Solved Cleaned up laptop is not really clean...

Status
Not open for further replies.
10:18:40:773 4388 Process 3616: Module BROWSEUI.dll:
10:18:40:774 4388 Process 3616: Module IMM32.dll:
10:18:40:777 4388 Process 3616: Module MSCTF.dll:
10:18:40:779 4388 Process 3616: Module DUser.dll:
10:18:40:779 4388 Process 3616: Module LPK.DLL:
10:18:40:780 4388 Process 3616: Module USP10.dll:
10:18:40:784 4388 Process 3616: Module comctl32.dll:
10:18:40:787 4388 Process 3616: Module WindowsCodecs.dll:
10:18:40:788 4388 Process 3616: Module apphelp.dll:
10:18:40:791 4388 Process 3616: Module CLBCatQ.DLL:
10:18:40:793 4388 Process 3616: Module EhStorShell.dll:
10:18:40:793 4388 Process 3616: Module IconCodecService.dll:
10:18:40:793 4388 Process 3616: Module Secur32.dll:
10:18:40:796 4388 Process 3616: Module rsaenh.dll:
10:18:40:799 4388 Process 3616: Module timedate.cpl:
10:18:40:800 4388 Process 3616: Module ATL.DLL:
10:18:40:801 4388 Process 3616: Module NETAPI32.dll:
10:18:40:804 4388 Process 3616: Module PSAPI.DLL:
10:18:40:805 4388 Process 3616: Module OLEACC.dll:
10:18:40:814 4388 Process 3616: Module ACTXPRXY.DLL:
10:18:40:814 4388 Process 3616: Module USERENV.dll:
10:18:40:815 4388 Process 3616: Module wmpband.dll:
10:18:40:816 4388 Process 3616: Module MPR.dll:
10:18:40:818 4388 Process 3616: Module WINBRAND.dll:
10:18:40:819 4388 Process 3616: Module shacct.dll:
10:18:40:819 4388 Process 3616: Module SAMLIB.dll:
10:18:40:820 4388 Process 3616: Module msshsq.dll:
10:18:40:822 4388 Process 3616: Module NaturalLanguage6.dll:
10:18:40:824 4388 Process 3616: Module CRYPT32.dll:
10:18:40:825 4388 Process 3616: Module MSASN1.dll:
10:18:40:863 4388 Process 3616: Module authui.dll:
10:18:40:865 4388 Process 3616: Module MSIMG32.dll:
10:18:40:865 4388 Process 3616: Module LINKINFO.dll:
10:18:40:868 4388 Process 3616: Module urlmon.dll:
10:18:40:874 4388 Process 3616: Module iertutil.dll:
10:18:40:878 4388 Process 3616: Module WININET.dll:
10:18:40:879 4388 Process 3616: Module Normaliz.dll:
10:18:40:880 4388 Process 3616: Module NTMARTA.DLL:
10:18:40:881 4388 Process 3616: Module WLDAP32.dll:
10:18:40:882 4388 Process 3616: Module WS2_32.dll:
10:18:40:882 4388 Process 3616: Module NSI.dll:
10:18:40:906 4388 Process 3616: Module ieframe.dll:
10:18:40:909 4388 Process 3616: Module msiltcfg.dll:
10:18:40:909 4388 Process 3616: Module VERSION.dll:
10:18:40:917 4388 Process 3616: Module msi.dll:
10:18:40:919 4388 Process 3616: Module WINMM.dll:
10:18:40:920 4388 Process 3616: Module wdmaud.drv:
10:18:40:920 4388 Process 3616: Module ksuser.dll:
10:18:40:921 4388 Process 3616: Module MMDevAPI.DLL:
10:18:40:921 4388 Process 3616: Module AVRT.dll:
10:18:40:925 4388 Process 3616: Module SETUPAPI.dll:
10:18:40:927 4388 Process 3616: Module WINTRUST.dll:
10:18:40:928 4388 Process 3616: Module imagehlp.dll:
10:18:40:928 4388 Process 3616: Module AUDIOSES.DLL:
10:18:40:929 4388 Process 3616: Module audioeng.dll:
10:18:40:929 4388 Process 3616: Module msacm32.drv:
10:18:40:930 4388 Process 3616: Module MSACM32.dll:
10:18:40:930 4388 Process 3616: Module midimap.dll:
10:18:40:930 4388 Process 3616: Module cscapi.dll:
10:18:40:931 4388 Process 3616: Module ExplorerFrame.dll:
10:18:40:933 4388 Process 3616: Module stobject.dll:
10:18:40:937 4388 Process 3616: Module BatMeter.dll:
10:18:40:937 4388 Process 3616: Module WTSAPI32.dll:
10:18:40:938 4388 Process 3616: Module WINSTA.dll:
10:18:40:938 4388 Process 3616: Module es.dll:
10:18:40:939 4388 Process 3616: Module SndVolSSO.dll:
10:18:40:940 4388 Process 3616: Module ehSSO.dll:
10:18:40:941 4388 Process 3616: Module HID.DLL:
10:18:40:941 4388 Process 3616: Module FirewallAPI.dll:
10:18:40:948 4388 Process 3616: Module netshell.dll:
10:18:40:950 4388 Process 3616: Module IPHLPAPI.DLL:
10:18:40:951 4388 Process 3616: Module dhcpcsvc.DLL:
10:18:40:951 4388 Process 3616: Module DNSAPI.dll:
10:18:40:952 4388 Process 3616: Module WINNSI.DLL:
10:18:40:953 4388 Process 3616: Module dhcpcsvc6.DLL:
10:18:40:954 4388 Process 3616: Module nlaapi.dll:
10:18:40:961 4388 Process 3616: Module pnidui.dll:
10:18:40:963 4388 Process 3616: Module QUtil.dll:
10:18:40:963 4388 Process 3616: Module wevtapi.dll:
10:18:40:964 4388 Process 3616: Module wlanutil.dll:
10:18:40:964 4388 Process 3616: Module npmproxy.dll:
10:18:40:964 4388 Process 3616: Module Wlanapi.dll:
10:18:40:967 4388 Process 3616: Module OneX.DLL:
10:18:40:968 4388 Process 3616: Module eappprxy.dll:
10:18:40:969 4388 Process 3616: Module eappcfg.dll:
10:18:40:969 4388 Process 3616: Module bcrypt.dll:
10:18:40:970 4388 Process 3616: Module AltTab.dll:
10:18:40:971 4388 Process 3616: Module wpdshserviceobj.dll:
10:18:40:972 4388 Process 3616: Module PortableDeviceTypes.dll:
10:18:40:972 4388 Process 3616: Module PortableDeviceApi.dll:
10:18:40:973 4388 Process 3616: Module btncopy.dll:
10:18:40:990 4388 Process 3616: Module ntshrui.dll:
10:18:40:991 4388 Process 3616: Module mssprxy.dll:
10:18:40:992 4388 Process 3616: Module taskschd.dll:
10:18:40:992 4388 Process 3616: Module XmlLite.dll:
10:18:40:993 4388 Process 3616: Module srchadmin.dll:
10:18:41:075 4388 Process 3616: Module SyncCenter.dll:
10:18:41:083 4388 Process 3616: Module wscntfy.dll:
10:18:41:084 4388 Process 3616: Module WSCAPI.dll:
10:18:41:108 4388 Process 3616: Module imapi2.dll:
10:18:41:109 4388 Process 3616: Module QAgent.dll:
10:18:41:111 4388 Process 3616: Module fwpuclnt.dll:
10:18:41:113 4388 Process 3616: Module SXS.DLL:
10:18:41:115 4388 Process 3616: Module wbemprox.dll:
10:18:41:115 4388 Process 3616: Module wbemcomn.dll:
10:18:41:116 4388 Process 3616: Module wbemsvc.dll:
10:18:41:118 4388 Process 3616: Module fastprox.dll:
10:18:41:119 4388 Process 3616: Module NTDSAPI.dll:
10:18:41:122 4388 Process 3616: Module bthprops.cpl:
10:18:41:124 4388 Process 3616: Module ntlanman.dll:
10:18:41:125 4388 Process 3616: Module drprov.dll:
10:18:41:126 4388 Process 3616: Module davclnt.dll:
10:18:41:126 4388 Process 3616: Module btmmhook.dll:
10:18:41:147 4388 Process 3616: Module xwizards.dll:
10:18:41:147 4388 Process 3616: Module netprofm.dll:
10:18:41:148 4388 Process 3616: Module GPAPI.dll:
10:18:41:151 4388 Process 3616: Module msxml6.dll:
10:18:41:193 4388 Process 3616: Module RasMM.dll:
10:18:41:194 4388 Process 3616: Module RASAPI32.dll:
10:18:41:195 4388 Process 3616: Module rasman.dll:
10:18:41:196 4388 Process 3616: Module TAPI32.dll:
10:18:41:197 4388 Process 3616: Module rtutils.dll:
10:18:41:235 4388 Process 3616: Module WlanMM.dll:
10:18:41:236 4388 Process 3616: Module wlanhlp.dll:
10:18:41:237 4388 Process 3616: Module NDFAPI.DLL:
10:18:41:238 4388 Process 3616: Module wdi.dll:
10:18:41:264 4388 Process 3616: Module WLanConn.dll:
10:18:41:265 4388 Process 3616: Module FunDisc.dll:
10:18:41:265 4388 Process 3616: Module fdproxy.dll:
10:18:41:269 4388 Process 3616: Module msxml3.dll:
10:18:41:283 4388 Process 3616: Module NLSData0009.dll:
10:18:41:292 4388 Process 3616: Module NLSLexicons0009.dll:
10:18:41:310 4388 Process 3616: Module zipfldr.dll:
10:18:41:330 4388 Process 3616: Module tiptsf.dll:
10:18:41:331 4388 Process 3616: Module AcroIEHelper.dll:
10:18:41:332 4388 Process 3616: Module MSVCR80.dll:
10:18:41:333 4388 Process 3616: Module thumbcache.dll:
10:18:41:333 4388 Process 3616: Module MLANG.dll:
10:18:41:422 4388 Process 3616: Module NetworkExplorer.dll:
10:18:41:432 4388 Process 3616: Module MpOav.dll:
10:18:41:432 4388 Process 3616: Module MpOAv.dll:
10:18:41:433 4388 Process 3616: Module Cabinet.dll:
10:18:41:436 4388 Process 3624: Module dmhkcore.exe:
10:18:41:440 4388 Process 3624: Module ntdll.dll:
10:18:41:442 4388 Process 3624: Module kernel32.dll:
10:18:41:453 4388 Process 3624: Module gdiplus.dll:
10:18:41:455 4388 Process 3624: Module msvcrt.dll:
10:18:41:456 4388 Process 3624: Module USER32.dll:
10:18:41:458 4388 Process 3624: Module GDI32.dll:
10:18:41:461 4388 Process 3624: Module ADVAPI32.dll:
10:18:41:467 4388 Process 3624: Module RPCRT4.dll:
10:18:41:471 4388 Process 3624: Module ole32.dll:
10:18:41:473 4388 Process 3624: Module WINMM.dll:
10:18:41:476 4388 Process 3624: Module OLEAUT32.dll:
10:18:41:476 4388 Process 3624: Module OLEACC.dll:
10:18:41:480 4388 Process 3624: Module SETUPAPI.dll:
10:18:41:482 4388 Process 3624: Module WTSAPI32.dll:
10:18:41:495 4388 Process 3624: Module HookDllPS2.dll:
10:18:41:496 4388 Process 3624: Module COMDLG32.dll:
10:18:41:497 4388 Process 3624: Module SHLWAPI.dll:
10:18:41:499 4388 Process 3624: Module COMCTL32.dll:
10:18:41:524 4388 Process 3624: Module SHELL32.dll:
10:18:41:528 4388 Process 3624: Module WINSPOOL.DRV:
10:18:41:529 4388 Process 3624: Module oledlg.dll:
10:18:41:530 4388 Process 3624: Module IMM32.DLL:
10:18:41:532 4388 Process 3624: Module MSCTF.dll:
10:18:41:534 4388 Process 3624: Module LPK.DLL:
10:18:41:535 4388 Process 3624: Module USP10.dll:
10:18:41:539 4388 Process 3624: Module comctl32.dll:
10:18:41:541 4388 Process 3624: Module uxtheme.dll:
10:18:41:543 4388 Process 3624: Module SABI2.dll:
10:18:41:543 4388 Process 3624: Module PSAPI.DLL:
10:18:41:544 4388 Process 3624: Module MSVCR80.dll:
10:18:41:546 4388 Process 3624: Module CLBCatQ.DLL:
10:18:41:547 4388 Process 3624: Module MMDevApi.dll:
10:18:41:547 4388 Process 3624: Module WINSTA.dll:
10:18:41:548 4388 Process 3624: Module AUDIOSES.DLL:
10:18:41:548 4388 Process 3624: Module audioeng.dll:
10:18:41:549 4388 Process 3624: Module AVRT.dll:
10:18:41:550 4388 Process 3624: Module wbemprox.dll:
10:18:41:550 4388 Process 3624: Module wbemcomn.dll:
10:18:41:551 4388 Process 3624: Module WS2_32.dll:
10:18:41:551 4388 Process 3624: Module NSI.dll:
10:18:41:552 4388 Process 3624: Module rsaenh.dll:
10:18:41:552 4388 Process 3624: Module wbemsvc.dll:
10:18:41:554 4388 Process 3624: Module fastprox.dll:
10:18:41:554 4388 Process 3624: Module NTDSAPI.dll:
10:18:41:555 4388 Process 3624: Module DNSAPI.dll:
10:18:41:556 4388 Process 3624: Module WLDAP32.dll:
10:18:41:556 4388 Process 3624: Module NETAPI32.dll:
10:18:41:558 4388 Process 3624: Module Secur32.dll:
10:18:41:559 4388 Process 3624: Module atipdlxx.dll:
10:18:41:573 4388 Process 3796: Module RtHDVCpl.exe:
10:18:41:577 4388 Process 3796: Module ntdll.dll:
10:18:41:579 4388 Process 3796: Module kernel32.dll:
10:18:41:590 4388 Process 3796: Module SETUPAPI.dll:
10:18:41:592 4388 Process 3796: Module msvcrt.dll:
10:18:41:595 4388 Process 3796: Module ADVAPI32.dll:
10:18:41:600 4388 Process 3796: Module RPCRT4.dll:
10:18:41:602 4388 Process 3796: Module GDI32.dll:
10:18:41:605 4388 Process 3796: Module USER32.dll:
10:18:41:608 4388 Process 3796: Module OLEAUT32.dll:
10:18:41:612 4388 Process 3796: Module ole32.dll:
10:18:41:614 4388 Process 3796: Module WINMM.dll:
10:18:41:615 4388 Process 3796: Module OLEACC.dll:
10:18:41:616 4388 Process 3796: Module DSOUND.dll:
10:18:41:617 4388 Process 3796: Module POWRPROF.dll:
10:18:41:617 4388 Process 3796: Module VERSION.dll:
10:18:41:619 4388 Process 3796: Module PROPSYS.dll:
10:18:41:622 4388 Process 3796: Module gdiplus.dll:
10:18:41:623 4388 Process 3796: Module IMM32.dll:
10:18:41:626 4388 Process 3796: Module MSCTF.dll:
10:18:41:628 4388 Process 3796: Module SHLWAPI.dll:
10:18:41:629 4388 Process 3796: Module MSIMG32.dll:
10:18:41:629 4388 Process 3796: Module COMDLG32.dll:
10:18:41:635 4388 Process 3796: Module COMCTL32.dll:
10:18:41:664 4388 Process 3796: Module SHELL32.dll:
10:18:41:670 4388 Process 3796: Module WINSPOOL.DRV:
10:18:41:670 4388 Process 3796: Module oledlg.dll:
10:18:41:671 4388 Process 3796: Module LPK.DLL:
10:18:41:672 4388 Process 3796: Module USP10.dll:
10:18:41:673 4388 Process 3796: Module uxtheme.dll:
10:18:41:674 4388 Process 3796: Module WINTRUST.dll:
10:18:41:677 4388 Process 3796: Module CRYPT32.dll:
10:18:41:678 4388 Process 3796: Module MSASN1.dll:
10:18:41:678 4388 Process 3796: Module USERENV.dll:
10:18:41:678 4388 Process 3796: Module Secur32.dll:
10:18:41:681 4388 Process 3796: Module imagehlp.dll:
10:18:41:683 4388 Process 3796: Module CLBCatQ.DLL:
10:18:41:684 4388 Process 3796: Module MMDevApi.dll:
10:18:41:684 4388 Process 3796: Module AUDIOSES.DLL:
10:18:41:685 4388 Process 3796: Module audioeng.dll:
10:18:41:686 4388 Process 3796: Module PSAPI.DLL:
10:18:41:686 4388 Process 3796: Module AVRT.dll:
10:18:41:687 4388 Process 3796: Module rsaenh.dll:
10:18:41:687 4388 Process 3796: Module WTSAPI32.dll:
10:18:41:688 4388 Process 3796: Module WINSTA.dll:
10:18:41:692 4388 Process 3808: Module SynTPEnh.exe:
10:18:41:696 4388 Process 3808: Module ntdll.dll:
10:18:41:698 4388 Process 3808: Module kernel32.dll:
10:18:41:707 4388 Process 3808: Module VERSION.dll:
10:18:41:710 4388 Process 3808: Module msvcrt.dll:
10:18:41:711 4388 Process 3808: Module WINMM.dll:
10:18:41:714 4388 Process 3808: Module USER32.dll:
10:18:41:716 4388 Process 3808: Module GDI32.dll:
10:18:41:719 4388 Process 3808: Module ADVAPI32.dll:
10:18:41:724 4388 Process 3808: Module RPCRT4.dll:
10:18:41:729 4388 Process 3808: Module ole32.dll:
10:18:41:733 4388 Process 3808: Module OLEAUT32.dll:
10:18:41:734 4388 Process 3808: Module OLEACC.dll:
10:18:41:736 4388 Process 3808: Module PSAPI.DLL:
10:18:41:737 4388 Process 3808: Module comdlg32.dll:
10:18:41:740 4388 Process 3808: Module SHLWAPI.dll:
10:18:41:743 4388 Process 3808: Module COMCTL32.dll:
10:18:41:778 4388 Process 3808: Module SHELL32.dll:
10:18:41:783 4388 Process 3808: Module IMM32.DLL:
10:18:41:785 4388 Process 3808: Module MSCTF.dll:
10:18:41:787 4388 Process 3808: Module LPK.DLL:
10:18:41:788 4388 Process 3808: Module USP10.dll:
10:18:41:791 4388 Process 3808: Module comctl32.dll:
10:18:41:794 4388 Process 3808: Module uxtheme.dll:
10:18:41:796 4388 Process 3808: Module CLBCatQ.DLL:
10:18:41:797 4388 Process 3808: Module SynCOM.dll:
10:18:41:798 4388 Process 3808: Module SynTPAPI.dll:
10:18:41:798 4388 Process 3808: Module WINSTA.dll:
10:18:41:800 4388 Process 3808: Module PROPSYS.dll:
10:18:41:801 4388 Process 3808: Module USERENV.dll:
10:18:41:801 4388 Process 3808: Module Secur32.dll:
10:18:41:805 4388 Process 3808: Module urlmon.dll:
10:18:41:810 4388 Process 3808: Module iertutil.dll:
10:18:41:814 4388 Process 3808: Module WININET.dll:
10:18:41:816 4388 Process 3808: Module Normaliz.dll:
10:18:41:820 4388 Process 3808: Module SETUPAPI.dll:
10:18:41:822 4388 Process 3808: Module MPR.dll:
10:18:41:824 4388 Process 3816: Module PDVDServ.exe:
10:18:41:827 4388 Process 3816: Module ntdll.dll:
10:18:41:829 4388 Process 3816: Module kernel32.dll:
10:18:41:840 4388 Process 3816: Module SHLWAPI.dll:
10:18:41:842 4388 Process 3816: Module GDI32.dll:
10:18:41:846 4388 Process 3816: Module USER32.dll:
10:18:41:851 4388 Process 3816: Module ADVAPI32.dll:
10:18:41:856 4388 Process 3816: Module RPCRT4.dll:
10:18:41:860 4388 Process 3816: Module msvcrt.dll:
10:18:41:882 4388 Process 3816: Module SHELL32.dll:
10:18:41:889 4388 Process 3816: Module ole32.dll:
10:18:41:891 4388 Process 3816: Module IMM32.DLL:
10:18:41:894 4388 Process 3816: Module MSCTF.dll:
10:18:41:895 4388 Process 3816: Module LPK.DLL:
10:18:41:896 4388 Process 3816: Module USP10.dll:
10:18:41:900 4388 Process 3816: Module comctl32.dll:
10:18:41:902 4388 Process 3816: Module uxtheme.dll:
10:18:41:906 4388 Process 3816: Module CLBCatQ.DLL:
10:18:41:909 4388 Process 3816: Module OLEAUT32.dll:
10:18:41:931 4388 Process 3816: Module CLRCEngine3.dll:
10:18:41:933 4388 Process 3816: Module MSVCR71.dll:
10:18:41:934 4388 Process 3816: Module rsaenh.dll:
10:18:41:936 4388 Process 3836: Module hpwuSchd2.exe:
10:18:41:938 4388 Process 3836: Module ntdll.dll:
10:18:41:940 4388 Process 3836: Module kernel32.dll:
10:18:41:949 4388 Process 3836: Module USER32.dll:
10:18:41:951 4388 Process 3836: Module GDI32.dll:
10:18:41:954 4388 Process 3836: Module ADVAPI32.dll:
10:18:41:960 4388 Process 3836: Module RPCRT4.dll:
10:18:41:984 4388 Process 3836: Module SHELL32.dll:
10:18:41:993 4388 Process 3836: Module msvcrt.dll:
10:18:41:993 4388 Process 3836: Module SHLWAPI.dll:
10:18:41:994 4388 Process 3836: Module IMM32.DLL:
10:18:41:997 4388 Process 3836: Module MSCTF.dll:
10:18:41:998 4388 Process 3836: Module LPK.DLL:
10:18:42:000 4388 Process 3836: Module USP10.dll:
10:18:42:003 4388 Process 3836: Module comctl32.dll:
10:18:42:008 4388 Process 3836: Module uxtheme.dll:
10:18:42:014 4388 Process 3836: Module ole32.dll:
10:18:42:018 4388 Process 3836: Module PROPSYS.dll:
10:18:42:019 4388 Process 3836: Module OLEAUT32.dll:
10:18:42:020 4388 Process 3836: Module USERENV.dll:
10:18:42:021 4388 Process 3836: Module Secur32.dll:
10:18:42:023 4388 Process 3836: Module CLBCatQ.DLL:
10:18:42:026 4388 Process 3836: Module SETUPAPI.dll:
10:18:42:028 4388 Process 3836: Module apphelp.dll:
10:18:42:030 4388 Process 3836: Module MPR.dll:
10:18:42:037 4388 Process 3972: Module BJMYPRT.EXE:
 
