.0248 0x0f00 IAStorIcon - ok
12:41:09.0342 0x0f00 [ AF7DE2922E01EFA48BF5F2A8511CF896, C0488146EC4600DBD9BF35C3C2DAE38714A4AEBB5341539237CAD1B3BBED3051 ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
12:41:09.0357 0x0f00 SuiteTray - ok
12:41:09.0451 0x0f00 [ F255E48EA981E943A14CF16269F3F3AF, DDA7829AE5D4E2EC0CB11581F4CB3AA70366021BFB70B678A54D050F2EEC0F4B ] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
12:41:09.0482 0x0f00 EgisUpdate - ok
12:41:09.0560 0x0f00 [ 0ADF079D36B2C25E6E9BECE1BD937ACE, E90188F60B942A9A7586E39DDE3871B1ED9D5F4D32AB70297CBE69B465609BEE ] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
12:41:09.0591 0x0f00 EgisTecPMMUpdate - ok
12:41:09.0685 0x0f00 [ 94F80155B91B8DF7A0EAD527C853D377, 3E35B686DB526592F2ABF4B3E6EAACE1E784A5552C1CE074E85661388E66C153 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
12:41:09.0700 0x0f00 BackupManagerTray - ok
12:41:09.0888 0x0f00 [ 38218E47372B77DDB3C9DDD4390CB960, C665FCFE08A4C1F9C3FBA73A220AAB7344C2BF203B62FAB76EF1F659A78F007C ] C:\Program Files (x86)\Launch Manager\LManager.exe
12:41:09.0950 0x0f00 LManager - ok
12:41:10.0153 0x0f00 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe
12:41:10.0168 0x0f00 MDS_Menu - ok
12:41:10.0309 0x0f00 [ 506FCC5EEE85B165498513022EF26E65, 0DB381917F22158F87A4B58B683320985C654E0F203E57D255F464C57E26631A ] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
12:41:10.0324 0x0f00 ArcadeMovieService - ok
12:41:10.0574 0x0f00 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:41:10.0636 0x0f00 Adobe ARM - ok
12:41:10.0995 0x0f00 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:41:11.0104 0x0f00 Sidebar - ok
12:41:11.0151 0x0f00 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:41:11.0214 0x0f00 mctadmin - ok
12:41:11.0245 0x0f00 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:41:11.0323 0x0f00 Sidebar - ok
12:41:11.0323 0x0f00 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:41:11.0354 0x0f00 mctadmin - ok
12:41:11.0541 0x0f00 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:41:11.0619 0x0f00 Sidebar - ok
12:41:11.0869 0x0f00 nlsluhxz - ok
12:41:11.0900 0x0f00 poet-tear - ok
12:41:11.0962 0x0f00 audience-scratch - ok
12:41:12.0352 0x0f00 courage-adjust - ok
12:41:14.0178 0x0f00 [ 69CFED513B87D6FE10DBE421708501B3, DE7F8F22EB5C88DF11C51E5FD69A18EDAFDA6873AAFFBC5BD134DC67E2E75813 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
12:41:14.0443 0x0f00 SUPERAntiSpyware - ok
12:41:16.0034 0x0f00 [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
12:41:16.0190 0x0f00 Spybot-S&D Cleaning - ok
12:41:16.0206 0x0f00 Waiting for KSN requests completion. In queue: 22
12:41:17.0220 0x0f00 Waiting for KSN requests completion. In queue: 2
12:41:18.0234 0x0f00 Waiting for KSN requests completion. In queue: 2
12:41:19.0341 0x0f00 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
12:41:19.0388 0x0f00 Win FW state via NFP2: enabled
12:41:22.0212 0x0f00 ============================================================
12:41:22.0212 0x0f00 Scan finished
12:41:22.0212 0x0f00 ============================================================
12:41:22.0212 0x1528 Detected object count: 0
12:41:22.0212 0x1528 Actual detected object count: 0
12:41:32.0336 0x0990 Deinitialize success
Hallo, Combofix gibt mir die Meldung: "Combofix startet neu...Bitte warten" anschließend gibt es Windows fehlermeldungen: unable to create a backup of the current registry file C:\Windows\System32\config\system ! continue restauration of this file? // error restoring C:\Windows\erdnt\subs\system to C:\Windows\System32\config\system ! // ich habe zuerst reflexhaft auf continue geklickt aber es kamen mehr Meldungen... C:\Windows\System32\config\software ! C:\Windows\System32\config\default ! C:\Windows\System32\config\security ! C:\Windows\System32\config\sam ! continue restauration of this file? error restoring C:\Windows\erdnt\subs\system to C:\Windows\System32\config\system ! soll ich weiter auf continue klicken? Liebe Grüße, Mathias |
|
03.01.2015, 14:32
| #15 |
| /// the machine /// TB-Ausbilder | C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert Ja. Bist Du Admin und dein AV Programm ist aus? Wenn kein Log von Combofix erzeugt wird Combofix löschen ud neu laden und nochmal laufen lassen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
dann auf 
und dann auf 
. 
angerousObject.Multi.Generic ) - skipped by user