10:18:42:040 4388 Process 3972: Module ntdll.dll:
10:18:42:042 4388 Process 3972: Module kernel32.dll:
10:18:42:050 4388 Process 3972: Module VERSION.dll:
10:18:42:051 4388 Process 3972: Module msvcrt.dll:
10:18:42:052 4388 Process 3972: Module USP10.dll:
10:18:42:055 4388 Process 3972: Module USER32.dll:
10:18:42:058 4388 Process 3972: Module GDI32.dll:
10:18:42:061 4388 Process 3972: Module ADVAPI32.dll:
10:18:42:067 4388 Process 3972: Module RPCRT4.dll:
10:18:42:069 4388 Process 3972: Module WINSPOOL.DRV:
10:18:42:094 4388 Process 3972: Module SHELL32.dll:
10:18:42:099 4388 Process 3972: Module SHLWAPI.dll:
10:18:42:101 4388 Process 3972: Module OLEAUT32.dll:
10:18:42:105 4388 Process 3972: Module ole32.dll:
10:18:42:107 4388 Process 3972: Module IMM32.DLL:
10:18:42:110 4388 Process 3972: Module MSCTF.dll:
10:18:42:113 4388 Process 3972: Module LPK.DLL:
10:18:42:119 4388 Process 3972: Module comctl32.dll:
10:18:42:121 4388 Process 3972: Module uxtheme.dll:
10:18:42:210 4388 Process 3972: Module BJMyRes.dll:
10:18:42:219 4388 Process 3980: Module CNSEMAIN.EXE:
10:18:42:225 4388 Process 3980: Module ntdll.dll:
10:18:42:228 4388 Process 3980: Module kernel32.dll:
10:18:42:244 4388 Process 3980: Module VERSION.dll:
10:18:42:247 4388 Process 3980: Module msvcrt.dll:
10:18:42:250 4388 Process 3980: Module MFC80U.DLL:
10:18:42:256 4388 Process 3980: Module MSVCR80.dll:
10:18:42:257 4388 Process 3980: Module GDI32.dll:
10:18:42:261 4388 Process 3980: Module USER32.dll:
10:18:42:267 4388 Process 3980: Module ADVAPI32.dll:
10:18:42:277 4388 Process 3980: Module RPCRT4.dll:
10:18:42:281 4388 Process 3980: Module SHLWAPI.dll:
10:18:42:283 4388 Process 3980: Module MSIMG32.dll:
10:18:42:283 4388 Process 3980: Module WINSPOOL.DRV:
10:18:42:321 4388 Process 3980: Module SHELL32.dll:
10:18:42:333 4388 Process 3980: Module COMCTL32.dll:
10:18:42:338 4388 Process 3980: Module ole32.dll:
10:18:42:341 4388 Process 3980: Module OLEAUT32.dll:
10:18:42:345 4388 Process 3980: Module gdiplus.dll:
10:18:42:349 4388 Process 3980: Module WININET.dll:
10:18:42:350 4388 Process 3980: Module Normaliz.dll:
10:18:42:353 4388 Process 3980: Module iertutil.dll:
10:18:42:356 4388 Process 3980: Module urlmon.dll:
10:18:42:358 4388 Process 3980: Module MSVCP80.dll:
10:18:42:359 4388 Process 3980: Module WINMM.dll:
10:18:42:360 4388 Process 3980: Module OLEACC.dll:
10:18:42:361 4388 Process 3980: Module IMM32.DLL:
10:18:42:364 4388 Process 3980: Module MSCTF.dll:
10:18:42:365 4388 Process 3980: Module LPK.DLL:
10:18:42:366 4388 Process 3980: Module USP10.dll:
10:18:42:366 4388 Process 3980: Module MFC80ENU.DLL:
10:18:42:367 4388 Process 3980: Module uxtheme.dll:
10:18:42:382 4388 Process 3980: Module wiadss.dll:
10:18:42:383 4388 Process 3980: Module CLBCatQ.DLL:
10:18:42:384 4388 Process 3980: Module rsaenh.dll:
10:18:42:385 4388 Process 3980: Module sti.dll:
10:18:42:385 4388 Process 3980: Module CFGMGR32.dll:
10:18:42:388 4388 Process 3980: Module setupapi.DLL:
10:18:42:390 4388 Process 3980: Module wiatrace.dll:
10:18:42:390 4388 Process 3980: Module CNSELANG.dll:
10:18:42:393 4388 Process 3980: Module msxml6.dll:
10:18:42:394 4388 Process 3980: Module USERENV.dll:
10:18:42:394 4388 Process 3980: Module Secur32.dll:
10:18:42:397 4388 Process 3980: Module CNMDRAR.DLL:
10:18:42:398 4388 Process 3980: Module mscms.dll:
10:18:42:405 4388 Process 3980: Module CNMUIAR.DLL:
10:18:42:407 4388 Process 3980: Module PSAPI.DLL:
10:18:42:423 4388 Process 3980: Module icm32.dll:
10:18:42:423 4388 Process 3980: Module bidispl.dll:
10:18:42:425 4388 Process 3980: Module CRYPT32.dll:
10:18:42:426 4388 Process 3980: Module MSASN1.dll:
10:18:42:426 4388 Process 3980: Module btmmhook.dll:
10:18:42:428 4388 Process 3980: Module PROPSYS.dll:
10:18:42:429 4388 Process 3980: Module apphelp.dll:
10:18:42:436 4388 Process 3988: Module jusched.exe:
10:18:42:441 4388 Process 3988: Module ntdll.dll:
10:18:42:444 4388 Process 3988: Module kernel32.dll:
10:18:42:455 4388 Process 3988: Module ADVAPI32.dll:
10:18:42:462 4388 Process 3988: Module RPCRT4.dll:
10:18:42:464 4388 Process 3988: Module GDI32.dll:
10:18:42:468 4388 Process 3988: Module USER32.dll:
10:18:42:473 4388 Process 3988: Module WININET.dll:
10:18:42:476 4388 Process 3988: Module msvcrt.dll:
10:18:42:478 4388 Process 3988: Module SHLWAPI.dll:
10:18:42:479 4388 Process 3988: Module Normaliz.dll:
10:18:42:485 4388 Process 3988: Module iertutil.dll:
10:18:42:489 4388 Process 3988: Module urlmon.dll:
10:18:42:495 4388 Process 3988: Module ole32.dll:
10:18:42:499 4388 Process 3988: Module OLEAUT32.dll:
10:18:42:539 4388 Process 3988: Module SHELL32.dll:
10:18:42:544 4388 Process 3988: Module IMM32.DLL:
10:18:42:547 4388 Process 3988: Module MSCTF.dll:
10:18:42:549 4388 Process 3988: Module LPK.DLL:
10:18:42:551 4388 Process 3988: Module USP10.dll:
10:18:42:556 4388 Process 3988: Module comctl32.dll:
10:18:42:559 4388 Process 3988: Module uxtheme.dll:
10:18:42:565 4388 Process 3996: Module msseces.exe:
10:18:42:568 4388 Process 3996: Module ntdll.dll:
10:18:42:570 4388 Process 3996: Module kernel32.dll:
10:18:42:579 4388 Process 3996: Module msvcrt.dll:
10:18:42:580 4388 Process 3996: Module mpclient.dll:
10:18:42:582 4388 Process 3996: Module ADVAPI32.dll:
10:18:42:588 4388 Process 3996: Module RPCRT4.dll:
10:18:42:592 4388 Process 3996: Module ole32.dll:
10:18:42:595 4388 Process 3996: Module GDI32.dll:
10:18:42:597 4388 Process 3996: Module USER32.dll:
10:18:42:600 4388 Process 3996: Module OLEAUT32.dll:
10:18:42:601 4388 Process 3996: Module WINTRUST.dll:
10:18:42:604 4388 Process 3996: Module CRYPT32.dll:
10:18:42:604 4388 Process 3996: Module MSASN1.dll:
10:18:42:605 4388 Process 3996: Module USERENV.dll:
10:18:42:605 4388 Process 3996: Module Secur32.dll:
10:18:42:607 4388 Process 3996: Module imagehlp.dll:
10:18:42:607 4388 Process 3996: Module VERSION.dll:
10:18:42:611 4388 Process 3996: Module COMCTL32.dll:
10:18:42:613 4388 Process 3996: Module SHLWAPI.dll:
10:18:42:617 4388 Process 3996: Module gdiplus.dll:
10:18:42:620 4388 Process 3996: Module WININET.dll:
10:18:42:621 4388 Process 3996: Module Normaliz.dll:
10:18:42:625 4388 Process 3996: Module iertutil.dll:
10:18:42:627 4388 Process 3996: Module urlmon.dll:
10:18:42:628 4388 Process 3996: Module WTSAPI32.dll:
10:18:42:657 4388 Process 3996: Module SHELL32.dll:
10:18:42:663 4388 Process 3996: Module COMDLG32.dll:
10:18:42:664 4388 Process 3996: Module PSAPI.DLL:
10:18:42:665 4388 Process 3996: Module IMM32.DLL:
10:18:42:668 4388 Process 3996: Module MSCTF.dll:
10:18:42:669 4388 Process 3996: Module LPK.DLL:
10:18:42:670 4388 Process 3996: Module USP10.dll:
10:18:42:671 4388 Process 3996: Module uxtheme.dll:
10:18:42:672 4388 Process 3996: Module rsaenh.dll:
10:18:42:673 4388 Process 3996: Module ncrypt.dll:
10:18:42:674 4388 Process 3996: Module BCRYPT.dll:
10:18:42:675 4388 Process 3996: Module NTMARTA.DLL:
10:18:42:676 4388 Process 3996: Module WLDAP32.dll:
10:18:42:677 4388 Process 3996: Module WS2_32.dll:
10:18:42:677 4388 Process 3996: Module NSI.dll:
10:18:42:678 4388 Process 3996: Module SAMLIB.dll:
10:18:42:678 4388 Process 3996: Module GPAPI.dll:
10:18:42:679 4388 Process 3996: Module slc.dll:
10:18:42:679 4388 Process 3996: Module EppManifest.dll:
10:18:42:681 4388 Process 3996: Module CLBCatQ.DLL:
10:18:42:684 4388 Process 3996: Module msxml3.dll:
10:18:42:686 4388 Process 3996: Module MSFTEDIT.DLL:
10:18:42:706 4388 Process 3996: Module SqmApi.dll:
10:18:42:713 4388 Process 4004: Module sidebar.exe:
10:18:42:717 4388 Process 4004: Module ntdll.dll:
10:18:42:719 4388 Process 4004: Module kernel32.dll:
10:18:42:728 4388 Process 4004: Module ADVAPI32.dll:
10:18:42:736 4388 Process 4004: Module RPCRT4.dll:
10:18:42:740 4388 Process 4004: Module GDI32.dll:
10:18:42:744 4388 Process 4004: Module USER32.dll:
10:18:42:749 4388 Process 4004: Module msvcrt.dll:
10:18:42:749 4388 Process 4004: Module ATL.DLL:
10:18:42:753 4388 Process 4004: Module ole32.dll:
10:18:42:758 4388 Process 4004: Module OLEAUT32.dll:
10:18:42:764 4388 Process 4004: Module COMCTL32.dll:
10:18:42:767 4388 Process 4004: Module SHLWAPI.dll:
10:18:42:771 4388 Process 4004: Module gdiplus.dll:
10:18:42:793 4388 Process 4004: Module SHELL32.dll:
10:18:42:800 4388 Process 4004: Module urlmon.dll:
10:18:42:807 4388 Process 4004: Module iertutil.dll:
10:18:42:811 4388 Process 4004: Module WININET.dll:
10:18:42:813 4388 Process 4004: Module Normaliz.dll:
10:18:42:816 4388 Process 4004: Module CRYPT32.dll:
10:18:42:817 4388 Process 4004: Module MSASN1.dll:
10:18:42:817 4388 Process 4004: Module USERENV.dll:
10:18:42:818 4388 Process 4004: Module Secur32.dll:
10:18:42:820 4388 Process 4004: Module sfc.dll:
10:18:42:820 4388 Process 4004: Module sfc_os.DLL:
10:18:42:826 4388 Process 4004: Module SETUPAPI.dll:
10:18:42:827 4388 Process 4004: Module dwmapi.dll:
10:18:42:830 4388 Process 4004: Module CRYPTUI.dll:
10:18:42:832 4388 Process 4004: Module WINTRUST.dll:
10:18:42:833 4388 Process 4004: Module imagehlp.dll:
10:18:42:834 4388 Process 4004: Module NETAPI32.dll:
10:18:42:838 4388 Process 4004: Module PSAPI.DLL:
10:18:42:839 4388 Process 4004: Module WLDAP32.dll:
10:18:42:839 4388 Process 4004: Module WS2_32.dll:
10:18:42:840 4388 Process 4004: Module NSI.dll:
10:18:42:840 4388 Process 4004: Module VERSION.dll:
10:18:42:840 4388 Process 4004: Module MSIMG32.dll:
10:18:42:841 4388 Process 4004: Module UxTheme.dll:
10:18:42:842 4388 Process 4004: Module IMM32.DLL:
10:18:42:845 4388 Process 4004: Module MSCTF.dll:
10:18:42:846 4388 Process 4004: Module LPK.DLL:
10:18:42:848 4388 Process 4004: Module USP10.dll:
10:18:42:849 4388 Process 4004: Module CLBCatQ.DLL:
10:18:42:850 4388 Process 4004: Module SXS.DLL:
10:18:42:851 4388 Process 4004: Module rsaenh.dll:
10:18:42:852 4388 Process 4004: Module WTSAPI32.dll:
10:18:42:853 4388 Process 4004: Module WINSTA.dll:
10:18:42:854 4388 Process 4004: Module Wlanapi.dll:
10:18:42:857 4388 Process 4004: Module OneX.DLL:
10:18:42:858 4388 Process 4004: Module eappprxy.dll:
10:18:42:859 4388 Process 4004: Module eappcfg.dll:
10:18:42:859 4388 Process 4004: Module DUser.dll:
10:18:42:860 4388 Process 4004: Module OLEACC.dll:
10:18:42:861 4388 Process 4004: Module bcrypt.dll:
10:18:42:862 4388 Process 4004: Module wlanutil.dll:
10:18:42:870 4388 Process 4012: Module LightScribeControlPanel.exe:
10:18:42:873 4388 Process 4012: Module ntdll.dll:
10:18:42:875 4388 Process 4012: Module kernel32.dll:
10:18:42:939 4388 Process 4012: Module QtCore4.dll:
10:18:42:941 4388 Process 4012: Module USER32.dll:
10:18:42:943 4388 Process 4012: Module GDI32.dll:
10:18:42:946 4388 Process 4012: Module ADVAPI32.dll:
10:18:42:952 4388 Process 4012: Module RPCRT4.dll:
10:18:42:959 4388 Process 4012: Module ole32.dll:
10:18:42:963 4388 Process 4012: Module msvcrt.dll:
10:18:42:963 4388 Process 4012: Module WS2_32.dll:
10:18:42:964 4388 Process 4012: Module NSI.dll:
10:18:42:965 4388 Process 4012: Module MSVCP80.dll:
10:18:42:967 4388 Process 4012: Module MSVCR80.dll:
10:18:42:983 4388 Process 4012: Module QtGui4.dll:
10:18:42:986 4388 Process 4012: Module comdlg32.dll:
10:18:42:989 4388 Process 4012: Module SHLWAPI.dll:
10:18:42:991 4388 Process 4012: Module COMCTL32.dll:
10:18:43:020 4388 Process 4012: Module SHELL32.dll:
10:18:43:026 4388 Process 4012: Module OLEAUT32.dll:
10:18:43:027 4388 Process 4012: Module IMM32.dll:
10:18:43:029 4388 Process 4012: Module MSCTF.dll:
10:18:43:033 4388 Process 4012: Module WINMM.dll:
10:18:43:034 4388 Process 4012: Module OLEACC.dll:
10:18:43:036 4388 Process 4012: Module WINSPOOL.DRV:
10:18:43:037 4388 Process 4012: Module VERSION.dll:
10:18:43:037 4388 Process 4012: Module LPK.DLL:
10:18:43:039 4388 Process 4012: Module USP10.dll:
10:18:43:045 4388 Process 4012: Module comctl32.dll:
10:18:43:049 4388 Process 4012: Module uxtheme.dll:
10:18:43:052 4388 Process 4012: Module qjpeg4.dll:
10:18:43:055 4388 Process 4020: Module ehtray.exe:
10:18:43:060 4388 Process 4020: Module ntdll.dll:
10:18:43:063 4388 Process 4020: Module kernel32.dll:
10:18:43:072 4388 Process 4020: Module ADVAPI32.dll:
10:18:43:078 4388 Process 4020: Module RPCRT4.dll:
10:18:43:081 4388 Process 4020: Module USER32.dll:
10:18:43:083 4388 Process 4020: Module GDI32.dll:
10:18:43:107 4388 Process 4020: Module SHELL32.dll:
10:18:43:112 4388 Process 4020: Module msvcrt.dll:
10:18:43:113 4388 Process 4020: Module SHLWAPI.dll:
10:18:43:117 4388 Process 4020: Module ole32.dll:
10:18:43:120 4388 Process 4020: Module OLEAUT32.dll:
10:18:43:120 4388 Process 4020: Module WTSAPI32.dll:
10:18:43:121 4388 Process 4020: Module slc.dll:
10:18:43:122 4388 Process 4020: Module HID.DLL:
10:18:43:125 4388 Process 4020: Module SETUPAPI.dll:
10:18:43:127 4388 Process 4020: Module IMM32.DLL:
10:18:43:129 4388 Process 4020: Module MSCTF.dll:
10:18:43:131 4388 Process 4020: Module LPK.DLL:
10:18:43:132 4388 Process 4020: Module USP10.dll:
10:18:43:137 4388 Process 4020: Module comctl32.dll:
10:18:43:140 4388 Process 4020: Module uxtheme.dll:
10:18:43:142 4388 Process 4020: Module WINSTA.dll:
10:18:43:143 4388 Process 4020: Module CLBCatQ.DLL:
10:18:43:144 4388 Process 4020: Module rsaenh.dll:
10:18:43:208 4388 Process 4020: Module ehProxy.dll:
10:18:43:210 4388 Process 4032: Module NPSAgent.exe:
10:18:43:214 4388 Process 4032: Module ntdll.dll:
10:18:43:216 4388 Process 4032: Module kernel32.dll:
10:18:43:225 4388 Process 4032: Module MFC80U.DLL:
10:18:43:228 4388 Process 4032: Module MSVCR80.dll:
10:18:43:230 4388 Process 4032: Module msvcrt.dll:
10:18:43:231 4388 Process 4032: Module GDI32.dll:
10:18:43:235 4388 Process 4032: Module USER32.dll:
10:18:43:238 4388 Process 4032: Module ADVAPI32.dll:
10:18:43:246 4388 Process 4032: Module RPCRT4.dll:
10:18:43:248 4388 Process 4032: Module SHLWAPI.dll:
10:18:43:271 4388 Process 4032: Module SHELL32.dll:
10:18:43:278 4388 Process 4032: Module ole32.dll:
10:18:43:282 4388 Process 4032: Module OLEAUT32.dll:
 
That's roughly half of it :confused: I'm concerned something has gone wrong here, I'll take a break from posting the report until I hear back that that's what it is supposed to look like (or otherwise!). Apologies if I've effed up.
 
Go ahead and upload it, and I can take a better look. :)

If it's too big for this forum, then do this:

Upload to SpeedyShare.com.
  • When you enter the site, click the center bar, "Click here to upload[...]", find the file. Select that, and upload it.
  • Once you do that, you will get a sharing link. Please post that in your next reply.
 
10:18:43:288 4388 Process 4032: Module SETUPAPI.dll:
10:18:43:289 4388 Process 4032: Module IMM32.DLL:
10:18:43:294 4388 Process 4032: Module MSCTF.dll:
10:18:43:295 4388 Process 4032: Module LPK.DLL:
10:18:43:297 4388 Process 4032: Module USP10.dll:
10:18:43:304 4388 Process 4032: Module comctl32.dll:
10:18:43:306 4388 Process 4032: Module MFC80ENU.DLL:
10:18:43:307 4388 Process 4032: Module uxtheme.dll:
10:18:43:310 4388 Process 4032: Module WINTRUST.dll:
10:18:43:314 4388 Process 4032: Module CRYPT32.dll:
10:18:43:315 4388 Process 4032: Module MSASN1.dll:
10:18:43:316 4388 Process 4032: Module USERENV.dll:
10:18:43:316 4388 Process 4032: Module Secur32.dll:
10:18:43:318 4388 Process 4032: Module imagehlp.dll:
10:18:43:323 4388 Process 4084: Module SpotifyWebHelper.exe:
10:18:43:327 4388 Process 4084: Module ntdll.dll:
10:18:43:331 4388 Process 4084: Module kernel32.dll:
10:18:43:342 4388 Process 4084: Module CRYPT32.dll:
10:18:43:345 4388 Process 4084: Module ADVAPI32.dll:
10:18:43:351 4388 Process 4084: Module RPCRT4.dll:
10:18:43:355 4388 Process 4084: Module msvcrt.dll:
10:18:43:357 4388 Process 4084: Module USER32.dll:
10:18:43:360 4388 Process 4084: Module GDI32.dll:
10:18:43:361 4388 Process 4084: Module MSASN1.dll:
10:18:43:361 4388 Process 4084: Module USERENV.dll:
10:18:43:362 4388 Process 4084: Module Secur32.dll:
10:18:43:366 4388 Process 4084: Module WININET.dll:
10:18:43:368 4388 Process 4084: Module SHLWAPI.dll:
10:18:43:368 4388 Process 4084: Module Normaliz.dll:
10:18:43:374 4388 Process 4084: Module iertutil.dll:
10:18:43:378 4388 Process 4084: Module urlmon.dll:
10:18:43:383 4388 Process 4084: Module ole32.dll:
10:18:43:387 4388 Process 4084: Module OLEAUT32.dll:
10:18:43:422 4388 Process 4084: Module SHELL32.dll:
10:18:43:427 4388 Process 4084: Module WS2_32.dll:
10:18:43:428 4388 Process 4084: Module NSI.dll:
10:18:43:428 4388 Process 4084: Module IMM32.DLL:
10:18:43:432 4388 Process 4084: Module MSCTF.dll:
10:18:43:433 4388 Process 4084: Module LPK.DLL:
10:18:43:435 4388 Process 4084: Module USP10.dll:
10:18:43:440 4388 Process 4084: Module comctl32.dll:
10:18:43:442 4388 Process 4084: Module uxtheme.dll:
10:18:43:444 4388 Process 4084: Module Wtsapi32.dll:
10:18:43:444 4388 Process 4084: Module WINSTA.dll:
10:18:43:445 4388 Process 4084: Module mswsock.dll:
10:18:43:446 4388 Process 4084: Module wshtcpip.dll:
10:18:43:547 4388 Process 2128: Module Skype.exe:
10:18:43:554 4388 Process 2128: Module ntdll.dll:
10:18:43:557 4388 Process 2128: Module kernel32.dll:
10:18:43:565 4388 Process 2128: Module oleaut32.dll:
10:18:43:568 4388 Process 2128: Module ole32.dll:
10:18:43:571 4388 Process 2128: Module msvcrt.dll:
10:18:43:572 4388 Process 2128: Module GDI32.dll:
10:18:43:574 4388 Process 2128: Module USER32.dll:
10:18:43:578 4388 Process 2128: Module ADVAPI32.dll:
10:18:43:583 4388 Process 2128: Module RPCRT4.dll:
10:18:43:585 4388 Process 2128: Module IMM32.DLL:
10:18:43:588 4388 Process 2128: Module MSCTF.dll:
10:18:43:589 4388 Process 2128: Module LPK.DLL:
10:18:43:590 4388 Process 2128: Module USP10.dll:
10:18:43:591 4388 Process 2128: Module wintrust.dll:
10:18:43:594 4388 Process 2128: Module CRYPT32.dll:
10:18:43:594 4388 Process 2128: Module MSASN1.dll:
10:18:43:594 4388 Process 2128: Module USERENV.dll:
10:18:43:595 4388 Process 2128: Module Secur32.dll:
10:18:43:596 4388 Process 2128: Module imagehlp.dll:
10:18:43:596 4388 Process 2128: Module msimg32.dll:
10:18:43:597 4388 Process 2128: Module version.dll:
10:18:43:601 4388 Process 2128: Module comctl32.dll:
10:18:43:603 4388 Process 2128: Module SHLWAPI.dll:
10:18:43:605 4388 Process 2128: Module winspool.drv:
10:18:43:608 4388 Process 2128: Module URLMON.DLL:
10:18:43:612 4388 Process 2128: Module iertutil.dll:
10:18:43:615 4388 Process 2128: Module WININET.dll:
10:18:43:616 4388 Process 2128: Module Normaliz.dll:
10:18:43:639 4388 Process 2128: Module shell32.dll:
10:18:43:643 4388 Process 2128: Module comdlg32.dll:
10:18:43:645 4388 Process 2128: Module oleacc.dll:
10:18:43:649 4388 Process 2128: Module d3d9.dll:
10:18:43:650 4388 Process 2128: Module d3d8thk.dll:
10:18:43:650 4388 Process 2128: Module dwmapi.dll:
10:18:43:651 4388 Process 2128: Module SHFolder.dll:
10:18:43:651 4388 Process 2128: Module winmm.dll:
10:18:43:652 4388 Process 2128: Module WS2_32.dll:
10:18:43:653 4388 Process 2128: Module NSI.dll:
10:18:43:653 4388 Process 2128: Module DNSAPI.dll:
10:18:43:654 4388 Process 2128: Module POWRPROF.dll:
10:18:43:654 4388 Process 2128: Module MSACM32.dll:
10:18:43:658 4388 Process 2128: Module SETUPAPI.dll:
10:18:43:660 4388 Process 2128: Module uxtheme.dll:
10:18:43:664 4388 Process 2128: Module gdiplus.dll:
10:18:43:665 4388 Process 2128: Module olepro32.dll:
10:18:43:666 4388 Process 2128: Module Iphlpapi.dll:
10:18:43:666 4388 Process 2128: Module dhcpcsvc.DLL:
10:18:43:667 4388 Process 2128: Module WINNSI.DLL:
10:18:43:668 4388 Process 2128: Module dhcpcsvc6.DLL:
10:18:43:668 4388 Process 2128: Module avrt.dll:
10:18:43:671 4388 Process 2128: Module cryptui.dll:
10:18:43:673 4388 Process 2128: Module NETAPI32.dll:
10:18:43:674 4388 Process 2128: Module PSAPI.DLL:
10:18:43:675 4388 Process 2128: Module WLDAP32.dll:
10:18:43:675 4388 Process 2128: Module mapi32.dll:
10:18:43:676 4388 Process 2128: Module wtsapi32.dll:
10:18:43:676 4388 Process 2128: Module SXS.DLL:
10:18:43:679 4388 Process 2128: Module PROPSYS.dll:
10:18:43:681 4388 Process 2128: Module CLBCatQ.DLL:
10:18:43:682 4388 Process 2128: Module rsaenh.dll:
10:18:43:682 4388 Process 2128: Module mswsock.dll:
10:18:43:683 4388 Process 2128: Module wshtcpip.dll:
10:18:43:684 4388 Process 2128: Module wlanapi.dll:
10:18:43:687 4388 Process 2128: Module OneX.DLL:
10:18:43:688 4388 Process 2128: Module eappprxy.dll:
10:18:43:688 4388 Process 2128: Module eappcfg.dll:
10:18:43:689 4388 Process 2128: Module DUser.dll:
10:18:43:690 4388 Process 2128: Module bcrypt.dll:
10:18:43:691 4388 Process 2128: Module wlanutil.dll:
10:18:43:691 4388 Process 2128: Module NTMARTA.DLL:
10:18:43:692 4388 Process 2128: Module SAMLIB.dll:
10:18:43:693 4388 Process 2128: Module MMDevApi.dll:
10:18:43:693 4388 Process 2128: Module WINSTA.dll:
10:18:43:702 4388 Process 2128: Module atiumdag.dll:
10:18:43:713 4388 Process 2128: Module atiumdva.dll:
10:18:43:716 4388 Process 2128: Module WindowsCodecs.dll:
10:18:43:717 4388 Process 2128: Module apphelp.dll:
10:18:43:719 4388 Process 2128: Module EhStorShell.dll:
10:18:43:719 4388 Process 2128: Module btmmhook.dll:
10:18:43:722 4388 Process 2128: Module jscript.dll:
10:18:43:744 4388 Process 2128: Module mshtml.dll:
10:18:43:768 4388 Process 2128: Module ieframe.dll:
10:18:43:772 4388 Process 2128: Module RASAPI32.dll:
10:18:43:772 4388 Process 2128: Module rasman.dll:
10:18:43:773 4388 Process 2128: Module TAPI32.dll:
10:18:43:773 4388 Process 2128: Module rtutils.dll:
10:18:43:774 4388 Process 2128: Module credssp.dll:
10:18:43:774 4388 Process 2128: Module schannel.dll:
10:18:43:775 4388 Process 2128: Module sensapi.dll:
10:18:43:775 4388 Process 2128: Module mlang.dll:
10:18:43:776 4388 Process 2128: Module AUDIOSES.DLL:
10:18:43:777 4388 Process 2128: Module audioeng.dll:
10:18:43:778 4388 Process 2128: Module msimtf.dll:
10:18:43:814 4388 Process 2128: Module jscript9.dll:
10:18:43:816 4388 Process 2128: Module d2d1.dll:
10:18:43:819 4388 Process 2128: Module DWrite.dll:
10:18:43:822 4388 Process 2128: Module dxgi.dll:
10:18:43:824 4388 Process 2128: Module d3d10_1.dll:
10:18:43:824 4388 Process 2128: Module d3d10_1core.dll:
10:18:43:829 4388 Process 2128: Module D3D10Warp.dll:
10:18:43:833 4388 Process 2128: Module msxml3.dll:
10:18:43:834 4388 Process 2128: Module msls31.dll:
10:18:43:835 4388 Process 2128: Module NLAapi.dll:
10:18:43:835 4388 Process 2128: Module napinsp.dll:
10:18:43:836 4388 Process 2128: Module pnrpnsp.dll:
10:18:43:836 4388 Process 2128: Module wshbth.dll:
10:18:43:836 4388 Process 2128: Module mdnsNSP.dll:
10:18:43:837 4388 Process 2128: Module winrnr.dll:
10:18:43:837 4388 Process 2128: Module rasadhlp.dll:
10:18:44:161 4388 Process 1488: Module SUPERAntiSpyware.exe:
10:18:44:172 4388 Process 1488: Module ntdll.dll:
10:18:44:175 4388 Process 1488: Module kernel32.dll:
10:18:44:183 4388 Process 1488: Module USER32.dll:
10:18:44:185 4388 Process 1488: Module GDI32.dll:
10:18:44:188 4388 Process 1488: Module ADVAPI32.dll:
10:18:44:194 4388 Process 1488: Module RPCRT4.dll:
10:18:44:218 4388 Process 1488: Module SHELL32.dll:
10:18:44:223 4388 Process 1488: Module msvcrt.dll:
10:18:44:224 4388 Process 1488: Module SHLWAPI.dll:
10:18:44:228 4388 Process 1488: Module ole32.dll:
10:18:44:231 4388 Process 1488: Module OLEAUT32.dll:
10:18:44:232 4388 Process 1488: Module WINMM.dll:
10:18:44:233 4388 Process 1488: Module OLEACC.dll:
10:18:44:233 4388 Process 1488: Module PSAPI.DLL:
10:18:44:238 4388 Process 1488: Module COMCTL32.dll:
10:18:44:240 4388 Process 1488: Module MSIMG32.dll:
10:18:44:240 4388 Process 1488: Module IPHLPAPI.DLL:
10:18:44:241 4388 Process 1488: Module dhcpcsvc.DLL:
10:18:44:242 4388 Process 1488: Module DNSAPI.dll:
10:18:44:242 4388 Process 1488: Module WS2_32.dll:
10:18:44:243 4388 Process 1488: Module NSI.dll:
10:18:44:243 4388 Process 1488: Module Secur32.dll:
10:18:44:244 4388 Process 1488: Module WINNSI.DLL:
10:18:44:245 4388 Process 1488: Module dhcpcsvc6.DLL:
10:18:44:245 4388 Process 1488: Module WSOCK32.dll:
10:18:44:248 4388 Process 1488: Module WININET.dll:
10:18:44:249 4388 Process 1488: Module Normaliz.dll:
10:18:44:252 4388 Process 1488: Module iertutil.dll:
10:18:44:257 4388 Process 1488: Module urlmon.dll:
10:18:44:259 4388 Process 1488: Module VERSION.dll:
10:18:44:260 4388 Process 1488: Module NETAPI32.dll:
10:18:44:263 4388 Process 1488: Module IMM32.DLL:
10:18:44:266 4388 Process 1488: Module MSCTF.dll:
10:18:44:268 4388 Process 1488: Module LPK.DLL:
10:18:44:269 4388 Process 1488: Module USP10.dll:
10:18:44:270 4388 Process 1488: Module uxtheme.dll:
10:18:44:271 4388 Process 1488: Module USERENV.dll:
10:18:44:272 4388 Process 1488: Module NTMARTA.DLL:
10:18:44:273 4388 Process 1488: Module WLDAP32.dll:
10:18:44:273 4388 Process 1488: Module SAMLIB.dll:
10:18:44:276 4388 Process 1488: Module PROPSYS.dll:
10:18:44:277 4388 Process 1488: Module CLBCatQ.DLL:
10:18:44:281 4388 Process 1488: Module SETUPAPI.dll:
10:18:44:308 4388 Process 1488: Module hhctrl.ocx:
10:18:44:311 4388 Process 1488: Module RASAPI32.dll:
10:18:44:312 4388 Process 1488: Module rasman.dll:
10:18:44:313 4388 Process 1488: Module TAPI32.dll:
10:18:44:313 4388 Process 1488: Module rtutils.dll:
10:18:44:316 4388 Process 1488: Module CRYPT32.dll:
10:18:44:317 4388 Process 1488: Module MSASN1.dll:
10:18:44:317 4388 Process 1488: Module credssp.dll:
10:18:44:318 4388 Process 1488: Module schannel.dll:
10:18:44:319 4388 Process 1488: Module sensapi.dll:
10:18:44:319 4388 Process 1488: Module wbemprox.dll:
10:18:44:320 4388 Process 1488: Module wbemcomn.dll:
10:18:44:320 4388 Process 1488: Module rsaenh.dll:
10:18:44:321 4388 Process 1488: Module wbemsvc.dll:
10:18:44:322 4388 Process 1488: Module fastprox.dll:
10:18:44:323 4388 Process 1488: Module NTDSAPI.dll:
10:18:44:324 4388 Process 1488: Module taskschd.dll:
10:18:44:324 4388 Process 1488: Module XmlLite.dll:
10:18:44:347 4388 Process 1488: Module mstask.dll:
10:18:44:349 4388 Process 1488: Module COMDLG32.dll:
10:18:44:350 4388 Process 1488: Module WINTRUST.DLL:
10:18:44:351 4388 Process 1488: Module imagehlp.dll:
10:18:44:351 4388 Process 1488: Module apphelp.dll:
10:18:44:354 4388 Process 1488: Module NLAapi.dll:
10:18:44:355 4388 Process 1488: Module rasadhlp.dll:
10:18:44:355 4388 Process 1488: Module mswsock.dll:
10:18:44:356 4388 Process 1488: Module wshtcpip.dll:
10:18:44:356 4388 Process 1488: Module wship6.dll:
10:18:44:357 4388 Process 1488: Module napinsp.dll:
10:18:44:357 4388 Process 1488: Module pnrpnsp.dll:
10:18:44:357 4388 Process 1488: Module wshbth.dll:
10:18:44:358 4388 Process 1488: Module mdnsNSP.dll:
10:18:44:358 4388 Process 1488: Module winrnr.dll:
10:18:44:362 4388 Process 2296: Module BTTray.exe:
10:18:44:365 4388 Process 2296: Module ntdll.dll:
10:18:44:367 4388 Process 2296: Module kernel32.dll:
10:18:44:377 4388 Process 2296: Module btwapi.dll:
10:18:44:380 4388 Process 2296: Module SETUPAPI.dll:
10:18:44:383 4388 Process 2296: Module msvcrt.dll:
10:18:44:385 4388 Process 2296: Module ADVAPI32.dll:
10:18:44:391 4388 Process 2296: Module RPCRT4.dll:
10:18:44:394 4388 Process 2296: Module GDI32.dll:
10:18:44:396 4388 Process 2296: Module USER32.dll:
10:18:44:399 4388 Process 2296: Module OLEAUT32.dll:
10:18:44:402 4388 Process 2296: Module ole32.dll:
10:18:44:411 4388 Process 2296: Module msi.dll:
10:18:44:413 4388 Process 2296: Module SHLWAPI.dll:
10:18:44:414 4388 Process 2296: Module WS2_32.dll:
10:18:44:414 4388 Process 2296: Module NSI.dll:
10:18:44:443 4388 Process 2296: Module MFC80.DLL:
10:18:44:446 4388 Process 2296: Module MSVCR80.dll:
10:18:44:471 4388 Process 2296: Module SHELL32.dll:
10:18:44:475 4388 Process 2296: Module VERSION.dll:
10:18:44:475 4388 Process 2296: Module btosif.dll:
10:18:44:476 4388 Process 2296: Module RASAPI32.dll:
10:18:44:476 4388 Process 2296: Module rasman.dll:
10:18:44:477 4388 Process 2296: Module NETAPI32.dll:
10:18:44:479 4388 Process 2296: Module PSAPI.DLL:
10:18:44:480 4388 Process 2296: Module TAPI32.dll:
10:18:44:480 4388 Process 2296: Module rtutils.dll:
10:18:44:481 4388 Process 2296: Module WINMM.dll:
10:18:44:481 4388 Process 2296: Module OLEACC.dll:
10:18:44:482 4388 Process 2296: Module USERENV.dll:
10:18:44:483 4388 Process 2296: Module Secur32.dll:
10:18:44:486 4388 Process 2296: Module btwhidcs.DLL:
10:18:44:486 4388 Process 2296: Module CFGMGR32.dll:
10:18:44:490 4388 Process 2296: Module MFC80U.DLL:
10:18:44:492 4388 Process 2296: Module COMDLG32.dll:
10:18:44:497 4388 Process 2296: Module COMCTL32.dll:
10:18:44:499 4388 Process 2296: Module WINSPOOL.DRV:
10:18:44:501 4388 Process 2296: Module MSVCP80.dll:
10:18:44:501 4388 Process 2296: Module BtBalloon.dll:
10:18:44:502 4388 Process 2296: Module IMM32.DLL:
10:18:44:505 4388 Process 2296: Module MSCTF.dll:
10:18:44:507 4388 Process 2296: Module LPK.DLL:
10:18:44:508 4388 Process 2296: Module USP10.dll:
10:18:44:509 4388 Process 2296: Module MFC80ENU.DLL:
10:18:44:511 4388 Process 2296: Module bthprops.cpl:
10:18:44:720 4388 Process 2296: Module btrez.dll:
10:18:44:722 4388 Process 2296: Module uxtheme.dll:
10:18:44:724 4388 Process 2296: Module WINTRUST.dll:
10:18:44:728 4388 Process 2296: Module CRYPT32.dll:
10:18:44:729 4388 Process 2296: Module MSASN1.dll:
10:18:44:729 4388 Process 2296: Module imagehlp.dll:
10:18:44:730 4388 Process 2296: Module mswsock.dll:
10:18:44:731 4388 Process 2296: Module wshBth.dll:
10:18:44:731 4388 Process 2296: Module btmmhook.dll:
10:18:44:739 4388 Process 2292: Module hpqtra08.exe:
10:18:44:742 4388 Process 2292: Module ntdll.dll:
10:18:44:744 4388 Process 2292: Module kernel32.dll:
10:18:44:752 4388 Process 2292: Module VERSION.dll:
10:18:44:754 4388 Process 2292: Module msvcrt.dll:
10:18:44:756 4388 Process 2292: Module COMCTL32.dll:
10:18:44:759 4388 Process 2292: Module ADVAPI32.dll:
10:18:44:765 4388 Process 2292: Module RPCRT4.dll:
10:18:44:767 4388 Process 2292: Module GDI32.dll:
10:18:44:770 4388 Process 2292: Module USER32.dll:
10:18:44:776 4388 Process 2292: Module ole32.dll:
10:18:44:779 4388 Process 2292: Module OLEAUT32.dll:
10:18:44:781 4388 Process 2292: Module MSVCP80.dll:
10:18:44:782 4388 Process 2292: Module MSVCR80.dll:
10:18:44:783 4388 Process 2292: Module IMM32.DLL:
10:18:44:786 4388 Process 2292: Module MSCTF.dll:
10:18:44:787 4388 Process 2292: Module LPK.DLL:
10:18:44:789 4388 Process 2292: Module USP10.dll:
10:18:44:789 4388 Process 2292: Module uxtheme.dll:
10:18:44:792 4388 Process 2292: Module CLBCatQ.DLL:
10:18:44:793 4388 Process 2292: Module rsaenh.dll:
10:18:44:794 4388 Process 2292: Module SXS.DLL:
10:18:44:795 4388 Process 2292: Module WTSAPI32.DLL:
10:18:44:795 4388 Process 2292: Module WINSTA.dll:
10:18:44:796 4388 Process 2292: Module msiltcfg.dll:
10:18:44:802 4388 Process 2292: Module msi.dll:
10:18:44:804 4388 Process 2292: Module SFC.DLL:
10:18:44:804 4388 Process 2292: Module sfc_os.dll:
10:18:44:808 4388 Process 2292: Module SETUPAPI.dll:
10:18:44:810 4388 Process 2292: Module hpquio08.dll:
10:18:44:836 4388 Process 2292: Module SHELL32.dll:
10:18:44:841 4388 Process 2292: Module SHLWAPI.dll:
10:18:44:846 4388 Process 2292: Module comctl32.dll:
10:18:44:856 4388 Process 2292: Module hpqtra08.rsc:
10:18:44:869 4388 Process 2292: Module hpqtao08.dll:
10:18:44:870 4388 Process 2292: Module hpotra08.dll:
10:18:44:871 4388 Process 2292: Module WINSPOOL.DRV:
10:18:44:872 4388 Process 2292: Module hpotra08.rsc:
10:18:44:872 4388 Process 2292: Module hpotradd.dll:
10:18:44:873 4388 Process 2292: Module hpqrif08.dll:
10:18:44:874 4388 Process 2292: Module hpqmif08.dll:
10:18:44:875 4388 Process 2292: Module HpqCPTA.dll:
10:18:44:875 4388 Process 2292: Module HpqSRTA.dll:
10:18:44:875 4388 Process 2292: Module hpqxml2.dll:
10:18:44:878 4388 Process 2292: Module msxml3.dll:
10:18:44:882 4388 Process 2292: Module urlmon.dll:
10:18:44:887 4388 Process 2292: Module iertutil.dll:
10:18:44:891 4388 Process 2292: Module WININET.dll:
10:18:44:891 4388 Process 2292: Module Normaliz.dll:
10:18:44:892 4388 Process 2292: Module MSOXMLMF.DLL:
 
10:18:44:892 4388 Process 2292: Module Secur32.dll:
10:18:44:893 4388 Process 2292: Module sti.dll:
10:18:44:897 4388 Process 2292: Module gdiplus.dll:
10:18:44:897 4388 Process 2292: Module CFGMGR32.dll:
10:18:44:898 4388 Process 2292: Module wiatrace.dll:
10:18:44:898 4388 Process 2292: Module hpqcob08.dll:
10:18:44:908 4388 Process 2292: Module hpodio08.dll:
10:18:44:909 4388 Process 2292: Module WSOCK32.dll:
10:18:44:910 4388 Process 2292: Module WS2_32.dll:
10:18:44:910 4388 Process 2292: Module NSI.dll:
10:18:44:911 4388 Process 2292: Module btmmhook.dll:
10:18:44:912 4388 Process 2292: Module PROPSYS.dll:
10:18:44:913 4388 Process 2292: Module USERENV.dll:
10:18:44:914 4388 Process 2292: Module apphelp.dll:
10:18:44:916 4388 Process 2292: Module WINTRUST.dll:
10:18:44:918 4388 Process 2292: Module CRYPT32.dll:
10:18:44:918 4388 Process 2292: Module MSASN1.dll:
10:18:44:919 4388 Process 2292: Module imagehlp.dll:
10:18:44:919 4388 Process 2292: Module hpqddusr.dll:
10:18:44:920 4388 Process 2292: Module hpqddcmn.dll:
10:18:44:921 4388 Process 2292: Module hpqusg.dll:
10:18:44:922 4388 Process 2292: Module ATL80.DLL:
10:18:44:923 4388 Process 2316: Module ONENOTEM.EXE:
10:18:44:925 4388 Process 2316: Module ntdll.dll:
10:18:44:927 4388 Process 2316: Module kernel32.dll:
10:18:44:936 4388 Process 2316: Module USER32.dll:
10:18:44:938 4388 Process 2316: Module GDI32.dll:
10:18:44:940 4388 Process 2316: Module ADVAPI32.dll:
10:18:44:946 4388 Process 2316: Module RPCRT4.dll:
10:18:44:949 4388 Process 2316: Module MSVCR80.dll:
10:18:44:951 4388 Process 2316: Module msvcrt.dll:
10:18:44:951 4388 Process 2316: Module IMM32.DLL:
10:18:44:954 4388 Process 2316: Module MSCTF.dll:
10:18:44:955 4388 Process 2316: Module LPK.DLL:
10:18:44:956 4388 Process 2316: Module USP10.dll:
10:18:45:074 4388 Process 2316: Module ONINTL.DLL:
10:18:45:075 4388 Process 2316: Module uxtheme.dll:
10:18:45:094 4388 Process 2316: Module SHELL32.dll:
10:18:45:098 4388 Process 2316: Module SHLWAPI.dll:
10:18:45:102 4388 Process 2316: Module comctl32.dll:
10:18:45:108 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:45:111 4388 Process 2772: Module ntdll.dll:
10:18:45:134 4388 Process 2772: Module mscoree.dll:
10:18:45:136 4388 Process 2772: Module KERNEL32.dll:
10:18:45:146 4388 Process 2772: Module ADVAPI32.dll:
10:18:45:151 4388 Process 2772: Module RPCRT4.dll:
10:18:45:154 4388 Process 2772: Module mscoreei.dll:
10:18:45:155 4388 Process 2772: Module SHLWAPI.dll:
10:18:45:156 4388 Process 2772: Module GDI32.dll:
10:18:45:158 4388 Process 2772: Module USER32.dll:
10:18:45:161 4388 Process 2772: Module msvcrt.dll:
10:18:45:162 4388 Process 2772: Module IMM32.DLL:
10:18:45:165 4388 Process 2772: Module MSCTF.dll:
10:18:45:166 4388 Process 2772: Module LPK.DLL:
10:18:45:167 4388 Process 2772: Module USP10.dll:
10:18:45:171 4388 Process 2772: Module comctl32.dll:
10:18:45:184 4388 Process 2772: Module mscorwks.dll:
10:18:45:187 4388 Process 2772: Module MSVCR80.dll:
10:18:45:209 4388 Process 2772: Module shell32.dll:
10:18:45:216 4388 Process 2772: Module ole32.dll:
10:18:45:410 4388 Process 2772: Module mscorlib.ni.dll:
10:18:45:412 4388 Process 2772: Module uxtheme.dll:
10:18:45:414 4388 Process 2772: Module rsaenh.dll:
10:18:45:415 4388 Process 2772: Module mscorjit.dll:
10:18:45:581 4388 Process 2772: Module System.ni.dll:
10:18:45:621 4388 Process 2772: Module System.Drawing.ni.dll:
10:18:45:887 4388 Process 2772: Module System.Windows.Forms.ni.dll:
10:18:45:889 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:45:889 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:45:889 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:45:889 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:45:889 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:45:889 4388 Process 2772: Module wtsapi32.dll:
10:18:45:890 4388 Process 2772: Module WINSTA.dll:
10:18:45:890 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:45:914 4388 Process 2772: Module System.Runtime.Remoting.ni.dll:
10:18:45:914 4388 Process 2772: Module shfolder.dll:
10:18:45:914 4388 Process 2772: Module USERENV.dll:
10:18:45:915 4388 Process 2772: Module Secur32.dll:
10:18:45:917 4388 Process 2772: Module PROPSYS.dll:
10:18:45:919 4388 Process 2772: Module OLEAUT32.dll:
10:18:45:919 4388 Process 2772: Module apphelp.dll:
10:18:45:922 4388 Process 2772: Module CLBCatQ.DLL:
10:18:45:945 4388 Process 2772: Module ieframe.dll:
10:18:45:948 4388 Process 2772: Module PSAPI.DLL:
10:18:45:949 4388 Process 2772: Module OLEACC.dll:
10:18:45:953 4388 Process 2772: Module iertutil.dll:
10:18:45:956 4388 Process 2772: Module urlmon.dll:
10:18:45:961 4388 Process 2772: Module WININET.dll:
10:18:45:962 4388 Process 2772: Module Normaliz.dll:
10:18:45:965 4388 Process 2772: Module SETUPAPI.dll:
10:18:46:279 4388 Process 2772: Module System.Web.ni.dll:
10:18:46:281 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:46:281 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:46:281 4388 Process 2772: Module version.dll:
10:18:46:284 4388 Process 2536: Module unsecapp.exe:
10:18:46:287 4388 Process 2536: Module ntdll.dll:
10:18:46:291 4388 Process 2536: Module kernel32.dll:
10:18:46:300 4388 Process 2536: Module ADVAPI32.dll:
10:18:46:306 4388 Process 2536: Module RPCRT4.dll:
10:18:46:309 4388 Process 2536: Module msvcrt.dll:
10:18:46:310 4388 Process 2536: Module wbemcomn.dll:
10:18:46:312 4388 Process 2536: Module OLEAUT32.dll:
10:18:46:315 4388 Process 2536: Module ole32.dll:
10:18:46:318 4388 Process 2536: Module GDI32.dll:
10:18:46:320 4388 Process 2536: Module USER32.dll:
10:18:46:322 4388 Process 2536: Module IMM32.DLL:
10:18:46:325 4388 Process 2536: Module MSCTF.dll:
10:18:46:326 4388 Process 2536: Module LPK.DLL:
10:18:46:327 4388 Process 2536: Module USP10.dll:
10:18:46:328 4388 Process 2536: Module uxtheme.dll:
10:18:46:330 4388 Process 2536: Module CLBCatQ.DLL:
10:18:46:331 4388 Process 2536: Module rsaenh.dll:
10:18:46:332 4388 Process 2536: Module wbemsvc.dll:
10:18:46:333 4388 Process 2536: Module fastprox.dll:
10:18:46:333 4388 Process 2536: Module NTDSAPI.dll:
10:18:46:334 4388 Process 2536: Module DNSAPI.dll:
10:18:46:335 4388 Process 2536: Module WS2_32.dll:
10:18:46:335 4388 Process 2536: Module NSI.dll:
10:18:46:336 4388 Process 2536: Module WLDAP32.dll:
10:18:46:336 4388 Process 2536: Module PSAPI.DLL:
10:18:46:337 4388 Process 2536: Module NETAPI32.dll:
10:18:46:339 4388 Process 2536: Module Secur32.dll:
10:18:46:342 4388 Process 2748: Module wmiprvse.exe:
10:18:46:345 4388 Process 2748: Module ntdll.dll:
10:18:46:347 4388 Process 2748: Module kernel32.dll:
10:18:46:357 4388 Process 2748: Module ADVAPI32.dll:
10:18:46:362 4388 Process 2748: Module RPCRT4.dll:
10:18:46:366 4388 Process 2748: Module USER32.dll:
10:18:46:368 4388 Process 2748: Module GDI32.dll:
10:18:46:370 4388 Process 2748: Module msvcrt.dll:
10:18:46:371 4388 Process 2748: Module wbemcomn.dll:
10:18:46:373 4388 Process 2748: Module OLEAUT32.dll:
10:18:46:375 4388 Process 2748: Module ole32.dll:
10:18:46:378 4388 Process 2748: Module FastProx.dll:
10:18:46:379 4388 Process 2748: Module NTDSAPI.dll:
10:18:46:380 4388 Process 2748: Module DNSAPI.dll:
10:18:46:380 4388 Process 2748: Module WS2_32.dll:
10:18:46:381 4388 Process 2748: Module NSI.dll:
10:18:46:381 4388 Process 2748: Module WLDAP32.dll:
10:18:46:382 4388 Process 2748: Module PSAPI.DLL:
10:18:46:383 4388 Process 2748: Module NETAPI32.dll:
10:18:46:384 4388 Process 2748: Module Secur32.dll:
10:18:46:385 4388 Process 2748: Module NCObjAPI.DLL:
10:18:46:386 4388 Process 2748: Module IMM32.DLL:
10:18:46:388 4388 Process 2748: Module MSCTF.dll:
10:18:46:390 4388 Process 2748: Module LPK.DLL:
10:18:46:391 4388 Process 2748: Module USP10.dll:
10:18:46:391 4388 Process 2748: Module NTMARTA.DLL:
10:18:46:392 4388 Process 2748: Module SAMLIB.dll:
10:18:46:394 4388 Process 2748: Module CLBCatQ.DLL:
10:18:46:395 4388 Process 2748: Module rsaenh.dll:
10:18:46:396 4388 Process 2748: Module wbemsvc.dll:
10:18:46:396 4388 Process 2748: Module wmiutils.dll:
10:18:46:411 4388 Process 2748: Module wmiprov.dll:
10:18:46:411 4388 Process 2748: Module WMI.dll:
10:18:46:414 4388 Process 3488: Module NisSrv.exe:
10:18:46:416 4388 Process 3488: Module ntdll.dll:
10:18:46:418 4388 Process 3488: Module kernel32.dll:
10:18:46:427 4388 Process 3488: Module ADVAPI32.dll:
10:18:46:433 4388 Process 3488: Module RPCRT4.dll:
10:18:46:436 4388 Process 3488: Module msvcrt.dll:
10:18:46:436 4388 Process 3488: Module NisLog.dll:
10:18:46:438 4388 Process 3488: Module mpclient.dll:
10:18:46:440 4388 Process 3488: Module ole32.dll:
10:18:46:443 4388 Process 3488: Module GDI32.dll:
10:18:46:445 4388 Process 3488: Module USER32.dll:
10:18:46:448 4388 Process 3488: Module OLEAUT32.dll:
10:18:46:449 4388 Process 3488: Module WINTRUST.dll:
10:18:46:451 4388 Process 3488: Module CRYPT32.dll:
10:18:46:452 4388 Process 3488: Module MSASN1.dll:
10:18:46:452 4388 Process 3488: Module USERENV.dll:
10:18:46:453 4388 Process 3488: Module Secur32.dll:
10:18:46:454 4388 Process 3488: Module imagehlp.dll:
10:18:46:455 4388 Process 3488: Module VERSION.dll:
10:18:46:455 4388 Process 3488: Module IMM32.DLL:
10:18:46:458 4388 Process 3488: Module MSCTF.dll:
10:18:46:459 4388 Process 3488: Module LPK.DLL:
10:18:46:461 4388 Process 3488: Module USP10.dll:
10:18:46:461 4388 Process 3488: Module GPAPI.dll:
10:18:46:462 4388 Process 3488: Module slc.dll:
10:18:46:462 4388 Process 3488: Module rsaenh.dll:
10:18:46:463 4388 Process 3488: Module psapi.dll:
10:18:46:463 4388 Process 3488: Module ncrypt.dll:
10:18:46:465 4388 Process 3488: Module BCRYPT.dll:
10:18:46:466 4388 Process 3488: Module NTMARTA.DLL:
10:18:46:467 4388 Process 3488: Module WLDAP32.dll:
10:18:46:467 4388 Process 3488: Module WS2_32.dll:
10:18:46:468 4388 Process 3488: Module NSI.dll:
10:18:46:468 4388 Process 3488: Module SAMLIB.dll:
10:18:46:470 4388 Process 3488: Module GapaEngine.dll:
10:18:46:471 4388 Process 3488: Module NETAPI32.dll:
10:18:46:474 4388 Process 3488: Module CLBCatQ.DLL:
10:18:46:478 4388 Process 3488: Module msxml6.dll:
10:18:46:478 4388 Process 3488: Module SHLWAPI.dll:
10:18:46:483 4388 Process 3488: Module comctl32.dll:
10:18:46:485 4388 Process 3488: Module xmllite.dll:
10:18:46:487 4388 Process 2532: Module ehmsas.exe:
10:18:46:489 4388 Process 2532: Module ntdll.dll:
10:18:46:491 4388 Process 2532: Module kernel32.dll:
10:18:46:500 4388 Process 2532: Module ADVAPI32.dll:
10:18:46:506 4388 Process 2532: Module RPCRT4.dll:
10:18:46:509 4388 Process 2532: Module USER32.dll:
10:18:46:512 4388 Process 2532: Module GDI32.dll:
10:18:46:515 4388 Process 2532: Module msvcrt.dll:
10:18:46:515 4388 Process 2532: Module ATL.DLL:
10:18:46:518 4388 Process 2532: Module ole32.dll:
10:18:46:521 4388 Process 2532: Module OLEAUT32.dll:
10:18:46:522 4388 Process 2532: Module IMM32.DLL:
10:18:46:524 4388 Process 2532: Module MSCTF.dll:
10:18:46:526 4388 Process 2532: Module LPK.DLL:
10:18:46:527 4388 Process 2532: Module USP10.dll:
10:18:46:527 4388 Process 2532: Module uxtheme.dll:
10:18:46:529 4388 Process 2532: Module CLBCatQ.DLL:
10:18:46:530 4388 Process 2532: Module rsaenh.dll:
10:18:46:531 4388 Process 2532: Module ehProxy.dll:
10:18:46:535 4388 Process 1256: Module hpqSTE08.exe:
10:18:46:537 4388 Process 1256: Module ntdll.dll:
10:18:46:538 4388 Process 1256: Module kernel32.dll:
10:18:46:547 4388 Process 1256: Module USER32.dll:
10:18:46:549 4388 Process 1256: Module GDI32.dll:
10:18:46:552 4388 Process 1256: Module ADVAPI32.dll:
10:18:46:557 4388 Process 1256: Module RPCRT4.dll:
10:18:46:559 4388 Process 1256: Module WINSPOOL.DRV:
10:18:46:561 4388 Process 1256: Module msvcrt.dll:
10:18:46:563 4388 Process 1256: Module ole32.dll:
10:18:46:566 4388 Process 1256: Module OLEAUT32.dll:
10:18:46:567 4388 Process 1256: Module ATL80.DLL:
10:18:46:568 4388 Process 1256: Module MSVCR80.dll:
10:18:46:569 4388 Process 1256: Module MSVCP80.dll:
10:18:46:569 4388 Process 1256: Module IMM32.DLL:
10:18:46:572 4388 Process 1256: Module MSCTF.dll:
10:18:46:573 4388 Process 1256: Module LPK.DLL:
10:18:46:574 4388 Process 1256: Module USP10.dll:
10:18:46:575 4388 Process 1256: Module uxtheme.dll:
10:18:46:577 4388 Process 1256: Module CLBCatQ.DLL:
10:18:46:578 4388 Process 1256: Module rsaenh.dll:
10:18:46:579 4388 Process 1256: Module SXS.DLL:
10:18:46:580 4388 Process 1256: Module msiltcfg.dll:
10:18:46:580 4388 Process 1256: Module VERSION.dll:
10:18:46:584 4388 Process 1256: Module msi.dll:
10:18:46:585 4388 Process 1256: Module SFC.DLL:
10:18:46:585 4388 Process 1256: Module sfc_os.dll:
10:18:46:588 4388 Process 1256: Module SETUPAPI.dll:
10:18:46:590 4388 Process 1256: Module hpqcob08.dll:
10:18:46:591 4388 Process 1256: Module hpqwso08.dll:
10:18:46:610 4388 Process 1256: Module SHELL32.dll:
10:18:46:615 4388 Process 1256: Module SHLWAPI.dll:
10:18:46:618 4388 Process 1256: Module comctl32.dll:
10:18:46:620 4388 Process 1256: Module USERENV.dll:
10:18:46:621 4388 Process 1256: Module Secur32.dll:
10:18:46:622 4388 Process 1256: Module hpzipr12.dll:
10:18:46:623 4388 Process 1256: Module NTMARTA.DLL:
10:18:46:624 4388 Process 1256: Module WLDAP32.dll:
10:18:46:625 4388 Process 1256: Module WS2_32.dll:
10:18:46:625 4388 Process 1256: Module NSI.dll:
10:18:46:634 4388 Process 1256: Module PSAPI.DLL:
10:18:46:634 4388 Process 1256: Module SAMLIB.dll:
10:18:46:635 4388 Process 1256: Module cfgmgr32.dll:
10:18:46:635 4388 Process 1256: Module WINTRUST.dll:
10:18:46:639 4388 Process 1256: Module CRYPT32.dll:
10:18:46:640 4388 Process 1256: Module MSASN1.dll:
10:18:46:640 4388 Process 1256: Module imagehlp.dll:
10:18:46:641 4388 Process 1256: Module hpqsti08.dll:
10:18:46:643 4388 Process 1256: Module hpqgpb01.dll:
10:18:46:702 4388 Process 1256: Module hpqstp08.dll:
10:18:46:718 4388 Process 1256: Module hpqstp08.rsc:
10:18:46:718 4388 Process 1256: Module hpqssm08.dll:
10:18:46:720 4388 Process 1256: Module hpodio08.dll:
10:18:46:721 4388 Process 1256: Module WSOCK32.dll:
10:18:46:721 4388 Process 1256: Module WTSAPI32.DLL:
10:18:46:722 4388 Process 1256: Module WINSTA.dll:
10:18:46:723 4388 Process 1256: Module btmmhook.dll:
10:18:46:765 4388 Process 1256: Module hpqsem08.rsc:
10:18:46:765 4388 Process 1256: Module hpqtap08.dll:
10:18:46:769 4388 Process 1256: Module MFC80.DLL:
10:18:46:772 4388 Process 1256: Module MFC80ENU.DLL:
10:18:46:772 4388 Process 1256: Module HpqSplh08.dll:
10:18:46:801 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:46:806 4388 Process 3828: Module ntdll.dll:
10:18:46:807 4388 Process 3828: Module mscoree.dll:
10:18:46:810 4388 Process 3828: Module KERNEL32.dll:
10:18:46:827 4388 Process 3828: Module ADVAPI32.dll:
10:18:46:837 4388 Process 3828: Module RPCRT4.dll:
10:18:46:841 4388 Process 3828: Module mscoreei.dll:
10:18:46:843 4388 Process 3828: Module SHLWAPI.dll:
10:18:46:844 4388 Process 3828: Module GDI32.dll:
10:18:46:846 4388 Process 3828: Module USER32.dll:
10:18:46:849 4388 Process 3828: Module msvcrt.dll:
10:18:46:850 4388 Process 3828: Module IMM32.DLL:
10:18:46:852 4388 Process 3828: Module MSCTF.dll:
10:18:46:855 4388 Process 3828: Module LPK.DLL:
10:18:46:857 4388 Process 3828: Module USP10.dll:
10:18:46:860 4388 Process 3828: Module comctl32.dll:
10:18:46:872 4388 Process 3828: Module mscorwks.dll:
10:18:46:875 4388 Process 3828: Module MSVCR80.dll:
10:18:46:899 4388 Process 3828: Module shell32.dll:
10:18:46:907 4388 Process 3828: Module ole32.dll:
10:18:46:933 4388 Process 3828: Module mscorlib.ni.dll:
10:18:46:935 4388 Process 3828: Module uxtheme.dll:
10:18:46:937 4388 Process 3828: Module rsaenh.dll:
10:18:46:938 4388 Process 3828: Module mscorjit.dll:
10:18:46:954 4388 Process 3828: Module System.ni.dll:
10:18:46:958 4388 Process 3828: Module System.Drawing.ni.dll:
10:18:46:986 4388 Process 3828: Module System.Windows.Forms.ni.dll:
10:18:46:987 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:46:988 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:46:988 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:46:988 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:46:988 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:46:988 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:46:990 4388 Process 3828: Module System.Runtime.Remoting.ni.dll:
10:18:46:990 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:46:990 4388 Process 3828: Module shfolder.dll:
10:18:46:990 4388 Process 3828: Module USERENV.dll:
10:18:46:991 4388 Process 3828: Module Secur32.dll:
10:18:46:992 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:46:992 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:46:992 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:015 4388 Process 3828: Module System.Xml.ni.dll:
10:18:47:016 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:016 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:016 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:018 4388 Process 3828: Module CLBCatQ.DLL:
10:18:47:020 4388 Process 3828: Module OLEAUT32.dll:
10:18:47:051 4388 Process 3828: Module wbocx.ocx:
10:18:47:054 4388 Process 3828: Module WINMM.dll:
10:18:47:055 4388 Process 3828: Module OLEACC.dll:
10:18:47:085 4388 Process 3828: Module MFC42.DLL:
10:18:47:089 4388 Process 3828: Module WININET.dll:
10:18:47:089 4388 Process 3828: Module Normaliz.dll:
10:18:47:093 4388 Process 3828: Module iertutil.dll:
10:18:47:096 4388 Process 3828: Module urlmon.dll:
10:18:47:097 4388 Process 3828: Module WS2_32.dll:
10:18:47:098 4388 Process 3828: Module NSI.dll:
10:18:47:110 4388 Process 3828: Module ODBC32.dll:
10:18:47:112 4388 Process 3828: Module COMCTL32.dll:
10:18:47:116 4388 Process 3828: Module COMDLG32.dll:
10:18:47:130 4388 Process 3828: Module odbcint.dll:
10:18:47:130 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:131 4388 Process 3828: Module SXS.DLL:
10:18:47:133 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:137 4388 Process 3828: Module gdiplus.dll:
10:18:47:138 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:138 4388 Process 3828: Module Accessibility.ni.dll:
10:18:47:138 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:138 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:139 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:139 4388 Process 3828: Module msimg32.dll:
10:18:47:139 4388 Process 3828: Module wbhelp2.dll:
10:18:47:139 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:139 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
 
10:18:47:145 4388 Process 3828: Module atiadlxx.dll:
10:18:47:149 4388 Process 3828: Module SETUPAPI.dll:
10:18:47:150 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:151 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:151 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:151 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:151 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:151 4388 Process 3828: Module btmmhook.dll:
10:18:47:151 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:152 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:152 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:152 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:159 4388 Process 3828: Module System.Configuration.ni.dll:
10:18:47:160 4388 Process 3828: Module atipdlxx.dll:
10:18:47:160 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:160 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:160 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:160 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:160 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:161 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:161 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:161 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:161 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:161 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:161 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:161 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:161 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:161 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:161 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:162 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:162 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:162 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:162 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:162 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:162 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:162 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:162 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:162 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:162 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:163 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:163 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:163 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:163 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:163 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:163 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:163 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:163 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:163 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:164 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:164 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:164 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:164 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:164 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:164 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:164 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:188 4388 Process 3828: Module System.Web.ni.dll:
10:18:47:189 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:189 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:189 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:189 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:189 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:190 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:190 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:190 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:190 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:191 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:191 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:191 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:191 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:192 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:192 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:192 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:192 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:192 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:192 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:193 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:193 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:193 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:193 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:193 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:194 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:194 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:194 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:194 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:194 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:195 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:195 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:195 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:195 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:195 4388 LoadPeImageFromProcess: ReadProcessMemory(Base) error 299
10:18:47:195 4388 Process 3828: Module version.dll:
10:18:47:198 4388 Process 3036: Module hpqbam08.exe:
10:18:47:201 4388 Process 3036: Module ntdll.dll:
10:18:47:203 4388 Process 3036: Module kernel32.dll:
10:18:47:215 4388 Process 3036: Module COMCTL32.dll:
10:18:47:218 4388 Process 3036: Module msvcrt.dll:
10:18:47:220 4388 Process 3036: Module ADVAPI32.dll:
10:18:47:226 4388 Process 3036: Module RPCRT4.dll:
10:18:47:228 4388 Process 3036: Module GDI32.dll:
10:18:47:231 4388 Process 3036: Module USER32.dll:
10:18:47:233 4388 Process 3036: Module SHLWAPI.dll:
10:18:47:234 4388 Process 3036: Module WINMM.dll:
10:18:47:238 4388 Process 3036: Module ole32.dll:
10:18:47:241 4388 Process 3036: Module OLEAUT32.dll:
10:18:47:242 4388 Process 3036: Module OLEACC.dll:
10:18:47:243 4388 Process 3036: Module MSIMG32.dll:
10:18:47:244 4388 Process 3036: Module MSVCP80.dll:
10:18:47:245 4388 Process 3036: Module MSVCR80.dll:
10:18:47:246 4388 Process 3036: Module IMM32.DLL:
10:18:47:249 4388 Process 3036: Module MSCTF.dll:
10:18:47:250 4388 Process 3036: Module LPK.DLL:
10:18:47:251 4388 Process 3036: Module USP10.dll:
10:18:47:253 4388 Process 3036: Module CLBCatQ.DLL:
10:18:47:254 4388 Process 3036: Module rsaenh.dll:
10:18:47:255 4388 Process 3036: Module SXS.DLL:
10:18:47:256 4388 Process 3036: Module uxtheme.dll:
10:18:47:259 4388 Process 2592: Module SynTPHelper.exe:
10:18:47:263 4388 Process 2592: Module ntdll.dll:
10:18:47:266 4388 Process 2592: Module kernel32.dll:
10:18:47:275 4388 Process 2592: Module USER32.dll:
10:18:47:277 4388 Process 2592: Module GDI32.dll:
10:18:47:280 4388 Process 2592: Module ADVAPI32.dll:
10:18:47:287 4388 Process 2592: Module RPCRT4.dll:
10:18:47:289 4388 Process 2592: Module IMM32.DLL:
10:18:47:293 4388 Process 2592: Module MSCTF.dll:
10:18:47:297 4388 Process 2592: Module msvcrt.dll:
10:18:47:298 4388 Process 2592: Module LPK.DLL:
10:18:47:299 4388 Process 2592: Module USP10.dll:
10:18:47:300 4388 Process 2592: Module uxtheme.dll:
10:18:47:304 4388 Process 4140: Module hpqgpc01.exe:
10:18:47:307 4388 Process 4140: Module ntdll.dll:
10:18:47:311 4388 Process 4140: Module kernel32.dll:
10:18:47:320 4388 Process 4140: Module MSVCR80.dll:
10:18:47:321 4388 Process 4140: Module msvcrt.dll:
10:18:47:324 4388 Process 4140: Module MFC80U.DLL:
10:18:47:326 4388 Process 4140: Module GDI32.dll:
10:18:47:329 4388 Process 4140: Module USER32.dll:
10:18:47:332 4388 Process 4140: Module ADVAPI32.dll:
10:18:47:340 4388 Process 4140: Module RPCRT4.dll:
10:18:47:343 4388 Process 4140: Module SHLWAPI.dll:
10:18:47:367 4388 Process 4140: Module SHELL32.dll:
10:18:47:374 4388 Process 4140: Module ole32.dll:
10:18:47:377 4388 Process 4140: Module OLEAUT32.dll:
10:18:47:378 4388 Process 4140: Module ATL80.DLL:
10:18:47:378 4388 Process 4140: Module IMM32.DLL:
10:18:47:381 4388 Process 4140: Module MSCTF.dll:
10:18:47:382 4388 Process 4140: Module LPK.DLL:
10:18:47:383 4388 Process 4140: Module USP10.dll:
10:18:47:387 4388 Process 4140: Module comctl32.dll:
10:18:47:389 4388 Process 4140: Module MFC80ENU.DLL:
10:18:47:389 4388 Process 4140: Module uxtheme.dll:
10:18:47:392 4388 Process 4140: Module CLBCatQ.DLL:
10:18:47:393 4388 Process 4140: Module rsaenh.dll:
10:18:47:393 4388 Process 4140: Module SXS.DLL:
10:18:47:396 4388 Process 4140: Module jscript.dll:
10:18:47:396 4388 Process 4140: Module VERSION.dll:
10:18:47:397 4388 Process 4140: Module USERENV.dll:
10:18:47:397 4388 Process 4140: Module Secur32.dll:
10:18:47:404 4388 Process 4576: Module CNSEUPDT.EXE:
10:18:47:408 4388 Process 4576: Module ntdll.dll:
10:18:47:410 4388 Process 4576: Module kernel32.dll:
10:18:47:419 4388 Process 4576: Module VERSION.dll:
10:18:47:422 4388 Process 4576: Module msvcrt.dll:
10:18:47:423 4388 Process 4576: Module credui.dll:
10:18:47:428 4388 Process 4576: Module ADVAPI32.dll:
10:18:47:441 4388 Process 4576: Module RPCRT4.dll:
10:18:47:449 4388 Process 4576: Module USER32.dll:
10:18:47:453 4388 Process 4576: Module GDI32.dll:
10:18:47:519 4388 Process 4576: Module SHELL32.dll:
10:18:47:529 4388 Process 4576: Module SHLWAPI.dll:
10:18:47:534 4388 Process 4576: Module MFC80U.DLL:
10:18:47:538 4388 Process 4576: Module MSVCR80.dll:
10:18:47:543 4388 Process 4576: Module COMCTL32.dll:
10:18:47:549 4388 Process 4576: Module ole32.dll:
10:18:47:553 4388 Process 4576: Module OLEAUT32.dll:
10:18:47:557 4388 Process 4576: Module WININET.dll:
10:18:47:558 4388 Process 4576: Module Normaliz.dll:
10:18:47:564 4388 Process 4576: Module iertutil.dll:
10:18:47:568 4388 Process 4576: Module urlmon.dll:
10:18:47:570 4388 Process 4576: Module MSVCP80.dll:
10:18:47:571 4388 Process 4576: Module IMM32.DLL:
10:18:47:575 4388 Process 4576: Module MSCTF.dll:
10:18:47:576 4388 Process 4576: Module LPK.DLL:
10:18:47:577 4388 Process 4576: Module USP10.dll:
10:18:47:578 4388 Process 4576: Module MFC80ENU.DLL:
10:18:47:579 4388 Process 4576: Module uxtheme.dll:
10:18:47:582 4388 Process 4576: Module CLBCatQ.DLL:
10:18:47:587 4388 Process 4576: Module msxml6.dll:
10:18:47:587 4388 Process 4576: Module CNSELANG.dll:
10:18:47:587 4388 Process 4576: Module Secur32.dll:
10:18:47:589 4388 Process 4576: Module WS2_32.dll:
10:18:47:589 4388 Process 4576: Module NSI.dll:
10:18:47:590 4388 Process 4576: Module iphlpapi.dll:
10:18:47:591 4388 Process 4576: Module dhcpcsvc.DLL:
10:18:47:592 4388 Process 4576: Module DNSAPI.dll:
10:18:47:592 4388 Process 4576: Module WINNSI.DLL:
10:18:47:592 4388 Process 4576: Module dhcpcsvc6.DLL:
10:18:47:594 4388 Process 4576: Module RASAPI32.dll:
10:18:47:594 4388 Process 4576: Module rasman.dll:
10:18:47:596 4388 Process 4576: Module NETAPI32.dll:
10:18:47:597 4388 Process 4576: Module PSAPI.DLL:
10:18:47:598 4388 Process 4576: Module TAPI32.dll:
10:18:47:598 4388 Process 4576: Module rtutils.dll:
10:18:47:599 4388 Process 4576: Module WINMM.dll:
10:18:47:600 4388 Process 4576: Module OLEACC.dll:
10:18:47:601 4388 Process 4576: Module USERENV.dll:
10:18:47:605 4388 Process 4576: Module CRYPT32.dll:
10:18:47:605 4388 Process 4576: Module MSASN1.dll:
10:18:47:605 4388 Process 4576: Module credssp.dll:
10:18:47:606 4388 Process 4576: Module schannel.dll:
10:18:47:607 4388 Process 4576: Module sensapi.dll:
10:18:47:609 4388 Process 4696: Module svchost.exe:
10:18:47:613 4388 Process 4696: Module ntdll.dll:
10:18:47:617 4388 Process 4696: Module kernel32.dll:
10:18:47:627 4388 Process 4696: Module msvcrt.dll:
10:18:47:630 4388 Process 4696: Module ADVAPI32.dll:
10:18:47:638 4388 Process 4696: Module RPCRT4.dll:
10:18:47:640 4388 Process 4696: Module NTMARTA.DLL:
10:18:47:643 4388 Process 4696: Module USER32.dll:
10:18:47:646 4388 Process 4696: Module GDI32.dll:
10:18:47:648 4388 Process 4696: Module WLDAP32.dll:
10:18:47:648 4388 Process 4696: Module WS2_32.dll:
10:18:47:649 4388 Process 4696: Module NSI.dll:
10:18:47:649 4388 Process 4696: Module PSAPI.DLL:
10:18:47:649 4388 Process 4696: Module SAMLIB.dll:
10:18:47:654 4388 Process 4696: Module ole32.dll:
10:18:47:656 4388 Process 4696: Module IMM32.DLL:
10:18:47:659 4388 Process 4696: Module MSCTF.dll:
10:18:47:660 4388 Process 4696: Module LPK.DLL:
10:18:47:662 4388 Process 4696: Module USP10.dll:
10:18:47:664 4388 Process 4696: Module fntcache.dll:
10:18:47:665 4388 Process 4696: Module ktmw32.dll:
10:18:47:668 4388 Process 6124: Module taskeng.exe:
10:18:47:670 4388 Process 6124: Module ntdll.dll:
10:18:47:672 4388 Process 6124: Module kernel32.dll:
10:18:47:681 4388 Process 6124: Module ADVAPI32.dll:
10:18:47:686 4388 Process 6124: Module RPCRT4.dll:
10:18:47:689 4388 Process 6124: Module USER32.dll:
10:18:47:691 4388 Process 6124: Module GDI32.dll:
10:18:47:693 4388 Process 6124: Module msvcrt.dll:
10:18:47:712 4388 Process 6124: Module SHELL32.dll:
10:18:47:717 4388 Process 6124: Module SHLWAPI.dll:
10:18:47:720 4388 Process 6124: Module ole32.dll:
10:18:47:723 4388 Process 6124: Module OLEAUT32.dll:
10:18:47:724 4388 Process 6124: Module Secur32.dll:
10:18:47:725 4388 Process 6124: Module XmlLite.dll:
10:18:47:725 4388 Process 6124: Module MPR.dll:
10:18:47:726 4388 Process 6124: Module IMM32.DLL:
10:18:47:730 4388 Process 6124: Module MSCTF.dll:
10:18:47:731 4388 Process 6124: Module LPK.DLL:
10:18:47:732 4388 Process 6124: Module USP10.dll:
10:18:47:736 4388 Process 6124: Module comctl32.dll:
10:18:47:738 4388 Process 6124: Module rsaenh.dll:
10:18:47:740 4388 Process 6124: Module CLBCatQ.DLL:
10:18:47:740 4388 Process 6124: Module tschannel.dll:
10:18:47:741 4388 Process 6124: Module apphelp.dll:
10:18:47:743 4388 Process 6124: Module dimsjob.dll:
10:18:47:743 4388 Process 6124: Module USERENV.dll:
10:18:47:744 4388 Process 6124: Module ncrypt.dll:
10:18:47:747 4388 Process 6124: Module CRYPT32.dll:
10:18:47:748 4388 Process 6124: Module MSASN1.dll:
10:18:47:748 4388 Process 6124: Module GPAPI.dll:
10:18:47:749 4388 Process 6124: Module slc.dll:
10:18:47:749 4388 Process 6124: Module pautoenr.dll:
10:18:47:750 4388 Process 6124: Module NETAPI32.dll:
10:18:47:752 4388 Process 6124: Module PSAPI.DLL:
10:18:47:753 4388 Process 6124: Module WLDAP32.dll:
10:18:47:753 4388 Process 6124: Module WS2_32.dll:
10:18:47:753 4388 Process 6124: Module NSI.dll:
10:18:47:754 4388 Process 6124: Module certcli.dll:
10:18:47:755 4388 Process 6124: Module ATL.DLL:
10:18:47:758 4388 Process 6124: Module WININET.dll:
10:18:47:758 4388 Process 6124: Module Normaliz.dll:
10:18:47:762 4388 Process 6124: Module iertutil.dll:
10:18:47:765 4388 Process 6124: Module urlmon.dll:
10:18:47:769 4388 Process 6124: Module certenroll.dll:
10:18:47:769 4388 Process 6124: Module NTDSAPI.dll:
10:18:47:770 4388 Process 6124: Module DNSAPI.dll:
10:18:47:771 4388 Process 6124: Module WinSCard.dll:
10:18:47:771 4388 Process 6124: Module WTSAPI32.dll:
10:18:47:771 4388 Process 6124: Module WINSTA.dll:
10:18:47:777 4388 Process 1080: Module GoogleUpdate.exe:
10:18:47:780 4388 Process 1080: Module ntdll.dll:
10:18:47:783 4388 Process 1080: Module kernel32.dll:
10:18:47:792 4388 Process 1080: Module ADVAPI32.dll:
10:18:47:799 4388 Process 1080: Module RPCRT4.dll:
10:18:47:805 4388 Process 1080: Module ole32.dll:
10:18:47:808 4388 Process 1080: Module msvcrt.dll:
10:18:47:809 4388 Process 1080: Module GDI32.dll:
10:18:47:812 4388 Process 1080: Module USER32.dll:
10:18:47:814 4388 Process 1080: Module IMM32.DLL:
10:18:47:818 4388 Process 1080: Module MSCTF.dll:
10:18:47:819 4388 Process 1080: Module LPK.DLL:
10:18:47:821 4388 Process 1080: Module USP10.dll:
10:18:47:822 4388 Process 1080: Module SHLWAPI.dll:
10:18:47:827 4388 Process 1080: Module comctl32.dll:
10:18:47:860 4388 Process 1080: Module SHELL32.dll:
10:18:47:867 4388 Process 1080: Module goopdate.dll:
10:18:47:869 4388 Process 1080: Module IPHLPAPI.DLL:
10:18:47:870 4388 Process 1080: Module dhcpcsvc.DLL:
10:18:47:871 4388 Process 1080: Module DNSAPI.dll:
10:18:47:872 4388 Process 1080: Module WS2_32.dll:
10:18:47:873 4388 Process 1080: Module NSI.dll:
10:18:47:873 4388 Process 1080: Module Secur32.dll:
10:18:47:874 4388 Process 1080: Module WINNSI.DLL:
10:18:47:875 4388 Process 1080: Module dhcpcsvc6.DLL:
10:18:47:876 4388 Process 1080: Module NETAPI32.dll:
10:18:47:878 4388 Process 1080: Module PSAPI.DLL:
10:18:47:882 4388 Process 1080: Module CRYPT32.dll:
10:18:47:883 4388 Process 1080: Module MSASN1.dll:
10:18:47:883 4388 Process 1080: Module USERENV.dll:
10:18:47:884 4388 Process 1080: Module imagehlp.dll:
10:18:47:893 4388 Process 1080: Module msi.dll:
10:18:47:897 4388 Process 1080: Module WININET.dll:
10:18:47:898 4388 Process 1080: Module Normaliz.dll:
10:18:47:904 4388 Process 1080: Module iertutil.dll:
10:18:47:909 4388 Process 1080: Module urlmon.dll:
10:18:47:912 4388 Process 1080: Module OLEAUT32.dll:
10:18:47:913 4388 Process 1080: Module WINTRUST.dll:
10:18:47:914 4388 Process 1080: Module VERSION.dll:
10:18:47:914 4388 Process 1080: Module cscapi.dll:
10:18:47:915 4388 Process 1080: Module NTMARTA.DLL:
10:18:47:917 4388 Process 1080: Module WLDAP32.dll:
10:18:47:917 4388 Process 1080: Module SAMLIB.dll:
10:18:47:921 4388 Process 1080: Module dbghelp.dll:
10:18:47:922 4388 Process 1080: Module apphelp.dll:
10:18:47:925 4388 Process 1080: Module CLBCatQ.DLL:
10:18:47:926 4388 Process 1080: Module mstask.dll:
10:18:47:927 4388 Process 1080: Module NTDSAPI.dll:
10:18:47:929 4388 Process 1080: Module COMDLG32.dll:
10:18:47:933 4388 Process 5036: Module TrustedInstaller.exe:
10:18:47:935 4388 Process 5036: Module ntdll.dll:
10:18:47:937 4388 Process 5036: Module kernel32.dll:
10:18:47:946 4388 Process 5036: Module ADVAPI32.dll:
10:18:47:952 4388 Process 5036: Module RPCRT4.dll:
10:18:47:955 4388 Process 5036: Module msvcrt.dll:
10:18:47:959 4388 Process 5036: Module ole32.dll:
10:18:47:961 4388 Process 5036: Module GDI32.dll:
10:18:47:963 4388 Process 5036: Module USER32.dll:
10:18:47:965 4388 Process 5036: Module IMM32.DLL:
10:18:47:968 4388 Process 5036: Module MSCTF.dll:
10:18:47:969 4388 Process 5036: Module LPK.DLL:
10:18:47:970 4388 Process 5036: Module USP10.dll:
10:18:47:972 4388 Process 5036: Module cbscore.dll:
10:18:47:972 4388 Process 5036: Module VERSION.dll:
10:18:47:975 4388 Process 5036: Module CRYPT32.dll:
10:18:47:975 4388 Process 5036: Module MSASN1.dll:
10:18:47:976 4388 Process 5036: Module USERENV.dll:
10:18:47:976 4388 Process 5036: Module Secur32.dll:
10:18:47:977 4388 Process 5036: Module WINTRUST.dll:
10:18:47:978 4388 Process 5036: Module imagehlp.dll:
10:18:48:002 4388 Process 5036: Module wdscore.dll:
10:18:48:004 4388 Process 5036: Module OLEAUT32.dll:
10:18:48:028 4388 Process 5036: Module SHELL32.dll:
10:18:48:033 4388 Process 5036: Module SHLWAPI.dll:
10:18:48:037 4388 Process 5036: Module comctl32.dll:
10:18:48:041 4388 Process 5036: Module dbghelp.dll:
10:18:48:042 4388 Process 5036: Module Ktmw32.dll:
10:18:48:043 4388 Process 5036: Module dpx.dll:
10:18:48:085 4388 Process 5036: Module wcp.dll:
10:18:48:087 4388 Process 5036: Module DrUpdate.dll:
10:18:48:091 4388 Process 5036: Module SETUPAPI.dll:
10:18:48:093 4388 Process 5036: Module MPR.dll:
10:18:48:094 4388 Process 5036: Module SrClient.dll:
10:18:48:094 4388 Process 5036: Module SPP.dll:
10:18:48:097 4388 Process 5036: Module VSSAPI.DLL:
10:18:48:098 4388 Process 5036: Module ATL.DLL:
10:18:48:099 4388 Process 5036: Module vsstrace.dll:
10:18:48:099 4388 Process 5036: Module AUTHZ.dll:
10:18:48:100 4388 Process 5036: Module XmlLite.dll:
10:18:48:101 4388 Process 5036: Module NETAPI32.dll:
10:18:48:102 4388 Process 5036: Module PSAPI.DLL:
10:18:48:103 4388 Process 5036: Module wrpint.dll:
10:18:48:103 4388 Process 5036: Module SxsStore.dll:
10:18:48:104 4388 Process 5036: Module rsaenh.dll:
10:18:48:105 4388 Process 5036: Module CLBCatQ.DLL:
10:18:48:106 4388 Process 5036: Module CbsApi.dll:
10:18:48:106 4388 Process 5036: Module ncrypt.dll:
10:18:48:107 4388 Process 5036: Module BCRYPT.dll:
10:18:48:109 4388 Process 5036: Module NTMARTA.DLL:
10:18:48:110 4388 Process 5036: Module WLDAP32.dll:
10:18:48:110 4388 Process 5036: Module WS2_32.dll:
10:18:48:112 4388 Process 5036: Module NSI.dll:
10:18:48:112 4388 Process 5036: Module SAMLIB.dll:
 
10:18:48:112 4388 Process 5036: Module GPAPI.dll:
10:18:48:113 4388 Process 5036: Module slc.dll:
10:18:48:120 4388 Process 4348: Module iexplore.exe:
10:18:48:122 4388 Process 4348: Module ntdll.dll:
10:18:48:124 4388 Process 4348: Module kernel32.dll:
10:18:48:133 4388 Process 4348: Module ADVAPI32.dll:
10:18:48:139 4388 Process 4348: Module RPCRT4.dll:
10:18:48:142 4388 Process 4348: Module USER32.dll:
10:18:48:144 4388 Process 4348: Module GDI32.dll:
10:18:48:147 4388 Process 4348: Module msvcrt.dll:
10:18:48:147 4388 Process 4348: Module SHLWAPI.dll:
10:18:48:174 4388 Process 4348: Module SHELL32.dll:
10:18:48:180 4388 Process 4348: Module ole32.dll:
10:18:48:184 4388 Process 4348: Module urlmon.dll:
10:18:48:186 4388 Process 4348: Module OLEAUT32.dll:
10:18:48:190 4388 Process 4348: Module iertutil.dll:
10:18:48:192 4388 Process 4348: Module WININET.dll:
10:18:48:193 4388 Process 4348: Module Normaliz.dll:
10:18:48:193 4388 Process 4348: Module IMM32.DLL:
10:18:48:196 4388 Process 4348: Module MSCTF.dll:
10:18:48:197 4388 Process 4348: Module LPK.DLL:
10:18:48:198 4388 Process 4348: Module USP10.dll:
10:18:48:202 4388 Process 4348: Module comctl32.dll:
10:18:48:224 4388 Process 4348: Module IEFRAME.dll:
10:18:48:227 4388 Process 4348: Module PSAPI.DLL:
10:18:48:228 4388 Process 4348: Module OLEACC.dll:
10:18:48:229 4388 Process 4348: Module comdlg32.dll:
10:18:48:231 4388 Process 4348: Module uxtheme.dll:
10:18:48:233 4388 Process 4348: Module Secur32.dll:
10:18:48:235 4388 Process 4348: Module WS2_32.dll:
10:18:48:236 4388 Process 4348: Module NSI.dll:
10:18:48:236 4388 Process 4348: Module iphlpapi.dll:
10:18:48:237 4388 Process 4348: Module dhcpcsvc.DLL:
10:18:48:238 4388 Process 4348: Module DNSAPI.dll:
10:18:48:239 4388 Process 4348: Module WINNSI.DLL:
10:18:48:239 4388 Process 4348: Module dhcpcsvc6.DLL:
10:18:48:240 4388 Process 4348: Module mswsock.dll:
10:18:48:241 4388 Process 4348: Module wshtcpip.dll:
10:18:48:241 4388 Process 4348: Module wship6.dll:
10:18:48:242 4388 Process 4348: Module NLAapi.dll:
10:18:48:242 4388 Process 4348: Module napinsp.dll:
10:18:48:242 4388 Process 4348: Module pnrpnsp.dll:
10:18:48:242 4388 Process 4348: Module wshbth.dll:
10:18:48:246 4388 Process 4348: Module SETUPAPI.dll:
10:18:48:247 4388 Process 4348: Module mdnsNSP.dll:
10:18:48:248 4388 Process 4348: Module winrnr.dll:
10:18:48:248 4388 Process 4348: Module WLDAP32.dll:
10:18:48:249 4388 Process 4348: Module rasadhlp.dll:
10:18:48:249 4388 Process 4348: Module NTMARTA.DLL:
10:18:48:250 4388 Process 4348: Module SAMLIB.dll:
10:18:48:250 4388 Process 4348: Module VERSION.dll:
10:18:48:251 4388 Process 4348: Module apphelp.dll:
10:18:48:255 4388 Process 4348: Module CLBCatQ.DLL:
10:18:48:256 4388 Process 4348: Module RASAPI32.dll:
10:18:48:257 4388 Process 4348: Module rasman.dll:
10:18:48:258 4388 Process 4348: Module NETAPI32.dll:
10:18:48:260 4388 Process 4348: Module TAPI32.dll:
10:18:48:260 4388 Process 4348: Module rtutils.dll:
10:18:48:261 4388 Process 4348: Module WINMM.dll:
10:18:48:261 4388 Process 4348: Module USERENV.dll:
10:18:48:266 4388 Process 4348: Module CRYPT32.dll:
10:18:48:266 4388 Process 4348: Module MSASN1.dll:
10:18:48:266 4388 Process 4348: Module credssp.dll:
10:18:48:267 4388 Process 4348: Module schannel.dll:
10:18:48:268 4388 Process 4348: Module rsaenh.dll:
10:18:48:269 4388 Process 4348: Module sensapi.dll:
10:18:48:269 4388 Process 4348: Module IEUI.dll:
10:18:48:270 4388 Process 4348: Module MSIMG32.dll:
10:18:48:270 4388 Process 4348: Module ACTXPRXY.DLL:
10:18:48:271 4388 Process 4348: Module ieproxy.dll:
10:18:48:271 4388 Process 4348: Module btmmhook.dll:
10:18:48:272 4388 Process 4348: Module xmllite.dll:
10:18:48:272 4388 Process 4348: Module dwmapi.dll:
10:18:48:273 4388 Process 4348: Module SXS.DLL:
10:18:48:275 4388 Process 4348: Module MLANG.dll:
10:18:48:276 4388 Process 4348: Module PROPSYS.dll:
10:18:48:278 4388 Process 4348: Module dxgi.dll:
10:18:48:279 4388 Process 4348: Module WINTRUST.dll:
10:18:48:280 4388 Process 4348: Module imagehlp.dll:
10:18:48:282 4388 Process 4348: Module WindowsCodecs.dll:
10:18:48:283 4388 Process 4348: Module EhStorShell.dll:
10:18:48:284 4388 Process 4348: Module COMCTL32.dll:
10:18:48:286 4388 Process 4348: Module mssprxy.dll:
10:18:48:288 4388 Process 4348: Module msxml3.dll:
10:18:48:289 4388 Process 4348: Module DUser.dll:
10:18:48:290 4388 Process 4348: Module netprofm.dll:
10:18:48:291 4388 Process 4348: Module GPAPI.dll:
10:18:48:292 4388 Process 4348: Module slc.dll:
10:18:48:292 4388 Process 4348: Module npmproxy.dll:
10:18:48:293 4388 Process 4348: Module ieapfltr.dll:
10:18:48:297 4388 Process 4348: Module msxml6.dll:
10:18:48:300 4388 Process 4348: Module shdocvw.dll:
10:18:48:301 4388 Process 4348: Module dssenh.dll:
10:18:48:302 4388 Process 4348: Module ncrypt.dll:
10:18:48:303 4388 Process 4348: Module bcrypt.dll:
10:18:48:305 4388 Process 4348: Module cryptnet.dll:
10:18:48:306 4388 Process 4348: Module MpOav.dll:
10:18:48:306 4388 Process 4348: Module MpOAv.dll:
10:18:48:320 4388 Process 4256: Module iexplore.exe:
10:18:48:324 4388 Process 4256: Module ntdll.dll:
10:18:48:326 4388 Process 4256: Module kernel32.dll:
10:18:48:335 4388 Process 4256: Module ADVAPI32.dll:
10:18:48:341 4388 Process 4256: Module RPCRT4.dll:
10:18:48:344 4388 Process 4256: Module USER32.dll:
10:18:48:346 4388 Process 4256: Module GDI32.dll:
10:18:48:349 4388 Process 4256: Module msvcrt.dll:
10:18:48:350 4388 Process 4256: Module SHLWAPI.dll:
10:18:48:350 4388 Hook found 75E4E149 65C6D6BF user32.dll WinHelpW
10:18:48:350 4388 Hook found 75E4E1CB 65C6D557 user32.dll WinHelpA
10:18:48:374 4388 Process 4256: Module SHELL32.dll:
10:18:48:375 4388 Hook found 75E2C9E5 65C6CB0F user32.dll LoadImageW
10:18:48:375 4388 Hook found 75E4E149 65C6D6BF user32.dll WinHelpW
10:18:48:376 4388 Hook found 75E31802 65C6D11F user32.dll PrivateExtractIconsW
10:18:48:377 4388 Hook found 776E4C24 65C68C1A ntdll.dll NtQueryDirectoryFile
10:18:48:381 4388 Process 4256: Module ole32.dll:
10:18:48:385 4388 Process 4256: Module urlmon.dll:
10:18:48:386 4388 Hook found 7692F9EE 2720130 wininet.dll InternetReadFileExW
10:18:48:386 4388 Hook found 76925865 27200D0 wininet.dll HttpQueryInfoW
10:18:48:386 4388 Hook found 768FE13A 27200B0 wininet.dll HttpQueryInfoA
10:18:48:386 4388 Hook found 7692C7AA 2720030 wininet.dll InternetSetStatusCallbackA
10:18:48:386 4388 Hook found 76925CFA 2720050 wininet.dll InternetConnectW
10:18:48:386 4388 Hook found 76903184 27200F0 wininet.dll InternetQueryDataAvailable
10:18:48:387 4388 Hook found 768FF8D8 2720110 wininet.dll InternetReadFile
10:18:48:387 4388 Hook found 76925FEF 2720070 wininet.dll HttpOpenRequestW
10:18:48:387 4388 Hook found 7692632D 2720090 wininet.dll HttpSendRequestW
10:18:48:388 4388 Process 4256: Module OLEAUT32.dll:
10:18:48:388 4388 Hook found 75E4E149 65C6D6BF user32.dll WinHelpW
10:18:48:392 4388 Process 4256: Module iertutil.dll:
10:18:48:395 4388 Process 4256: Module WININET.dll:
10:18:48:396 4388 Process 4256: Module Normaliz.dll:
10:18:48:396 4388 Process 4256: Module IMM32.DLL:
10:18:48:399 4388 Process 4256: Module MSCTF.dll:
10:18:48:400 4388 Process 4256: Module LPK.DLL:
10:18:48:401 4388 Process 4256: Module USP10.dll:
10:18:48:405 4388 Process 4256: Module comctl32.dll:
10:18:48:423 4388 Process 4256: Module IEFRAME.dll:
10:18:48:427 4388 Process 4256: Module PSAPI.DLL:
10:18:48:427 4388 Process 4256: Module OLEACC.dll:
10:18:48:429 4388 Process 4256: Module comdlg32.dll:
10:18:48:430 4388 Hook found 75E2C9E5 65C6CB0F user32.dll LoadImageW
10:18:48:431 4388 Process 4256: Module IEShims.dll:
10:18:48:432 4388 Process 4256: Module uxtheme.dll:
10:18:48:433 4388 Process 4256: Module Secur32.dll:
10:18:48:434 4388 Process 4256: Module WS2_32.dll:
10:18:48:435 4388 Process 4256: Module NSI.dll:
10:18:48:435 4388 Process 4256: Module iphlpapi.dll:
10:18:48:436 4388 Process 4256: Module dhcpcsvc.DLL:
10:18:48:437 4388 Process 4256: Module DNSAPI.dll:
10:18:48:437 4388 Process 4256: Module WINNSI.DLL:
10:18:48:438 4388 Process 4256: Module dhcpcsvc6.DLL:
10:18:48:461 4388 Process 4256: Module MSHTML.dll:
10:18:48:464 4388 Process 4256: Module VERSION.dll:
10:18:48:468 4388 Process 4256: Module setupapi.dll:
10:18:48:469 4388 Hook found 75E2C9E5 65C6CB0F user32.dll LoadImageW
10:18:48:471 4388 Process 4256: Module d2d1.dll:
10:18:48:473 4388 Process 4256: Module DWrite.dll:
10:18:48:474 4388 Process 4256: Module rsaenh.dll:
10:18:48:475 4388 Process 4256: Module CLBCatQ.DLL:
10:18:48:476 4388 Process 4256: Module ieproxy.dll:
10:18:48:477 4388 Process 4256: Module ACTXPRXY.DLL:
10:18:48:477 4388 Process 4256: Module btmmhook.dll:
10:18:48:478 4388 Process 4256: Module apphelp.dll:
10:18:48:480 4388 Process 4256: Module MLANG.dll:
10:18:48:481 4388 Process 4256: Module NTMARTA.DLL:
10:18:48:482 4388 Process 4256: Module WLDAP32.dll:
10:18:48:483 4388 Process 4256: Module SAMLIB.dll:
10:18:48:483 4388 Process 4256: Module RASAPI32.dll:
10:18:48:484 4388 Process 4256: Module rasman.dll:
10:18:48:485 4388 Process 4256: Module NETAPI32.dll:
10:18:48:487 4388 Process 4256: Module TAPI32.dll:
10:18:48:487 4388 Process 4256: Module rtutils.dll:
10:18:48:488 4388 Process 4256: Module WINMM.dll:
10:18:48:489 4388 Process 4256: Module USERENV.dll:
10:18:48:491 4388 Process 4256: Module CRYPT32.dll:
10:18:48:492 4388 Process 4256: Module MSASN1.dll:
10:18:48:492 4388 Process 4256: Module credssp.dll:
10:18:48:493 4388 Process 4256: Module schannel.dll:
10:18:48:494 4388 Process 4256: Module sensapi.dll:
10:18:48:494 4388 Process 4256: Module mswsock.dll:
10:18:48:495 4388 Process 4256: Module wshtcpip.dll:
10:18:48:495 4388 Process 4256: Module NLAapi.dll:
10:18:48:496 4388 Process 4256: Module rasadhlp.dll:
10:18:48:496 4388 Process 4256: Module wship6.dll:
10:18:48:496 4388 Process 4256: Module napinsp.dll:
10:18:48:497 4388 Process 4256: Module pnrpnsp.dll:
10:18:48:497 4388 Process 4256: Module wshbth.dll:
10:18:48:497 4388 Process 4256: Module mdnsNSP.dll:
10:18:48:497 4388 Process 4256: Module winrnr.dll:
10:18:48:510 4388 Process 4256: Module GoogleToolbar_32.dll:
10:18:48:512 4388 Process 4256: Module Comctl32.dll:
10:18:48:513 4388 Process 4256: Module AcroIEHelper.dll:
10:18:48:513 4388 Hook found 75E335E3 65C685F0 user32.dll SetWindowPos
10:18:48:515 4388 Process 4256: Module MSVCR80.dll:
10:18:48:522 4388 Process 4256: Module GoogleToolbarDynamic_32_05C482CA2286F7C1.dll:
10:18:48:523 4388 Hook found 75E2C9E5 65C6CB0F user32.dll LoadImageW
10:18:48:528 4388 Process 4256: Module msi.dll:
10:18:48:529 4388 Process 4256: Module MSIMG32.dll:
10:18:48:532 4388 Process 4256: Module gdiplus.dll:
10:18:48:533 4388 Process 4256: Module WTSAPI32.dll:
10:18:48:533 4388 Process 4256: Module WINTRUST.dll:
10:18:48:534 4388 Process 4256: Module imagehlp.dll:
10:18:48:537 4388 Process 4256: Module query.dll:
10:18:48:551 4388 Process 4256: Module jp2ssv.dll:
10:18:48:564 4388 Process 4256: Module MSVCR71.dll:
10:18:48:633 4388 Process 4256: Module GoogleToolbarDynamic_mui_en_532AA89C449CD335.dll:
10:18:48:635 4388 Process 4256: Module dxgi.dll:
10:18:48:636 4388 Process 4256: Module dwmapi.dll:
10:18:48:638 4388 Process 4256: Module SXS.DLL:
10:18:48:640 4388 Process 4256: Module d3d10_1.dll:
10:18:48:641 4388 Process 4256: Module d3d10_1core.dll:
10:18:48:644 4388 Process 4256: Module D3D10Level9.dll:
10:18:48:654 4388 Process 4256: Module atiumdag.dll:
10:18:48:658 4388 Process 4256: Module dbghelp.dll:
10:18:48:673 4388 Process 4256: Module atiumdva.dll:
10:18:48:680 4388 Process 4256: Module jscript9.dll:
10:18:48:682 4388 Process 4256: Module ieapfltr.dll:
10:18:48:683 4388 Process 4256: Module msimtf.dll:
10:18:48:686 4388 Process 4256: Module PROPSYS.dll:
10:18:48:687 4388 Process 4256: Module Dxtrans.dll:
10:18:48:687 4388 Process 4256: Module ATL.DLL:
10:18:48:691 4388 Process 4256: Module windowscodecs.dll:
10:18:48:692 4388 Process 4256: Module ddrawex.dll:
10:18:48:696 4388 Process 4256: Module DDRAW.dll:
10:18:48:698 4388 Process 4256: Module DCIMAN32.dll:
10:18:48:699 4388 Process 4256: Module Dxtmsft.dll:
10:18:48:699 4388 Process 4256: Module XmlLite.dll:
10:18:48:707 4388 Process 4256: Module d3d10.dll:
10:18:48:709 4388 Process 4256: Module d3d10core.dll:
10:18:48:743 4388 Process 4256: Module swg.dll:
10:18:48:745 4388 Process 4256: Module ncrypt.dll:
10:18:48:746 4388 Process 4256: Module BCRYPT.dll:
10:18:48:748 4388 Process 4256: Module msls31.dll:
10:18:48:753 4388 Process 4256: Module msxml6.dll:
10:18:48:754 4388 Process 4256: Module dssenh.dll:
10:18:48:754 4388 Process 4256: Module GPAPI.dll:
10:18:48:755 4388 Process 4256: Module slc.dll:
10:18:48:756 4388 Process 4256: Module cryptnet.dll:
10:18:48:789 4388 Process 4256: Module Flash32_11_4_402_287.ocx:
10:18:48:790 4388 Hook found 75E2C9E5 65C6CB0F user32.dll LoadImageW
10:18:48:793 4388 Process 4256: Module DSOUND.dll:
10:18:48:793 4388 Process 4256: Module POWRPROF.dll:
10:18:48:794 4388 Process 4256: Module mscms.dll:
10:18:48:795 4388 Process 4256: Module WINSPOOL.DRV:
10:18:48:797 4388 Process 4256: Module VBScript.dll:
10:18:48:797 4388 Process 4256: Module MMDevApi.dll:
10:18:48:798 4388 Process 4256: Module AUDIOSES.DLL:
10:18:48:799 4388 Process 4256: Module audioeng.dll:
10:18:48:800 4388 Process 4256: Module AVRT.dll:
10:18:48:800 4388 Process 4256: Module WINSTA.dll:
10:18:48:801 4388 Process 4256: Module MSOXMLMF.DLL:
10:18:48:804 4388 Process 4256: Module D3D10Warp.dll:
10:18:48:806 4388 Process 4256: Module msxml3.dll:
10:18:48:811 4388 Process 5340: Module GoogleToolbarUser_32.exe:
10:18:48:814 4388 Process 5340: Module ntdll.dll:
10:18:48:816 4388 Process 5340: Module kernel32.dll:
10:18:48:835 4388 Process 5340: Module msi.dll:
10:18:48:838 4388 Process 5340: Module msvcrt.dll:
10:18:48:840 4388 Process 5340: Module ADVAPI32.dll:
10:18:48:845 4388 Process 5340: Module RPCRT4.dll:
10:18:48:849 4388 Process 5340: Module USER32.dll:
10:18:48:851 4388 Process 5340: Module GDI32.dll:
10:18:48:854 4388 Process 5340: Module ole32.dll:
10:18:48:878 4388 Process 5340: Module SHELL32.dll:
10:18:48:883 4388 Process 5340: Module SHLWAPI.dll:
10:18:48:883 4388 Process 5340: Module USERENV.dll:
10:18:48:884 4388 Process 5340: Module Secur32.dll:
10:18:48:885 4388 Process 5340: Module VERSION.dll:
10:18:48:886 4388 Process 5340: Module WINTRUST.dll:
10:18:48:888 4388 Process 5340: Module CRYPT32.dll:
10:18:48:889 4388 Process 5340: Module MSASN1.dll:
10:18:48:889 4388 Process 5340: Module imagehlp.dll:
10:18:48:890 4388 Process 5340: Module IMM32.DLL:
10:18:48:892 4388 Process 5340: Module MSCTF.dll:
10:18:48:894 4388 Process 5340: Module LPK.DLL:
10:18:48:895 4388 Process 5340: Module USP10.dll:
10:18:48:898 4388 Process 5340: Module comctl32.dll:
10:18:48:901 4388 Process 5340: Module uxtheme.dll:
10:18:48:910 4388 Process 5340: Module GoogleToolbarDynamic_32_05C482CA2286F7C1.dll:
10:18:48:915 4388 Process 5340: Module WININET.dll:
10:18:48:915 4388 Process 5340: Module Normaliz.dll:
10:18:48:919 4388 Process 5340: Module iertutil.dll:
10:18:48:922 4388 Process 5340: Module urlmon.dll:
10:18:48:924 4388 Process 5340: Module OLEAUT32.dll:
10:18:48:925 4388 Process 5340: Module RASAPI32.dll:
10:18:48:926 4388 Process 5340: Module rasman.dll:
10:18:48:926 4388 Process 5340: Module WS2_32.dll:
10:18:48:927 4388 Process 5340: Module NSI.dll:
10:18:48:928 4388 Process 5340: Module NETAPI32.dll:
10:18:48:930 4388 Process 5340: Module PSAPI.DLL:
10:18:48:930 4388 Process 5340: Module TAPI32.dll:
10:18:48:931 4388 Process 5340: Module rtutils.dll:
10:18:48:931 4388 Process 5340: Module WINMM.dll:
10:18:48:932 4388 Process 5340: Module OLEACC.dll:
10:18:48:933 4388 Process 5340: Module MSIMG32.dll:
10:18:48:937 4388 Process 5340: Module gdiplus.dll:
10:18:48:938 4388 Process 5340: Module IPHLPAPI.DLL:
10:18:48:938 4388 Process 5340: Module dhcpcsvc.DLL:
10:18:48:939 4388 Process 5340: Module DNSAPI.dll:
10:18:48:940 4388 Process 5340: Module WINNSI.DLL:
10:18:48:940 4388 Process 5340: Module dhcpcsvc6.DLL:
10:18:48:941 4388 Process 5340: Module WTSAPI32.dll:
10:18:48:944 4388 Process 5340: Module query.dll:
10:18:48:947 4388 Process 5340: Module GoogleToolbarDynamic_mui_en_532AA89C449CD335.dll:
10:18:48:949 4388 Process 5340: Module dbghelp.dll:
10:18:48:953 4388 Process 5340: Module SETUPAPI.dll:
10:18:48:955 4388 Process 5340: Module SAMLIB.dll:
10:18:48:955 4388 Process 5340: Module MPR.dll:
10:18:48:956 4388 Process 5340: Module ntlanman.dll:
10:18:48:957 4388 Process 5340: Module drprov.dll:
10:18:48:957 4388 Process 5340: Module davclnt.dll:
10:18:48:957 4388 Process 5340: Module cscapi.dll:
10:18:48:958 4388 Process 5340: Module apphelp.dll:
10:18:48:961 4388 Process 5340: Module CLBCatQ.DLL:
10:18:48:962 4388 Process 5340: Module PortableDeviceApi.dll:
10:18:48:964 4388 Process 5340: Module PROPSYS.dll:
10:18:49:002 4388 Process 5340: Module EhStorAPI.dll:
10:18:49:003 4388 Process 5340: Module ntshrui.dll:
10:18:49:004 4388 Process 5340: Module slc.dll:
10:18:49:004 4388 Process 5340: Module rsaenh.dll:
10:18:49:005 4388 Process 5340: Module SXS.DLL:
10:18:49:015 4388 Process 5340: Module psmachine.dll:
10:18:49:016 4388 Process 5340: Module NTMARTA.DLL:
10:18:49:017 4388 Process 5340: Module WLDAP32.dll:
10:18:49:021 4388 Process 5676: Module FlashUtil32_11_4_402_287_ActiveX.exe:
10:18:49:024 4388 Process 5676: Module ntdll.dll:
10:18:49:026 4388 Process 5676: Module kernel32.dll:
10:18:49:035 4388 Process 5676: Module OLEACC.dll:
10:18:49:037 4388 Process 5676: Module msvcrt.dll:
10:18:49:039 4388 Process 5676: Module USER32.dll:
10:18:49:041 4388 Process 5676: Module GDI32.dll:
10:18:49:044 4388 Process 5676: Module ADVAPI32.dll:
10:18:49:050 4388 Process 5676: Module RPCRT4.dll:
10:18:49:055 4388 Process 5676: Module ole32.dll:
10:18:49:080 4388 Process 5676: Module SHELL32.dll:
10:18:49:084 4388 Process 5676: Module SHLWAPI.dll:
10:18:49:086 4388 Process 5676: Module OLEAUT32.dll:
10:18:49:087 4388 Process 5676: Module IMM32.DLL:
10:18:49:090 4388 Process 5676: Module MSCTF.dll:
10:18:49:091 4388 Process 5676: Module LPK.DLL:
10:18:49:092 4388 Process 5676: Module USP10.dll:
10:18:49:096 4388 Process 5676: Module comctl32.dll:
10:18:49:098 4388 Process 5676: Module version.dll:
10:18:49:098 4388 Process 5676: Module dwmapi.dll:
10:18:49:099 4388 Process 5676: Module atl.dll:
10:18:49:099 4388 Process 5676: Module ntmarta.dll:
10:18:49:101 4388 Process 5676: Module WLDAP32.dll:
10:18:49:101 4388 Process 5676: Module WS2_32.dll:
10:18:49:102 4388 Process 5676: Module NSI.dll:
10:18:49:102 4388 Process 5676: Module PSAPI.DLL:
10:18:49:102 4388 Process 5676: Module SAMLIB.dll:
10:18:49:103 4388 Process 5676: Module winmm.dll:
10:18:49:105 4388 Process 5676: Module dsound.dll:
10:18:49:105 4388 Process 5676: Module POWRPROF.dll:
10:18:49:109 4388 Process 5676: Module d3d9.dll:
10:18:49:110 4388 Process 5676: Module d3d8thk.dll:
 
10:18:49:111 4388 Process 5676: Module mscms.dll:
10:18:49:112 4388 Process 5676: Module WINSPOOL.DRV:
10:18:49:112 4388 Process 5676: Module USERENV.dll:
10:18:49:113 4388 Process 5676: Module Secur32.dll:
10:18:49:133 4388 Process 5676: Module ieframe.dll:
10:18:49:140 4388 Process 5676: Module iertutil.dll:
10:18:49:140 4388 Process 5676: Module oleaccrc.dll:
10:18:49:142 4388 Process 5676: Module dbghelp.dll:
10:18:49:143 4388 Process 5676: Module uxtheme.dll:
10:18:49:144 4388 Process 5676: Module msasn1.dll:
10:18:49:146 4388 Process 5676: Module crypt32.dll:
10:18:49:163 4388 Process 5676: Module FlashUtil32_11_4_402_287_ActiveX.dll:
10:18:49:167 4388 Process 5676: Module WININET.dll:
10:18:49:167 4388 Process 5676: Module Normaliz.dll:
10:18:49:170 4388 Process 5676: Module urlmon.dll:
10:18:49:172 4388 Process 5676: Module CLBCatQ.DLL:
10:18:49:173 4388 Process 5676: Module rsaenh.dll:
10:18:49:174 4388 Process 5676: Module SXS.DLL:
10:18:49:185 4388 Process 5240: Module iexplore.exe:
10:18:49:187 4388 Process 5240: Module ntdll.dll:
10:18:49:189 4388 Process 5240: Module kernel32.dll:
10:18:49:198 4388 Process 5240: Module ADVAPI32.dll:
10:18:49:204 4388 Process 5240: Module RPCRT4.dll:
10:18:49:207 4388 Process 5240: Module USER32.dll:
10:18:49:210 4388 Process 5240: Module GDI32.dll:
10:18:49:213 4388 Process 5240: Module msvcrt.dll:
10:18:49:213 4388 Process 5240: Module SHLWAPI.dll:
10:18:49:214 4388 Hook found 75E4E149 65C6D6BF user32.dll WinHelpW
10:18:49:214 4388 Hook found 75E4E1CB 65C6D557 user32.dll WinHelpA
10:18:49:237 4388 Process 5240: Module SHELL32.dll:
10:18:49:238 4388 Hook found 75E2C9E5 65C6CB0F user32.dll LoadImageW
10:18:49:238 4388 Hook found 75E4E149 65C6D6BF user32.dll WinHelpW
10:18:49:239 4388 Hook found 75E31802 65C6D11F user32.dll PrivateExtractIconsW
10:18:49:240 4388 Hook found 776E4C24 65C68C1A ntdll.dll NtQueryDirectoryFile
10:18:49:244 4388 Process 5240: Module ole32.dll:
10:18:49:248 4388 Process 5240: Module urlmon.dll:
10:18:49:249 4388 Hook found 7692F9EE 2FC0130 wininet.dll InternetReadFileExW
10:18:49:249 4388 Hook found 76925865 2FC00D0 wininet.dll HttpQueryInfoW
10:18:49:249 4388 Hook found 768FE13A 2FC00B0 wininet.dll HttpQueryInfoA
10:18:49:249 4388 Hook found 7692C7AA 2FC0030 wininet.dll InternetSetStatusCallbackA
10:18:49:249 4388 Hook found 76925CFA 2FC0050 wininet.dll InternetConnectW
10:18:49:250 4388 Hook found 76903184 2FC00F0 wininet.dll InternetQueryDataAvailable
10:18:49:250 4388 Hook found 768FF8D8 2FC0110 wininet.dll InternetReadFile
10:18:49:250 4388 Hook found 76925FEF 2FC0070 wininet.dll HttpOpenRequestW
10:18:49:250 4388 Hook found 7692632D 2FC0090 wininet.dll HttpSendRequestW
10:18:49:251 4388 Process 5240: Module OLEAUT32.dll:
10:18:49:252 4388 Hook found 75E4E149 65C6D6BF user32.dll WinHelpW
10:18:49:256 4388 Process 5240: Module iertutil.dll:
10:18:49:258 4388 Process 5240: Module WININET.dll:
10:18:49:259 4388 Process 5240: Module Normaliz.dll:
10:18:49:259 4388 Process 5240: Module IMM32.DLL:
10:18:49:262 4388 Process 5240: Module MSCTF.dll:
10:18:49:263 4388 Process 5240: Module LPK.DLL:
10:18:49:265 4388 Process 5240: Module USP10.dll:
10:18:49:268 4388 Process 5240: Module comctl32.dll:
10:18:49:287 4388 Process 5240: Module IEFRAME.dll:
10:18:49:290 4388 Process 5240: Module PSAPI.DLL:
10:18:49:291 4388 Process 5240: Module OLEACC.dll:
10:18:49:292 4388 Process 5240: Module comdlg32.dll:
10:18:49:293 4388 Hook found 75E2C9E5 65C6CB0F user32.dll LoadImageW
10:18:49:294 4388 Process 5240: Module IEShims.dll:
10:18:49:295 4388 Process 5240: Module uxtheme.dll:
10:18:49:296 4388 Process 5240: Module Secur32.dll:
10:18:49:297 4388 Process 5240: Module WS2_32.dll:
10:18:49:298 4388 Process 5240: Module NSI.dll:
10:18:49:298 4388 Process 5240: Module iphlpapi.dll:
10:18:49:299 4388 Process 5240: Module dhcpcsvc.DLL:
10:18:49:300 4388 Process 5240: Module DNSAPI.dll:
10:18:49:300 4388 Process 5240: Module WINNSI.DLL:
10:18:49:301 4388 Process 5240: Module dhcpcsvc6.DLL:
10:18:49:324 4388 Process 5240: Module MSHTML.dll:
10:18:49:328 4388 Process 5240: Module VERSION.dll:
10:18:49:331 4388 Process 5240: Module setupapi.dll:
10:18:49:332 4388 Hook found 75E2C9E5 65C6CB0F user32.dll LoadImageW
10:18:49:334 4388 Process 5240: Module d2d1.dll:
10:18:49:337 4388 Process 5240: Module DWrite.dll:
10:18:49:337 4388 Process 5240: Module rsaenh.dll:
10:18:49:339 4388 Process 5240: Module dxgi.dll:
10:18:49:340 4388 Process 5240: Module dwmapi.dll:
10:18:49:341 4388 Process 5240: Module CLBCatQ.DLL:
10:18:49:342 4388 Process 5240: Module ieproxy.dll:
10:18:49:342 4388 Process 5240: Module WINTRUST.dll:
10:18:49:345 4388 Process 5240: Module CRYPT32.dll:
10:18:49:346 4388 Process 5240: Module MSASN1.dll:
10:18:49:346 4388 Process 5240: Module USERENV.dll:
10:18:49:347 4388 Process 5240: Module imagehlp.dll:
10:18:49:347 4388 Process 5240: Module d3d10_1.dll:
10:18:49:348 4388 Process 5240: Module d3d10_1core.dll:
10:18:49:349 4388 Process 5240: Module D3D10Level9.dll:
10:18:49:357 4388 Process 5240: Module atiumdag.dll:
10:18:49:358 4388 Process 5240: Module ACTXPRXY.DLL:
10:18:49:373 4388 Process 5240: Module atiumdva.dll:
10:18:49:375 4388 Process 5240: Module btmmhook.dll:
10:18:49:375 4388 Process 5240: Module apphelp.dll:
10:18:49:378 4388 Process 5240: Module GoogleToolbar_32.dll:
10:18:49:379 4388 Process 5240: Module Comctl32.dll:
10:18:49:389 4388 Process 5240: Module GoogleToolbarDynamic_32_05C482CA2286F7C1.dll:
10:18:49:390 4388 Hook found 75E2C9E5 65C6CB0F user32.dll LoadImageW
10:18:49:392 4388 Process 5240: Module RASAPI32.dll:
10:18:49:393 4388 Process 5240: Module rasman.dll:
10:18:49:393 4388 Process 5240: Module NETAPI32.dll:
10:18:49:395 4388 Process 5240: Module TAPI32.dll:
10:18:49:396 4388 Process 5240: Module rtutils.dll:
10:18:49:396 4388 Process 5240: Module WINMM.dll:
10:18:49:402 4388 Process 5240: Module msi.dll:
10:18:49:403 4388 Process 5240: Module MSIMG32.dll:
10:18:49:407 4388 Process 5240: Module gdiplus.dll:
10:18:49:407 4388 Process 5240: Module WTSAPI32.dll:
10:18:49:411 4388 Process 5240: Module query.dll:
10:18:49:413 4388 Process 5240: Module GoogleToolbarDynamic_mui_en_532AA89C449CD335.dll:
10:18:49:414 4388 Process 5240: Module AcroIEHelper.dll:
10:18:49:414 4388 Hook found 75E335E3 65C685F0 user32.dll SetWindowPos
10:18:49:416 4388 Process 5240: Module MSVCR80.dll:
10:18:49:416 4388 Process 5240: Module jp2ssv.dll:
10:18:49:417 4388 Process 5240: Module MSVCR71.dll:
10:18:49:417 4388 Process 5240: Module SXS.DLL:
10:18:49:420 4388 Process 5240: Module DBGHELP.DLL:
10:18:49:421 4388 Process 5240: Module mlang.dll:
10:18:49:421 4388 Process 5240: Module NTMARTA.DLL:
10:18:49:423 4388 Process 5240: Module WLDAP32.dll:
10:18:49:423 4388 Process 5240: Module SAMLIB.dll:
10:18:49:424 4388 Process 5240: Module credssp.dll:
10:18:49:424 4388 Process 5240: Module schannel.dll:
10:18:49:425 4388 Process 5240: Module sensapi.dll:
10:18:49:427 4388 Process 5240: Module PROPSYS.dll:
10:18:49:428 4388 Process 5240: Module ieapfltr.dll:
10:18:49:428 4388 Process 5240: Module mswsock.dll:
10:18:49:429 4388 Process 5240: Module wshtcpip.dll:
10:18:49:430 4388 Process 5240: Module wship6.dll:
10:18:49:430 4388 Process 5240: Module NLAapi.dll:
10:18:49:430 4388 Process 5240: Module napinsp.dll:
10:18:49:431 4388 Process 5240: Module pnrpnsp.dll:
10:18:49:431 4388 Process 5240: Module wshbth.dll:
10:18:49:431 4388 Process 5240: Module mdnsNSP.dll:
10:18:49:431 4388 Process 5240: Module winrnr.dll:
10:18:49:432 4388 Process 5240: Module rasadhlp.dll:
10:18:49:432 4388 Process 5240: Module msimtf.dll:
10:18:49:432 4388 Process 5240: Module msls31.dll:
10:18:49:433 4388 Process 5240: Module XmlLite.dll:
10:18:49:435 4388 Process 5240: Module d3d10.dll:
10:18:49:436 4388 Process 5240: Module d3d10core.dll:
10:18:49:439 4388 Process 5240: Module jscript9.dll:
10:18:49:442 4388 Process 5240: Module windowscodecs.dll:
10:18:49:445 4388 Process 5240: Module msxml6.dll:
10:18:49:446 4388 Process 5240: Module dssenh.dll:
10:18:49:446 4388 Process 5240: Module ncrypt.dll:
10:18:49:448 4388 Process 5240: Module bcrypt.dll:
10:18:49:449 4388 Process 5240: Module GPAPI.dll:
10:18:49:449 4388 Process 5240: Module slc.dll:
10:18:49:450 4388 Process 5240: Module cryptnet.dll:
10:18:49:452 4388 Process 5240: Module swg.dll:
10:18:49:462 4388 Process 5240: Module Wpc.dll:
10:18:49:464 4388 Process 5240: Module fwpuclnt.dll:
10:18:49:465 4388 Process 5240: Module wevtapi.dll:
10:18:49:468 4388 Process 2764: Module cmd.exe:
10:18:49:470 4388 Process 2764: Module ntdll.dll:
10:18:49:472 4388 Process 2764: Module kernel32.dll:
10:18:49:482 4388 Process 2764: Module ADVAPI32.dll:
10:18:49:494 4388 Process 2764: Module RPCRT4.dll:
10:18:49:497 4388 Process 2764: Module msvcrt.dll:
10:18:49:520 4388 Process 2764: Module SHELL32.dll:
10:18:49:524 4388 Process 2764: Module GDI32.dll:
10:18:49:527 4388 Process 2764: Module USER32.dll:
10:18:49:529 4388 Process 2764: Module SHLWAPI.dll:
10:18:49:530 4388 Process 2764: Module IMM32.DLL:
10:18:49:532 4388 Process 2764: Module MSCTF.dll:
10:18:49:534 4388 Process 2764: Module LPK.DLL:
10:18:49:535 4388 Process 2764: Module USP10.dll:
10:18:49:539 4388 Process 2764: Module comctl32.dll:
10:18:49:543 4388 Process 2764: Module ole32.dll:
10:18:49:546 4388 Process 2764: Module uxtheme.dll:
10:18:49:548 4388 Process 2764: Module PROPSYS.dll:
10:18:49:550 4388 Process 2764: Module OLEAUT32.dll:
10:18:49:551 4388 Process 2764: Module USERENV.dll:
10:18:49:551 4388 Process 2764: Module Secur32.dll:
10:18:49:554 4388 Process 2764: Module CLBCatQ.DLL:
10:18:49:557 4388 Process 2764: Module SETUPAPI.dll:
10:18:49:559 4388 Process 2764: Module apphelp.dll:
10:18:49:561 4388 Process 2764: Module MPR.dll:
10:18:49:562 4388 Process 2764: Module Cabinet.dll:
10:18:49:562 4388 AntiIAT: Current process, skipping...
10:18:49:583 4388 AntiSplice: Scan process [System Process] with PID 0
10:18:49:583 4388 ScanModules: OpenProcess error 87
10:18:49:583 4388 AntiSplice: Scan process SYSTEM with PID 4
10:18:49:583 4388 ScanModules: OpenProcess error 5
10:18:49:583 4388 AntiSplice: Scan process smss.exe with PID 436
10:18:49:585 4388 AntiSplice: Scan process csrss.exe with PID 560
10:18:49:590 4388 AntiSplice: Scan process csrss.exe with PID 624
10:18:49:594 4388 AntiSplice: Scan process wininit.exe with PID 632
10:18:49:605 4388 AntiSplice: Scan process services.exe with PID 668
10:18:49:610 4388 AntiSplice: Scan process lsass.exe with PID 680
10:18:49:616 4388 AntiSplice: Scan process lsm.exe with PID 688
10:18:49:621 4388 AntiSplice: Scan process winlogon.exe with PID 776
10:18:49:625 4388 AntiSplice: Scan process svchost.exe with PID 876
10:18:49:631 4388 AntiSplice: Scan process svchost.exe with PID 940
10:18:49:636 4388 AntiSplice: Scan process MsMpEng.exe with PID 1028
10:18:49:643 4388 AntiSplice: Scan process Ati2evxx.exe with PID 1120
10:18:49:651 4388 AntiSplice: Scan process svchost.exe with PID 1144
10:18:49:659 4388 AntiSplice: Scan process svchost.exe with PID 1180
10:18:49:671 4388 AntiSplice: Scan process svchost.exe with PID 1196
10:18:49:680 4388 AntiSplice: Scan process audiodg.exe with PID 1272
10:18:49:680 4388 ScanModules: OpenProcess error 5
10:18:49:680 4388 AntiSplice: Scan process svchost.exe with PID 1300
10:18:49:686 4388 AntiSplice: Scan process SLsvc.exe with PID 1320
10:18:49:692 4388 AntiSplice: Scan process svchost.exe with PID 1360
10:18:49:700 4388 AntiSplice: Scan process svchost.exe with PID 1536
10:18:49:708 4388 AntiSplice: Scan process Ati2evxx.exe with PID 1544
10:18:49:714 4388 AntiSplice: Scan process wlanext.exe with PID 1688
10:18:49:720 4388 AntiSplice: Scan process spoolsv.exe with PID 1764
10:18:49:726 4388 AntiSplice: Scan process svchost.exe with PID 1828
10:18:49:732 4388 AntiSplice: Scan process SASCore.exe with PID 200
10:18:49:736 4388 AntiSplice: Scan process AppleMobileDeviceService.exe with PID 292
10:18:49:741 4388 AntiSplice: Scan process BcmSqlStartupSvc.exe with PID 316
10:18:49:749 4388 AntiSplice: Scan process mDNSResponder.exe with PID 320
10:18:49:754 4388 AntiSplice: Scan process svchost.exe with PID 452
10:18:49:761 4388 AntiSplice: Scan process FsUsbExService.Exe with PID 540
10:18:49:768 4388 AntiSplice: Scan process svchost.exe with PID 660
10:18:49:773 4388 AntiSplice: Scan process LSSrvc.exe with PID 1036
10:18:49:781 4388 AntiSplice: Scan process svchost.exe with PID 520
10:18:49:788 4388 AntiSplice: Scan process RichVideo.exe with PID 2080
10:18:49:793 4388 AntiSplice: Scan process c2c_service.exe with PID 2196
10:18:49:798 4388 AntiSplice: Scan process sqlbrowser.exe with PID 2348
10:18:49:804 4388 AntiSplice: Scan process sqlwriter.exe with PID 2416
10:18:49:809 4388 AntiSplice: Scan process svchost.exe with PID 2448
10:18:49:816 4388 AntiSplice: Scan process svchost.exe with PID 2512
10:18:49:821 4388 AntiSplice: Scan process SearchIndexer.exe with PID 2540
10:18:49:828 4388 AntiSplice: Scan process rundll32.exe with PID 2672
10:18:49:834 4388 AntiSplice: Scan process taskeng.exe with PID 3400
10:18:49:844 4388 AntiSplice: Scan process taskeng.exe with PID 3448
10:18:49:849 4388 AntiSplice: Scan process MagicDoctorKbdHk.exe with PID 3528
10:18:49:855 4388 AntiSplice: Scan process dwm.exe with PID 3544
10:18:49:861 4388 AntiSplice: Scan process EasyBatteryMgr3.exe with PID 3568
10:18:49:866 4388 AntiSplice: Scan process EasySpeedUpManager.exe with PID 3576
10:18:49:872 4388 AntiSplice: Scan process explorer.exe with PID 3616
10:18:49:882 4388 AntiSplice: Scan process dmhkcore.exe with PID 3624
10:18:49:888 4388 AntiSplice: Scan process RtHDVCpl.exe with PID 3796
10:18:49:893 4388 AntiSplice: Scan process SynTPEnh.exe with PID 3808
10:18:49:899 4388 AntiSplice: Scan process PDVDServ.exe with PID 3816
10:18:49:904 4388 AntiSplice: Scan process hpwuSchd2.exe with PID 3836
10:18:49:909 4388 AntiSplice: Scan process BJMYPRT.EXE with PID 3972
10:18:49:914 4388 AntiSplice: Scan process CNSEMAIN.EXE with PID 3980
10:18:49:924 4388 AntiSplice: Scan process jusched.exe with PID 3988
10:18:49:935 4388 AntiSplice: Scan process msseces.exe with PID 3996
10:18:49:942 4388 AntiSplice: Scan process sidebar.exe with PID 4004
10:18:49:949 4388 AntiSplice: Scan process LightScribeControlPanel.exe with PID 4012
10:18:49:954 4388 AntiSplice: Scan process ehtray.exe with PID 4020
10:18:49:958 4388 AntiSplice: Scan process NPSAgent.exe with PID 4032
10:18:49:963 4388 AntiSplice: Scan process SpotifyWebHelper.exe with PID 4084
10:18:49:970 4388 AntiSplice: Scan process Skype.exe with PID 2128
10:18:49:978 4388 AntiSplice: Scan process SUPERAntiSpyware.exe with PID 1488
10:18:49:985 4388 AntiSplice: Scan process BTTray.exe with PID 2296
10:18:49:991 4388 AntiSplice: Scan process hpqtra08.exe with PID 2292
10:18:49:998 4388 AntiSplice: Scan process ONENOTEM.EXE with PID 2316
10:18:50:003 4388 AntiSplice: Scan process MOM.exe with PID 2772
10:18:50:010 4388 AntiSplice: Scan process unsecapp.exe with PID 2536
10:18:50:015 4388 AntiSplice: Scan process WmiPrvSE.exe with PID 2748
10:18:50:020 4388 AntiSplice: Scan process NisSrv.exe with PID 3488
10:18:50:025 4388 AntiSplice: Scan process ehmsas.exe with PID 2532
10:18:50:029 4388 AntiSplice: Scan process hpqste08.exe with PID 1256
10:18:50:035 4388 AntiSplice: Scan process CCC.exe with PID 3828
10:18:50:045 4388 AntiSplice: Scan process hpqbam08.exe with PID 3036
10:18:50:050 4388 AntiSplice: Scan process SynTPHelper.exe with PID 2592
10:18:50:056 4388 AntiSplice: Scan process hpqgpc01.exe with PID 4140
10:18:50:061 4388 AntiSplice: Scan process CNSEUPDT.EXE with PID 4576
10:18:50:068 4388 AntiSplice: Scan process svchost.exe with PID 4696
10:18:50:079 4388 AntiSplice: Scan process taskeng.exe with PID 6124
10:18:50:086 4388 AntiSplice: Scan process GoogleUpdate.exe with PID 1080
10:18:50:104 4388 AntiSplice: Scan process TrustedInstaller.exe with PID 5036
10:18:50:110 4388 AntiSplice: Scan process iexplore.exe with PID 4348
10:18:50:118 4388 AntiSplice: Scan process iexplore.exe with PID 4256
10:18:50:123 4388 Spliced function DefWindowProcA fixed in user32.dll module of process with PID 4256
10:18:50:124 4388 Spliced function DefWindowProcW fixed in user32.dll module of process with PID 4256
10:18:50:125 4388 Spliced function SetCursorPos fixed in user32.dll module of process with PID 4256
10:18:50:129 4388 AntiSplice: Scan process GoogleToolbarUser_32.exe with PID 5340
10:18:50:137 4388 AntiSplice: Scan process FlashUtil32_11_4_402_287_ActiveX.exe with PID 5676
10:18:50:144 4388 AntiSplice: Scan process iexplore.exe with PID 5240
10:18:50:148 4388 Spliced function DefWindowProcA fixed in user32.dll module of process with PID 5240
10:18:50:149 4388 Spliced function DefWindowProcW fixed in user32.dll module of process with PID 5240
10:18:50:150 4388 Spliced function SetCursorPos fixed in user32.dll module of process with PID 5240
10:18:50:154 4388 AntiSplice: Scan process cmd.exe with PID 2764
10:18:50:159 4388 AntiSplice: Scan process ZBotKiller.exe with PID 5288
10:18:50:166 4388
10:18:50:166 4388 Scanning Files ...
10:18:50:167 4388 ZBotMainCure System dir scanning
10:18:50:167 4388 ScanDir: Scanning directory: C:\Windows\system32
10:18:50:167 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Windows\system32\) returned status 00000000
10:18:50:168 4388 ZBotMainCure AppData dir scanning
10:18:50:169 4388 ScanDir: Scanning directory: C:\Users\Tamara Fulcher\AppData\Roaming
10:18:50:169 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Tamara Fulcher\AppData\Roaming\) returned status 00000000
10:18:50:170 4388 ScanDir: Scanning directory: C:\Users\Tamara Fulcher\AppData\Local
10:18:50:170 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Tamara Fulcher\AppData\Local\) returned status 00000000
10:18:50:170 4388 ZBotMainCure CommonAppData dir scanning
10:18:50:171 4388 ScanDir: Scanning directory: C:\ProgramData
10:18:50:171 4388 MyNtCreateFileW: NtCreateFile(\??\C:\ProgramData\) returned status 00000000
10:18:50:171 4388 ZBotMainCure Enumerating local profiles dirs
10:18:50:172 4388 ZBotMainCure Processing enum on profile S-1-5-18
10:18:50:172 4388 ScanDir: Scanning directory: C:\Windows\system32\config\systemprofile\AppData\Roaming
10:18:50:172 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Windows\system32\config\systemprofile\AppData\Roaming\) returned status 00000000
10:18:50:173 4388 ScanDir: Scanning directory: C:\Windows\system32\config\systemprofile\AppData\Local
10:18:50:173 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Windows\system32\config\systemprofile\AppData\Local\) returned status 00000000
10:18:50:174 4388 GetSpecialProfilePath: RegQueryValueEx (AppData) error 2
10:18:50:174 4388 GetSpecialProfilePath: RegQueryValueEx (AppData) error 2
10:18:50:174 4388 ZBotMainCure Processing enum on profile S-1-5-19
10:18:50:174 4388 ScanDir: Scanning directory: C:\Windows\ServiceProfiles\LocalService\AppData\Roaming
10:18:50:174 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\) returned status 00000000
10:18:50:175 4388 ScanDir: Scanning directory: C:\Windows\ServiceProfiles\LocalService\AppData\Local
10:18:50:175 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Windows\ServiceProfiles\LocalService\AppData\Local\) returned status 00000000
10:18:50:176 4388 GetSpecialProfilePath: RegQueryValueEx (AppData) error 2
10:18:50:176 4388 GetSpecialProfilePath: RegQueryValueEx (AppData) error 2
10:18:50:176 4388 ZBotMainCure Processing enum on profile S-1-5-20
10:18:50:177 4388 ScanDir: Scanning directory: C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming
10:18:50:177 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\) returned status 00000000
10:18:50:178 4388 ScanDir: Scanning directory: C:\Windows\ServiceProfiles\NetworkService\AppData\Local
10:18:50:178 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Windows\ServiceProfiles\NetworkService\AppData\Local\) returned status 00000000
10:18:50:178 4388 GetSpecialProfilePath: RegQueryValueEx (AppData) error 2
10:18:50:178 4388 GetSpecialProfilePath: RegQueryValueEx (AppData) error 2
10:18:50:179 4388 ZBotMainCure Processing enum on profile S-1-5-21-2230609155-3124472653-3679513960-1003
10:18:50:179 4388 ScanDir: Scanning directory: C:\Users\Tamara Fulcher\AppData\Roaming
10:18:50:179 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Tamara Fulcher\AppData\Roaming\) returned status 00000000
10:18:50:180 4388 ScanDir: Scanning directory: C:\Users\Tamara Fulcher\AppData\Local
10:18:50:180 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Tamara Fulcher\AppData\Local\) returned status 00000000
10:18:50:180 4388 ScanDir: Scanning directory: C:\Users\Tamara Fulcher\AppData\Roaming
10:18:50:181 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Tamara Fulcher\AppData\Roaming\) returned status 00000000
10:18:50:181 4388 ScanDir: Scanning directory: C:\Users\Tamara Fulcher\AppData\Local
10:18:50:181 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Tamara Fulcher\AppData\Local\) returned status 00000000
10:18:50:182 4388 ZBotMainCure Processing enum on profile S-1-5-21-2230609155-3124472653-3679513960-500
10:18:50:182 4388 GetProfileHKeyBySid: RegOpenKeyEx (HKU:S-1-5-21-2230609155-3124472653-3679513960-500) error 2
10:18:50:182 4388 ZBotMainCure: Warning! Profile S-1-5-21-2230609155-3124472653-3679513960-500 unloaded
10:18:50:182 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator. Curr recurse remain: 256
10:18:50:183 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData. Curr recurse remain: 255
10:18:50:183 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local. Curr recurse remain: 254
10:18:50:183 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Apple. Curr recurse remain: 253
10:18:50:184 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Apple\Apple Software Update. Curr recurse remain: 252
10:18:50:184 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Apple\Apple Software Update
10:18:50:184 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Apple\Apple Software Update\) returned status 00000000
10:18:50:185 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Apple
10:18:50:185 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Apple\) returned status 00000000
10:18:50:185 4388 ProcessEnumEx: (C:\Users\Administrator\AppData\Local\Application Data) - Reparse point detected!
10:18:50:186 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\ATI. Curr recurse remain: 253
10:18:50:186 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\ATI\ACE. Curr recurse remain: 252
10:18:50:186 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\ATI\ACE
10:18:50:186 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\ATI\ACE\) returned status 00000000
10:18:50:187 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\ATI
 
10:18:50:187 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\ATI\) returned status 00000000
10:18:50:188 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google. Curr recurse remain: 253
10:18:50:188 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome. Curr recurse remain: 252
10:18:50:188 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data. Curr recurse remain: 251
10:18:50:188 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default. Curr recurse remain: 250
10:18:50:189 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cache. Curr recurse remain: 249
10:18:50:212 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cache
10:18:50:212 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cache\) returned status 00000000
10:18:50:213 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions. Curr recurse remain: 249
10:18:50:213 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo. Curr recurse remain: 248
10:18:50:214 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0. Curr recurse remain: 247
10:18:50:214 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales. Curr recurse remain: 246
10:18:50:225 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ar. Curr recurse remain: 245
10:18:50:226 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ar
10:18:50:226 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ar\) returned status 00000000
10:18:50:227 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\bg. Curr recurse remain: 245
10:18:50:227 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\bg
10:18:50:227 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\bg\) returned status 00000000
10:18:50:228 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ca. Curr recurse remain: 245
10:18:50:229 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ca
10:18:50:229 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ca\) returned status 00000000
10:18:50:230 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs. Curr recurse remain: 245
10:18:50:230 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs
10:18:50:230 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs\) returned status 00000000
10:18:50:231 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\da. Curr recurse remain: 245
10:18:50:233 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\da
10:18:50:233 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\da\) returned status 00000000
10:18:50:235 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\de. Curr recurse remain: 245
10:18:50:235 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\de
10:18:50:236 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\de\) returned status 00000000
10:18:50:238 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\el. Curr recurse remain: 245
10:18:50:238 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\el
10:18:50:239 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\el\) returned status 00000000
10:18:50:241 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\en. Curr recurse remain: 245
10:18:50:241 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\en
10:18:50:242 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\en\) returned status 00000000
10:18:50:244 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\es. Curr recurse remain: 245
10:18:50:244 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\es
10:18:50:245 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\es\) returned status 00000000
10:18:50:246 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fi. Curr recurse remain: 245
10:18:50:247 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fi
10:18:50:248 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fi\) returned status 00000000
10:18:50:249 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fil. Curr recurse remain: 245
10:18:50:250 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fil
10:18:50:250 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fil\) returned status 00000000
10:18:50:252 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fr. Curr recurse remain: 245
10:18:50:253 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fr
10:18:50:253 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fr\) returned status 00000000
10:18:50:255 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\he. Curr recurse remain: 245
10:18:50:256 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\he
10:18:50:256 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\he\) returned status 00000000
10:18:50:258 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hi. Curr recurse remain: 245
10:18:50:259 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hi
10:18:50:259 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hi\) returned status 00000000
10:18:50:261 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hr. Curr recurse remain: 245
10:18:50:262 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hr
10:18:50:262 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hr\) returned status 00000000
10:18:50:264 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hu. Curr recurse remain: 245
10:18:50:265 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hu
10:18:50:265 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hu\) returned status 00000000
10:18:50:267 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\id. Curr recurse remain: 245
10:18:50:268 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\id
10:18:50:268 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\id\) returned status 00000000
10:18:50:270 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it. Curr recurse remain: 245
10:18:50:271 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it
10:18:50:271 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it\) returned status 00000000
10:18:50:273 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ja. Curr recurse remain: 245
10:18:50:274 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ja
10:18:50:274 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ja\) returned status 00000000
10:18:50:276 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ko. Curr recurse remain: 245
10:18:50:276 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ko
10:18:50:277 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ko\) returned status 00000000
10:18:50:279 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lt. Curr recurse remain: 245
10:18:50:279 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lt
10:18:50:280 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lt\) returned status 00000000
10:18:50:281 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lv. Curr recurse remain: 245
10:18:50:282 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lv
10:18:50:283 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lv\) returned status 00000000
10:18:50:284 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\nl. Curr recurse remain: 245
10:18:50:285 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\nl
10:18:50:285 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\nl\) returned status 00000000
10:18:50:287 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\no. Curr recurse remain: 245
10:18:50:288 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\no
10:18:50:288 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\no\) returned status 00000000
10:18:50:290 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pl. Curr recurse remain: 245
10:18:50:291 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pl
10:18:50:291 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pl\) returned status 00000000
10:18:50:293 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_BR. Curr recurse remain: 245
10:18:50:294 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_BR
10:18:50:294 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_BR\) returned status 00000000
10:18:50:296 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_PT. Curr recurse remain: 245
10:18:50:297 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_PT
10:18:50:297 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_PT\) returned status 00000000
10:18:50:299 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ro. Curr recurse remain: 245
10:18:50:300 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ro
10:18:50:300 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ro\) returned status 00000000
10:18:50:302 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ru. Curr recurse remain: 245
10:18:50:303 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ru
10:18:50:303 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ru\) returned status 00000000
10:18:50:304 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sk. Curr recurse remain: 245
10:18:50:305 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sk
10:18:50:305 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sk\) returned status 00000000
10:18:50:306 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sl. Curr recurse remain: 245
10:18:50:307 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sl
10:18:50:307 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sl\) returned status 00000000
10:18:50:308 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sr. Curr recurse remain: 245
10:18:50:308 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sr
10:18:50:308 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sr\) returned status 00000000
10:18:50:309 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sv. Curr recurse remain: 245
10:18:50:310 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sv
10:18:50:310 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sv\) returned status 00000000
10:18:50:312 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\th. Curr recurse remain: 245
10:18:50:313 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\th
10:18:50:315 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\th\) returned status 00000000
10:18:50:316 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\tr. Curr recurse remain: 245
10:18:50:316 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\tr
10:18:50:317 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\tr\) returned status 00000000
10:18:50:318 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\uk. Curr recurse remain: 245
10:18:50:319 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\uk
10:18:50:320 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\uk\) returned status 00000000
10:18:50:321 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\vi. Curr recurse remain: 245
10:18:50:322 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\vi
10:18:50:323 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\vi\) returned status 00000000
10:18:50:324 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_CN. Curr recurse remain: 245
10:18:50:325 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_CN
10:18:50:326 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_CN\) returned status 00000000
10:18:50:327 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_TW. Curr recurse remain: 245
10:18:50:328 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_TW
10:18:50:329 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_TW\) returned status 00000000
10:18:50:330 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales
10:18:50:331 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\) returned status 00000000
10:18:50:332 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX. Curr recurse remain: 246
10:18:50:333 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales. Curr recurse remain: 245
10:18:50:351 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ar. Curr recurse remain: 244
10:18:50:351 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ar
10:18:50:352 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ar\) returned status 00000000
10:18:50:353 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\bg. Curr recurse remain: 244
10:18:50:353 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\bg
10:18:50:353 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\bg\) returned status 00000000
10:18:50:354 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ca. Curr recurse remain: 244
10:18:50:355 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ca
10:18:50:355 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ca\) returned status 00000000
10:18:50:356 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\cs. Curr recurse remain: 244
10:18:50:356 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\cs
10:18:50:357 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\cs\) returned status 00000000
10:18:50:358 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\da. Curr recurse remain: 244
10:18:50:358 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\da
10:18:50:358 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\da\) returned status 00000000
10:18:50:359 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\de. Curr recurse remain: 244
10:18:50:360 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\de
10:18:50:360 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\de\) returned status 00000000
10:18:50:361 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\el. Curr recurse remain: 244
10:18:50:361 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\el
10:18:50:361 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\el\) returned status 00000000
10:18:50:362 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\en. Curr recurse remain: 244
10:18:50:363 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\en
10:18:50:363 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\en\) returned status 00000000
10:18:50:364 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\es. Curr recurse remain: 244
10:18:50:364 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\es
10:18:50:365 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\es\) returned status 00000000
10:18:50:366 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fi. Curr recurse remain: 244
10:18:50:366 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fi
10:18:50:366 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fi\) returned status 00000000
10:18:50:367 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fil. Curr recurse remain: 244
10:18:50:368 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fil
10:18:50:368 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fil\) returned status 00000000
10:18:50:369 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fr. Curr recurse remain: 244
10:18:50:369 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fr
10:18:50:369 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fr\) returned status 00000000
10:18:50:370 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\he. Curr recurse remain: 244
10:18:50:371 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\he
10:18:50:371 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\he\) returned status 00000000
10:18:50:372 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hi. Curr recurse remain: 244
10:18:50:373 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hi
10:18:50:373 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hi\) returned status 00000000
10:18:50:374 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hr. Curr recurse remain: 244
10:18:50:374 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hr
10:18:50:374 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hr\) returned status 00000000
10:18:50:375 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hu. Curr recurse remain: 244
10:18:50:376 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hu
10:18:50:376 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hu\) returned status 00000000
10:18:50:377 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\id. Curr recurse remain: 244
10:18:50:377 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\id
10:18:50:378 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\id\) returned status 00000000
10:18:50:379 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\it. Curr recurse remain: 244
10:18:50:379 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\it
10:18:50:379 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\it\) returned status 00000000
10:18:50:380 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ja. Curr recurse remain: 244
10:18:50:381 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ja
10:18:50:381 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ja\) returned status 00000000
10:18:50:383 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ko. Curr recurse remain: 244
10:18:50:384 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ko
10:18:50:385 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ko\) returned status 00000000
10:18:50:387 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lt. Curr recurse remain: 244
10:18:50:387 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lt
10:18:50:388 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lt\) returned status 00000000
10:18:50:390 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lv. Curr recurse remain: 244
10:18:50:390 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lv
10:18:50:391 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lv\) returned status 00000000
10:18:50:393 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\nl. Curr recurse remain: 244
10:18:50:393 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\nl
10:18:50:394 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\nl\) returned status 00000000
10:18:50:395 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\no. Curr recurse remain: 244
10:18:50:396 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\no
10:18:50:397 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\no\) returned status 00000000
10:18:50:399 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pl. Curr recurse remain: 244
10:18:50:399 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pl
10:18:50:400 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pl\) returned status 00000000
10:18:50:402 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_BR. Curr recurse remain: 244
10:18:50:402 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_BR
10:18:50:403 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_BR\) returned status 00000000
10:18:50:404 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_PT. Curr recurse remain: 244
10:18:50:404 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_PT
10:18:50:404 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_PT\) returned status 00000000
10:18:50:405 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ro. Curr recurse remain: 244
10:18:50:406 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ro
10:18:50:406 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ro\) returned status 00000000
10:18:50:407 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ru. Curr recurse remain: 244
10:18:50:422 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ru
10:18:50:422 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ru\) returned status 00000000
10:18:50:424 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sk. Curr recurse remain: 244
10:18:50:425 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sk
10:18:50:425 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sk\) returned status 00000000
10:18:50:427 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sl. Curr recurse remain: 244
10:18:50:428 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sl
 
10:18:50:428 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sl\) returned status 00000000
10:18:50:430 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sr. Curr recurse remain: 244
10:18:50:431 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sr
10:18:50:431 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sr\) returned status 00000000
10:18:50:433 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sv. Curr recurse remain: 244
10:18:50:434 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sv
10:18:50:435 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sv\) returned status 00000000
10:18:50:436 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\th. Curr recurse remain: 244
10:18:50:436 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\th
10:18:50:436 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\th\) returned status 00000000
10:18:50:437 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\tr. Curr recurse remain: 244
10:18:50:438 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\tr
10:18:50:438 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\tr\) returned status 00000000
10:18:50:439 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\uk. Curr recurse remain: 244
10:18:50:439 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\uk
10:18:50:439 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\uk\) returned status 00000000
10:18:50:440 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\vi. Curr recurse remain: 244
10:18:50:441 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\vi
10:18:50:441 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\vi\) returned status 00000000
10:18:50:442 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_CN. Curr recurse remain: 244
10:18:50:442 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_CN
10:18:50:443 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_CN\) returned status 00000000
10:18:50:444 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_TW. Curr recurse remain: 244
10:18:50:445 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_TW
10:18:50:445 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_TW\) returned status 00000000
10:18:50:448 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales
10:18:50:448 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\) returned status 00000000
10:18:50:450 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX
10:18:50:450 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\) returned status 00000000
10:18:50:452 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
10:18:50:452 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\) returned status 00000000
10:18:50:454 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
10:18:50:454 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\) returned status 00000000
10:18:50:456 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf. Curr recurse remain: 248
10:18:50:457 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0. Curr recurse remain: 247
10:18:50:471 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales. Curr recurse remain: 246
10:18:50:480 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ar. Curr recurse remain: 245
10:18:50:481 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ar
10:18:50:481 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ar\) returned status 00000000
10:18:50:483 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\bg. Curr recurse remain: 245
10:18:50:484 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\bg
10:18:50:485 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\bg\) returned status 00000000
10:18:50:487 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ca. Curr recurse remain: 245
10:18:50:488 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ca
10:18:50:488 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ca\) returned status 00000000
10:18:50:490 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\cs. Curr recurse remain: 245
10:18:50:491 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\cs
10:18:50:491 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\cs\) returned status 00000000
10:18:50:493 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\da. Curr recurse remain: 245
10:18:50:494 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\da
10:18:50:494 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\da\) returned status 00000000
10:18:50:496 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\de. Curr recurse remain: 245
10:18:50:497 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\de
10:18:50:497 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\de\) returned status 00000000
10:18:50:499 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\el. Curr recurse remain: 245
10:18:50:500 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\el
10:18:50:500 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\el\) returned status 00000000
10:18:50:502 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en. Curr recurse remain: 245
10:18:50:503 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en
10:18:50:503 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en\) returned status 00000000
10:18:50:506 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_GB. Curr recurse remain: 245
10:18:50:507 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_GB
10:18:50:507 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_GB\) returned status 00000000
10:18:50:510 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_US. Curr recurse remain: 245
10:18:50:511 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_US
10:18:50:511 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_US\) returned status 00000000
10:18:50:513 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es. Curr recurse remain: 245
10:18:50:514 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es
10:18:50:514 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es\) returned status 00000000
10:18:50:516 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es_419. Curr recurse remain: 245
10:18:50:517 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es_419
10:18:50:517 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es_419\) returned status 00000000
10:18:50:519 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\et. Curr recurse remain: 245
10:18:50:520 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\et
10:18:50:520 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\et\) returned status 00000000
10:18:50:522 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fi. Curr recurse remain: 245
10:18:50:523 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fi
10:18:50:523 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fi\) returned status 00000000
10:18:50:525 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fil. Curr recurse remain: 245
10:18:50:526 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fil
10:18:50:526 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fil\) returned status 00000000
10:18:50:528 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fr. Curr recurse remain: 245
10:18:50:529 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fr
10:18:50:529 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fr\) returned status 00000000
10:18:50:531 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\he. Curr recurse remain: 245
10:18:50:532 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\he
10:18:50:532 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\he\) returned status 00000000
10:18:50:534 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hi. Curr recurse remain: 245
10:18:50:535 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hi
10:18:50:535 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hi\) returned status 00000000
10:18:50:537 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hr. Curr recurse remain: 245
10:18:50:538 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hr
10:18:50:538 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hr\) returned status 00000000
10:18:50:540 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hu. Curr recurse remain: 245
10:18:50:541 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hu
10:18:50:541 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hu\) returned status 00000000
10:18:50:543 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\id. Curr recurse remain: 245
10:18:50:544 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\id
10:18:50:544 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\id\) returned status 00000000
10:18:50:546 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\it. Curr recurse remain: 245
10:18:50:547 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\it
10:18:50:547 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\it\) returned status 00000000
10:18:50:549 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ja. Curr recurse remain: 245
10:18:50:550 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ja
10:18:50:550 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ja\) returned status 00000000
10:18:50:552 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ko. Curr recurse remain: 245
10:18:50:553 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ko
10:18:50:553 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ko\) returned status 00000000
10:18:50:554 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lt. Curr recurse remain: 245
10:18:50:555 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lt
10:18:50:555 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lt\) returned status 00000000
10:18:50:556 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lv. Curr recurse remain: 245
10:18:50:556 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lv
10:18:50:556 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lv\) returned status 00000000
10:18:50:557 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\nl. Curr recurse remain: 245
10:18:50:558 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\nl
10:18:50:558 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\nl\) returned status 00000000
10:18:50:559 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\no. Curr recurse remain: 245
10:18:50:560 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\no
10:18:50:560 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\no\) returned status 00000000
10:18:50:562 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pl. Curr recurse remain: 245
10:18:50:563 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pl
10:18:50:563 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pl\) returned status 00000000
10:18:50:565 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_BR. Curr recurse remain: 245
10:18:50:566 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_BR
10:18:50:566 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_BR\) returned status 00000000
10:18:50:568 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_PT. Curr recurse remain: 245
10:18:50:569 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_PT
10:18:50:569 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_PT\) returned status 00000000
10:18:50:571 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ro. Curr recurse remain: 245
10:18:50:572 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ro
10:18:50:572 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ro\) returned status 00000000
10:18:50:574 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ru. Curr recurse remain: 245
10:18:50:575 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ru
10:18:50:575 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ru\) returned status 00000000
10:18:50:577 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sk. Curr recurse remain: 245
10:18:50:578 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sk
10:18:50:578 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sk\) returned status 00000000
10:18:50:580 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sl. Curr recurse remain: 245
10:18:50:581 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sl
10:18:50:581 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sl\) returned status 00000000
10:18:50:583 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sr. Curr recurse remain: 245
10:18:50:584 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sr
10:18:50:584 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sr\) returned status 00000000
10:18:50:586 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sv. Curr recurse remain: 245
10:18:50:587 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sv
10:18:50:587 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sv\) returned status 00000000
10:18:50:589 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\th. Curr recurse remain: 245
10:18:50:590 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\th
10:18:50:590 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\th\) returned status 00000000
10:18:50:592 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\tr. Curr recurse remain: 245
10:18:50:593 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\tr
10:18:50:593 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\tr\) returned status 00000000
10:18:50:595 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\uk. Curr recurse remain: 245
10:18:50:596 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\uk
10:18:50:596 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\uk\) returned status 00000000
10:18:50:597 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\vi. Curr recurse remain: 245
10:18:50:598 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\vi
10:18:50:598 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\vi\) returned status 00000000
10:18:50:599 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_CN. Curr recurse remain: 245
10:18:50:600 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_CN
10:18:50:600 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_CN\) returned status 00000000
10:18:50:601 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_TW. Curr recurse remain: 245
10:18:50:601 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_TW
10:18:50:601 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_TW\) returned status 00000000
10:18:50:602 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales
10:18:50:603 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\) returned status 00000000
10:18:50:604 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
10:18:50:604 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\) returned status 00000000
10:18:50:605 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
 
10:18:50:606 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\) returned status 00000000
10:18:50:607 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl. Curr recurse remain: 248
10:18:50:608 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0. Curr recurse remain: 247
10:18:50:609 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0
10:18:50:609 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\) returned status 00000000
10:18:50:610 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
10:18:50:610 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\) returned status 00000000
10:18:50:611 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia. Curr recurse remain: 248
10:18:50:611 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0. Curr recurse remain: 247
10:18:50:612 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales. Curr recurse remain: 246
10:18:50:689 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ar. Curr recurse remain: 245
10:18:50:690 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ar
10:18:50:690 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ar\) returned status 00000000
10:18:50:691 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\bg. Curr recurse remain: 245
10:18:50:691 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\bg
10:18:50:692 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\bg\) returned status 00000000
10:18:50:693 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ca. Curr recurse remain: 245
10:18:50:693 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ca
10:18:50:693 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ca\) returned status 00000000
10:18:50:694 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\cs. Curr recurse remain: 245
10:18:50:695 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\cs
10:18:50:695 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\cs\) returned status 00000000
10:18:50:696 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\da. Curr recurse remain: 245
10:18:50:696 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\da
10:18:50:696 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\da\) returned status 00000000
10:18:50:697 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\de. Curr recurse remain: 245
10:18:50:698 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\de
10:18:50:698 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\de\) returned status 00000000
10:18:50:699 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\el. Curr recurse remain: 245
10:18:50:699 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\el
10:18:50:700 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\el\) returned status 00000000
10:18:50:700 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\en. Curr recurse remain: 245
10:18:50:701 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\en
10:18:50:701 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\en\) returned status 00000000
10:18:50:702 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\es. Curr recurse remain: 245
10:18:50:703 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\es
10:18:50:703 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\es\) returned status 00000000
10:18:50:704 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fi. Curr recurse remain: 245
10:18:50:704 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fi
10:18:50:704 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fi\) returned status 00000000
10:18:50:705 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fil. Curr recurse remain: 245
10:18:50:706 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fil
10:18:50:706 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fil\) returned status 00000000
10:18:50:707 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fr. Curr recurse remain: 245
10:18:50:707 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fr
10:18:50:708 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fr\) returned status 00000000
10:18:50:708 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hi. Curr recurse remain: 245
10:18:50:709 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hi
10:18:50:709 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hi\) returned status 00000000
10:18:50:710 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hr. Curr recurse remain: 245
10:18:50:711 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hr
10:18:50:711 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hr\) returned status 00000000
10:18:50:713 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu. Curr recurse remain: 245
10:18:50:714 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu
10:18:50:714 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu\) returned status 00000000
10:18:50:716 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\id. Curr recurse remain: 245
10:18:50:717 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\id
10:18:50:717 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\id\) returned status 00000000
10:18:50:719 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\it. Curr recurse remain: 245
10:18:50:720 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\it
10:18:50:720 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\it\) returned status 00000000
10:18:50:722 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ja. Curr recurse remain: 245
10:18:50:723 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ja
10:18:50:723 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ja\) returned status 00000000
10:18:50:724 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ko. Curr recurse remain: 245
10:18:50:725 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ko
10:18:50:725 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ko\) returned status 00000000
10:18:50:726 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lt. Curr recurse remain: 245
10:18:50:727 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lt
10:18:50:727 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lt\) returned status 00000000
10:18:50:728 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lv. Curr recurse remain: 245
10:18:50:728 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lv
10:18:50:728 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lv\) returned status 00000000
10:18:50:729 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\nl. Curr recurse remain: 245
10:18:50:730 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\nl
10:18:50:730 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\nl\) returned status 00000000
10:18:50:731 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\no. Curr recurse remain: 245
10:18:50:731 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\no
10:18:50:732 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\no\) returned status 00000000
10:18:50:733 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pl. Curr recurse remain: 245
10:18:50:733 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pl
10:18:50:733 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pl\) returned status 00000000
10:18:50:735 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_BR. Curr recurse remain: 245
10:18:50:735 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_BR
10:18:50:736 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_BR\) returned status 00000000
10:18:50:737 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_PT. Curr recurse remain: 245
10:18:50:738 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_PT
10:18:50:738 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_PT\) returned status 00000000
10:18:50:739 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ro. Curr recurse remain: 245
10:18:50:739 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ro
10:18:50:739 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ro\) returned status 00000000
10:18:50:740 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ru. Curr recurse remain: 245
10:18:50:741 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ru
10:18:50:741 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ru\) returned status 00000000
10:18:50:742 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\se. Curr recurse remain: 245
10:18:50:743 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\se
10:18:50:743 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\se\) returned status 00000000
10:18:50:744 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sk. Curr recurse remain: 245
10:18:50:744 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sk
10:18:50:744 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sk\) returned status 00000000
10:18:50:745 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sl. Curr recurse remain: 245
10:18:50:746 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sl
10:18:50:746 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sl\) returned status 00000000
10:18:50:747 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sr. Curr recurse remain: 245
10:18:50:747 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sr
10:18:50:747 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sr\) returned status 00000000
10:18:50:748 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\th. Curr recurse remain: 245
10:18:50:749 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\th
10:18:50:749 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\th\) returned status 00000000
10:18:50:750 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\tr. Curr recurse remain: 245
10:18:50:750 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\tr
10:18:50:750 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\tr\) returned status 00000000
10:18:50:752 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\uk. Curr recurse remain: 245
10:18:50:752 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\uk
10:18:50:752 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\uk\) returned status 00000000
10:18:50:753 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\vi. Curr recurse remain: 245
10:18:50:754 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\vi
10:18:50:754 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\vi\) returned status 00000000
10:18:50:755 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_CN. Curr recurse remain: 245
10:18:50:755 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_CN
10:18:50:756 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_CN\) returned status 00000000
10:18:50:757 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_TW. Curr recurse remain: 245
10:18:50:757 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_TW
10:18:50:757 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_TW\) returned status 00000000
10:18:50:758 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales
10:18:50:758 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\) returned status 00000000
10:18:50:759 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX. Curr recurse remain: 246
10:18:50:760 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX\_locales. Curr recurse remain: 245
10:18:50:760 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX\_locales
10:18:50:760 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX\_locales\) returned status 00000000
10:18:50:761 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX
10:18:50:761 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX\) returned status 00000000
10:18:50:762 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
10:18:50:763 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\) returned status 00000000
10:18:50:763 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
10:18:50:764 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\) returned status 00000000
10:18:50:764 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions
10:18:50:765 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\) returned status 00000000
10:18:50:765 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage. Curr recurse remain: 249
10:18:50:774 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage
10:18:50:774 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\) returned status 00000000
10:18:50:775 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets. Curr recurse remain: 249
10:18:50:775 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets
10:18:50:775 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets\) returned status 00000000
10:18:50:776 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default
10:18:50:776 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\) returned status 00000000
10:18:50:777 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\PepperFlash. Curr recurse remain: 250
10:18:50:777 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\PepperFlash
10:18:50:778 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\PepperFlash\) returned status 00000000
10:18:50:778 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\SwiftShader. Curr recurse remain: 250
10:18:50:779 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\SwiftShader
10:18:50:779 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\SwiftShader\) returned status 00000000
10:18:50:779 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Temp. Curr recurse remain: 250
10:18:50:780 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Temp
10:18:50:780 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Temp\) returned status 00000000
10:18:50:781 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data
10:18:50:781 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\) returned status 00000000
10:18:50:782 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google\Chrome
10:18:50:782 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\Chrome\) returned status 00000000
10:18:50:782 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Google
10:18:50:782 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Google\) returned status 00000000
10:18:50:783 4388 ProcessEnumEx: (C:\Users\Administrator\AppData\Local\History) - Reparse point detected!
10:18:50:783 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft. Curr recurse remain: 253
10:18:50:783 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Credentials. Curr recurse remain: 252
10:18:50:784 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Credentials
10:18:50:784 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Credentials\) returned status 00000000
10:18:50:784 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Feeds. Curr recurse remain: 252
10:18:50:785 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~. Curr recurse remain: 251
10:18:50:785 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~. Curr recurse remain: 250
10:18:50:786 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
10:18:50:786 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\) returned status 00000000
10:18:50:787 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
10:18:50:787 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\) returned status 00000000
10:18:50:787 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Feeds
10:18:50:788 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Feeds\) returned status 00000000
10:18:50:788 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache. Curr recurse remain: 252
10:18:50:797 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache\5FCON1VB. Curr recurse remain: 251
10:18:50:798 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache\5FCON1VB
10:18:50:798 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache\5FCON1VB\) returned status 00000000
10:18:50:799 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache\8P6YNY64. Curr recurse remain: 251
10:18:50:799 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache\8P6YNY64
10:18:50:799 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache\8P6YNY64\) returned status 00000000
10:18:50:800 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache\FTNCUPHA. Curr recurse remain: 251
10:18:50:800 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache\FTNCUPHA
10:18:50:800 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache\FTNCUPHA\) returned status 00000000
10:18:50:801 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache\ZUOOAEE4. Curr recurse remain: 251
10:18:50:802 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache\ZUOOAEE4
10:18:50:802 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache\ZUOOAEE4\) returned status 00000000
10:18:50:802 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache
10:18:50:802 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache\) returned status 00000000
10:18:50:803 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Internet Explorer. Curr recurse remain: 252
10:18:50:804 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Internet Explorer\IECompatData. Curr recurse remain: 251
10:18:50:804 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Internet Explorer\IECompatData
10:18:50:804 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Internet Explorer\IECompatData\) returned status 00000000
10:18:50:805 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Internet Explorer
10:18:50:805 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Internet Explorer\) returned status 00000000
10:18:50:806 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Media Player. Curr recurse remain: 252
10:18:50:817 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Media Player\Sync Playlists. Curr recurse remain: 251
10:18:50:817 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Media Player\Sync Playlists\en-GB. Curr recurse remain: 250
10:18:50:818 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Media Player\Sync Playlists\en-GB\000276E3. Curr recurse remain: 249
10:18:50:827 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Media Player\Sync Playlists\en-GB\000276E3
10:18:50:827 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Media Player\Sync Playlists\en-GB\000276E3\) returned status 00000000
10:18:50:828 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Media Player\Sync Playlists\en-GB
10:18:50:828 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Media Player\Sync Playlists\en-GB\) returned status 00000000
10:18:50:829 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Media Player\Sync Playlists
10:18:50:829 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Media Player\Sync Playlists\) returned status 00000000
10:18:50:830 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Media Player
10:18:50:830 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Media Player\) returned status 00000000
10:18:50:831 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows. Curr recurse remain: 252
10:18:50:831 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\1033. Curr recurse remain: 251
10:18:50:831 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\1033
10:18:50:831 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\1033\) returned status 00000000
10:18:50:832 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Burn. Curr recurse remain: 251
10:18:50:832 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Burn\Burn. Curr recurse remain: 250
10:18:50:833 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Burn\Burn
10:18:50:833 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\Burn\Burn\) returned status 00000000
10:18:50:834 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Burn\Burn1. Curr recurse remain: 250
10:18:50:834 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Burn\Burn1
10:18:50:834 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\Burn\Burn1\) returned status 00000000
10:18:50:835 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Burn
10:18:50:835 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\Burn\) returned status 00000000
10:18:50:836 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Explorer. Curr recurse remain: 251
10:18:50:836 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Explorer
10:18:50:836 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\Explorer\) returned status 00000000
10:18:50:837 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\GameExplorer. Curr recurse remain: 251
10:18:50:838 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\GameExplorer
10:18:50:838 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\GameExplorer\) returned status 00000000
10:18:50:838 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\History. Curr recurse remain: 251
10:18:50:839 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\History\History.IE5. Curr recurse remain: 250
10:18:50:839 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\History\History.IE5
10:18:50:839 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\History\History.IE5\) returned status 00000000
10:18:50:840 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\History\Low. Curr recurse remain: 250
10:18:50:840 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\History\Low
10:18:50:840 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\History\Low\) returned status 00000000
10:18:50:841 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\History
10:18:50:841 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\History\) returned status 00000000
10:18:50:842 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files. Curr recurse remain: 251
10:18:50:842 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low. Curr recurse remain: 250
10:18:50:843 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
10:18:50:843 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\) returned status 00000000
10:18:50:843 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized. Curr recurse remain: 250
10:18:50:844 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
10:18:50:844 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\) returned status 00000000
10:18:50:845 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files
10:18:50:845 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\) returned status 00000000
10:18:50:846 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WER. Curr recurse remain: 251
10:18:50:846 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WER\ERC. Curr recurse remain: 250
10:18:50:846 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WER\ERC\ResponseCache. Curr recurse remain: 249
10:18:50:847 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WER\ERC\ResponseCache
10:18:50:847 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\WER\ERC\ResponseCache\) returned status 00000000
10:18:50:848 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WER\ERC
10:18:50:848 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\WER\ERC\) returned status 00000000
10:18:50:848 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WER\ReportArchive. Curr recurse remain: 250
10:18:50:849 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WER\ReportArchive
10:18:50:849 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\WER\ReportArchive\) returned status 00000000
10:18:50:850 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WER\ReportQueue. Curr recurse remain: 250
10:18:50:850 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WER\ReportQueue
10:18:50:850 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\WER\ReportQueue\) returned status 00000000
10:18:50:851 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WER
10:18:50:851 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\WER\) returned status 00000000
10:18:50:852 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows
10:18:50:852 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\) returned status 00000000
10:18:50:853 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows Defender. Curr recurse remain: 252
10:18:50:853 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows Defender\FileTracker. Curr recurse remain: 251
10:18:50:854 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows Defender\FileTracker
10:18:50:854 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows Defender\FileTracker\) returned status 00000000
10:18:50:855 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows Defender
10:18:50:855 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows Defender\) returned status 00000000
10:18:50:855 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows Mail. Curr recurse remain: 252
10:18:50:865 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows Mail\Backup. Curr recurse remain: 251
10:18:50:865 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows Mail\Backup\new. Curr recurse remain: 250
10:18:50:882 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows Mail\Backup\new
10:18:50:882 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows Mail\Backup\new\) returned status 00000000
10:18:50:884 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows Mail\Backup
10:18:50:885 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows Mail\Backup\) returned status 00000000
10:18:50:886 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows Mail\Stationery. Curr recurse remain: 251
10:18:50:932 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows Mail\Stationery
10:18:50:932 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows Mail\Stationery\) returned status 00000000
10:18:50:933 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows Mail
10:18:50:933 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows Mail\) returned status 00000000
10:18:50:934 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows Media. Curr recurse remain: 252
10:18:50:934 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows Media\11.0. Curr recurse remain: 251
10:18:50:948 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows Media\11.0
10:18:50:948 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows Media\11.0\) returned status 00000000
10:18:50:949 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows Media
10:18:50:949 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows Media\) returned status 00000000
10:18:50:949 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows Sidebar. Curr recurse remain: 252
10:18:50:950 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft\Windows Sidebar\Gadgets. Curr recurse remain: 251
10:18:50:950 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows Sidebar\Gadgets
10:18:50:950 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows Sidebar\Gadgets\) returned status 00000000
10:18:50:951 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft\Windows Sidebar
10:18:50:951 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\Windows Sidebar\) returned status 00000000
10:18:50:952 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft
10:18:50:952 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft\) returned status 00000000
10:18:50:953 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\Microsoft Help. Curr recurse remain: 253
10:18:50:954 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\Microsoft Help
10:18:50:954 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\Microsoft Help\) returned status 00000000
10:18:50:956 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Local\temp. Curr recurse remain: 253
10:18:50:956 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local\temp
10:18:50:956 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\temp\) returned status 00000000
10:18:50:958 4388 ProcessEnumEx: (C:\Users\Administrator\AppData\Local\Temporary Internet Files) - Reparse point detected!
 
10:18:50:958 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Local
10:18:50:958 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Local\) returned status 00000000
10:18:50:959 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow. Curr recurse remain: 254
10:18:50:960 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Microsoft. Curr recurse remain: 253
10:18:50:960 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache. Curr recurse remain: 252
10:18:50:961 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content. Curr recurse remain: 251
10:18:50:972 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
10:18:50:972 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\) returned status 00000000
10:18:50:973 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData. Curr recurse remain: 251
10:18:50:973 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
10:18:50:974 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\) returned status 00000000
10:18:50:974 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache
10:18:50:975 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\) returned status 00000000
10:18:50:975 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Microsoft
10:18:50:975 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Microsoft\) returned status 00000000
10:18:50:976 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun. Curr recurse remain: 253
10:18:50:976 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java. Curr recurse remain: 252
10:18:50:977 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment. Curr recurse remain: 251
10:18:50:977 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache. Curr recurse remain: 250
10:18:50:977 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0. Curr recurse remain: 249
10:18:50:997 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0. Curr recurse remain: 248
10:18:50:998 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0
10:18:50:998 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\) returned status 00000000
10:18:50:999 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1. Curr recurse remain: 248
10:18:50:999 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1
10:18:50:999 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\) returned status 00000000
10:18:51:000 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10. Curr recurse remain: 248
10:18:51:001 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10
10:18:51:001 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\) returned status 00000000
10:18:51:001 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11. Curr recurse remain: 248
10:18:51:002 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11
10:18:51:002 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\) returned status 00000000
10:18:51:003 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12. Curr recurse remain: 248
10:18:51:004 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12
10:18:51:004 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\) returned status 00000000
10:18:51:006 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13. Curr recurse remain: 248
10:18:51:006 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13
10:18:51:006 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\) returned status 00000000
10:18:51:008 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14. Curr recurse remain: 248
10:18:51:008 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14
10:18:51:009 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\) returned status 00000000
10:18:51:010 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15. Curr recurse remain: 248
10:18:51:011 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15
10:18:51:011 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\) returned status 00000000
10:18:51:012 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16. Curr recurse remain: 248
10:18:51:013 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16
10:18:51:013 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\) returned status 00000000
10:18:51:015 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17. Curr recurse remain: 248
10:18:51:015 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17
10:18:51:015 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\) returned status 00000000
10:18:51:017 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18. Curr recurse remain: 248
10:18:51:017 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18
10:18:51:018 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\) returned status 00000000
10:18:51:019 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19. Curr recurse remain: 248
10:18:51:020 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19
10:18:51:020 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\) returned status 00000000
10:18:51:021 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2. Curr recurse remain: 248
10:18:51:022 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2
10:18:51:022 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\) returned status 00000000
10:18:51:023 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20. Curr recurse remain: 248
10:18:51:024 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20
10:18:51:024 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\) returned status 00000000
10:18:51:025 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21. Curr recurse remain: 248
10:18:51:025 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21
10:18:51:025 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\) returned status 00000000
10:18:51:026 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22. Curr recurse remain: 248
10:18:51:026 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22
10:18:51:026 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\) returned status 00000000
10:18:51:027 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23. Curr recurse remain: 248
10:18:51:027 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23
10:18:51:028 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\) returned status 00000000
10:18:51:029 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24. Curr recurse remain: 248
10:18:51:030 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24
10:18:51:030 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\) returned status 00000000
10:18:51:031 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25. Curr recurse remain: 248
10:18:51:032 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25
10:18:51:032 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\) returned status 00000000
10:18:51:034 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26. Curr recurse remain: 248
10:18:51:034 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26
10:18:51:035 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\) returned status 00000000
10:18:51:036 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27. Curr recurse remain: 248
10:18:51:037 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27
10:18:51:037 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\) returned status 00000000
10:18:51:039 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28. Curr recurse remain: 248
10:18:51:039 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28
10:18:51:039 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\) returned status 00000000
10:18:51:041 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29. Curr recurse remain: 248
10:18:51:042 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29
10:18:51:042 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\) returned status 00000000
10:18:51:043 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3. Curr recurse remain: 248
10:18:51:044 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3
10:18:51:044 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\) returned status 00000000
10:18:51:045 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30. Curr recurse remain: 248
10:18:51:046 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30
10:18:51:046 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\) returned status 00000000
10:18:51:048 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31. Curr recurse remain: 248
10:18:51:048 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31
10:18:51:049 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\) returned status 00000000
10:18:51:050 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32. Curr recurse remain: 248
10:18:51:051 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32
10:18:51:051 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\) returned status 00000000
10:18:51:052 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33. Curr recurse remain: 248
10:18:51:053 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33
10:18:51:053 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\) returned status 00000000
10:18:51:055 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34. Curr recurse remain: 248
10:18:51:056 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34
10:18:51:056 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\) returned status 00000000
10:18:51:057 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35. Curr recurse remain: 248
10:18:51:058 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35
10:18:51:058 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\) returned status 00000000
10:18:51:060 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36. Curr recurse remain: 248
10:18:51:060 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36
10:18:51:060 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\) returned status 00000000
10:18:51:062 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37. Curr recurse remain: 248
10:18:51:062 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37
10:18:51:063 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\) returned status 00000000
10:18:51:064 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38. Curr recurse remain: 248
10:18:51:065 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38
10:18:51:065 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\) returned status 00000000
10:18:51:066 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39. Curr recurse remain: 248
10:18:51:067 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39
10:18:51:067 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\) returned status 00000000
10:18:51:069 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4. Curr recurse remain: 248
10:18:51:070 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4
10:18:51:070 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\) returned status 00000000
10:18:51:071 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40. Curr recurse remain: 248
10:18:51:072 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40
10:18:51:072 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\) returned status 00000000
10:18:51:074 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41. Curr recurse remain: 248
10:18:51:074 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41
10:18:51:075 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\) returned status 00000000
10:18:51:076 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42. Curr recurse remain: 248
10:18:51:077 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42
10:18:51:077 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\) returned status 00000000
10:18:51:078 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43. Curr recurse remain: 248
10:18:51:079 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43
10:18:51:079 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\) returned status 00000000
10:18:51:081 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44. Curr recurse remain: 248
10:18:51:081 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44
10:18:51:081 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\) returned status 00000000
10:18:51:083 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45. Curr recurse remain: 248
10:18:51:083 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45
10:18:51:084 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\) returned status 00000000
10:18:51:085 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46. Curr recurse remain: 248
10:18:51:086 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46
10:18:51:086 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\) returned status 00000000
10:18:51:087 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47. Curr recurse remain: 248
10:18:51:088 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47
10:18:51:088 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\) returned status 00000000
10:18:51:090 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48. Curr recurse remain: 248
10:18:51:090 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48
10:18:51:091 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\) returned status 00000000
10:18:51:092 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49. Curr recurse remain: 248
10:18:51:093 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49
10:18:51:093 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\) returned status 00000000
10:18:51:094 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5. Curr recurse remain: 248
10:18:51:095 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5
10:18:51:095 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\) returned status 00000000
10:18:51:096 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50. Curr recurse remain: 248
10:18:51:097 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50
10:18:51:097 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\) returned status 00000000
10:18:51:099 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51. Curr recurse remain: 248
10:18:51:099 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51
10:18:51:099 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\) returned status 00000000
10:18:51:101 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52. Curr recurse remain: 248
10:18:51:102 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52
10:18:51:102 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\) returned status 00000000
10:18:51:103 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53. Curr recurse remain: 248
10:18:51:104 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53
10:18:51:104 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\) returned status 00000000
10:18:51:106 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54. Curr recurse remain: 248
10:18:51:107 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54
10:18:51:107 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\) returned status 00000000
10:18:51:108 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55. Curr recurse remain: 248
10:18:51:109 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55
10:18:51:109 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\) returned status 00000000
10:18:51:110 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56. Curr recurse remain: 248
10:18:51:111 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56
10:18:51:111 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\) returned status 00000000
10:18:51:113 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57. Curr recurse remain: 248
10:18:51:114 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57
10:18:51:114 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\) returned status 00000000
10:18:51:116 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58. Curr recurse remain: 248
10:18:51:117 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58
10:18:51:117 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\) returned status 00000000
10:18:51:118 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59. Curr recurse remain: 248
10:18:51:119 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59
10:18:51:119 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\) returned status 00000000
10:18:51:121 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6. Curr recurse remain: 248
10:18:51:121 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6
10:18:51:122 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\) returned status 00000000
10:18:51:123 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60. Curr recurse remain: 248
10:18:51:124 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60
10:18:51:124 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\) returned status 00000000
10:18:51:126 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61. Curr recurse remain: 248
10:18:51:126 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61
10:18:51:127 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\) returned status 00000000
10:18:51:128 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62. Curr recurse remain: 248
10:18:51:129 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62
10:18:51:129 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\) returned status 00000000
10:18:51:130 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63. Curr recurse remain: 248
10:18:51:131 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63
10:18:51:131 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\) returned status 00000000
10:18:51:132 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7. Curr recurse remain: 248
10:18:51:132 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7
10:18:51:132 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\) returned status 00000000
10:18:51:133 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8. Curr recurse remain: 248
10:18:51:133 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8
10:18:51:133 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\) returned status 00000000
10:18:51:134 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9. Curr recurse remain: 248
10:18:51:135 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9
10:18:51:135 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\) returned status 00000000
10:18:51:135 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host. Curr recurse remain: 248
10:18:51:136 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host
10:18:51:136 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host\) returned status 00000000
10:18:51:137 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin. Curr recurse remain: 248
10:18:51:137 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin
10:18:51:137 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin\) returned status 00000000
10:18:51:138 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0
10:18:51:138 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\) returned status 00000000
10:18:51:139 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache
10:18:51:139 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\) returned status 00000000
10:18:51:140 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache. Curr recurse remain: 250
10:18:51:140 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0. Curr recurse remain: 249
10:18:51:202 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\0. Curr recurse remain: 248
10:18:51:203 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\0
10:18:51:203 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\0\) returned status 00000000
10:18:51:204 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\1. Curr recurse remain: 248
10:18:51:204 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\1
10:18:51:204 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\1\) returned status 00000000
10:18:51:205 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\10. Curr recurse remain: 248
10:18:51:206 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\10
10:18:51:206 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\10\) returned status 00000000
10:18:51:208 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\11. Curr recurse remain: 248
10:18:51:208 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\11
10:18:51:208 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\11\) returned status 00000000
10:18:51:209 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\12. Curr recurse remain: 248
10:18:51:210 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\12
10:18:51:210 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\12\) returned status 00000000
10:18:51:210 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\13. Curr recurse remain: 248
10:18:51:211 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\13
10:18:51:211 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\13\) returned status 00000000
10:18:51:212 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\14. Curr recurse remain: 248
10:18:51:212 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\14
10:18:51:212 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\14\) returned status 00000000
10:18:51:213 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\15. Curr recurse remain: 248
10:18:51:214 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\15
10:18:51:214 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\15\) returned status 00000000
10:18:51:214 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\16. Curr recurse remain: 248
10:18:51:215 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\16
10:18:51:215 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\16\) returned status 00000000
10:18:51:216 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17. Curr recurse remain: 248
10:18:51:216 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17
 
10:18:51:216 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\) returned status 00000000
10:18:51:217 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\18. Curr recurse remain: 248
10:18:51:217 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\18
10:18:51:217 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\18\) returned status 00000000
10:18:51:218 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\19. Curr recurse remain: 248
10:18:51:219 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\19
10:18:51:219 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\19\) returned status 00000000
10:18:51:219 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\2. Curr recurse remain: 248
10:18:51:220 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\2
10:18:51:220 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\2\) returned status 00000000
10:18:51:221 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\20. Curr recurse remain: 248
10:18:51:221 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\20
10:18:51:221 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\20\) returned status 00000000
10:18:51:222 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\21. Curr recurse remain: 248
10:18:51:222 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\21
10:18:51:223 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\21\) returned status 00000000
10:18:51:224 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\22. Curr recurse remain: 248
10:18:51:225 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\22
10:18:51:225 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\22\) returned status 00000000
10:18:51:227 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23. Curr recurse remain: 248
10:18:51:227 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23
10:18:51:227 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\) returned status 00000000
10:18:51:229 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\24. Curr recurse remain: 248
10:18:51:230 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\24
10:18:51:230 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\24\) returned status 00000000
10:18:51:231 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\25. Curr recurse remain: 248
10:18:51:232 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\25
10:18:51:232 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\25\) returned status 00000000
10:18:51:234 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26. Curr recurse remain: 248
10:18:51:234 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26
10:18:51:234 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26\) returned status 00000000
10:18:51:236 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\27. Curr recurse remain: 248
10:18:51:236 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\27
10:18:51:237 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\27\) returned status 00000000
10:18:51:238 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\28. Curr recurse remain: 248
10:18:51:239 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\28
10:18:51:239 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\28\) returned status 00000000
10:18:51:240 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\29. Curr recurse remain: 248
10:18:51:241 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\29
10:18:51:241 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\29\) returned status 00000000
10:18:51:243 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\3. Curr recurse remain: 248
10:18:51:243 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\3
10:18:51:244 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\3\) returned status 00000000
10:18:51:245 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\30. Curr recurse remain: 248
10:18:51:246 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\30
10:18:51:246 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\30\) returned status 00000000
10:18:51:247 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\31. Curr recurse remain: 248
10:18:51:248 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\31
10:18:51:248 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\31\) returned status 00000000
10:18:51:249 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32. Curr recurse remain: 248
10:18:51:250 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32
10:18:51:250 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\) returned status 00000000
10:18:51:250 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\33. Curr recurse remain: 248
10:18:51:251 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\33
10:18:51:251 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\33\) returned status 00000000
10:18:51:252 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\34. Curr recurse remain: 248
10:18:51:252 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\34
10:18:51:252 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\34\) returned status 00000000
10:18:51:253 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\35. Curr recurse remain: 248
10:18:51:254 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\35
10:18:51:254 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\35\) returned status 00000000
10:18:51:255 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\36. Curr recurse remain: 248
10:18:51:255 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\36
10:18:51:255 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\36\) returned status 00000000
10:18:51:256 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\37. Curr recurse remain: 248
10:18:51:256 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\37
10:18:51:256 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\37\) returned status 00000000
10:18:51:257 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\38. Curr recurse remain: 248
10:18:51:257 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\38
10:18:51:257 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\38\) returned status 00000000
10:18:51:258 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\39. Curr recurse remain: 248
10:18:51:259 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\39
10:18:51:259 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\39\) returned status 00000000
10:18:51:259 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4. Curr recurse remain: 248
10:18:51:260 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4
10:18:51:260 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\) returned status 00000000
10:18:51:261 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\40. Curr recurse remain: 248
10:18:51:261 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\40
10:18:51:261 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\40\) returned status 00000000
10:18:51:262 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\41. Curr recurse remain: 248
10:18:51:262 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\41
10:18:51:262 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\41\) returned status 00000000
10:18:51:263 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42. Curr recurse remain: 248
10:18:51:263 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42
10:18:51:264 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\) returned status 00000000
10:18:51:264 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\43. Curr recurse remain: 248
10:18:51:265 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\43
10:18:51:265 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\43\) returned status 00000000
10:18:51:266 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\44. Curr recurse remain: 248
10:18:51:266 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\44
10:18:51:266 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\44\) returned status 00000000
10:18:51:267 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\45. Curr recurse remain: 248
10:18:51:267 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\45
10:18:51:267 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\45\) returned status 00000000
10:18:51:268 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46. Curr recurse remain: 248
10:18:51:269 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46
10:18:51:269 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\) returned status 00000000
10:18:51:270 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\47. Curr recurse remain: 248
10:18:51:270 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\47
10:18:51:270 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\47\) returned status 00000000
10:18:51:271 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\48. Curr recurse remain: 248
10:18:51:271 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\48
10:18:51:271 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\48\) returned status 00000000
10:18:51:272 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\49. Curr recurse remain: 248
10:18:51:272 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\49
10:18:51:273 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\49\) returned status 00000000
10:18:51:273 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\5. Curr recurse remain: 248
10:18:51:274 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\5
10:18:51:274 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\5\) returned status 00000000
10:18:51:275 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50. Curr recurse remain: 248
10:18:51:275 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50
10:18:51:275 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\) returned status 00000000
10:18:51:276 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\51. Curr recurse remain: 248
10:18:51:276 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\51
10:18:51:276 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\51\) returned status 00000000
10:18:51:277 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\52. Curr recurse remain: 248
10:18:51:277 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\52
10:18:51:278 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\52\) returned status 00000000
10:18:51:278 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\53. Curr recurse remain: 248
10:18:51:279 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\53
10:18:51:279 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\53\) returned status 00000000
10:18:51:279 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54. Curr recurse remain: 248
10:18:51:280 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54
10:18:51:280 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\) returned status 00000000
10:18:51:281 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\55. Curr recurse remain: 248
10:18:51:281 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\55
10:18:51:281 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\55\) returned status 00000000
10:18:51:282 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\56. Curr recurse remain: 248
10:18:51:282 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\56
10:18:51:282 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\56\) returned status 00000000
10:18:51:283 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\57. Curr recurse remain: 248
10:18:51:283 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\57
10:18:51:284 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\57\) returned status 00000000
10:18:51:284 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\58. Curr recurse remain: 248
10:18:51:285 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\58
10:18:51:285 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\58\) returned status 00000000
10:18:51:285 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\59. Curr recurse remain: 248
10:18:51:286 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\59
10:18:51:286 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\59\) returned status 00000000
10:18:51:287 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\6. Curr recurse remain: 248
10:18:51:287 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\6
10:18:51:287 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\6\) returned status 00000000
10:18:51:288 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\60. Curr recurse remain: 248
10:18:51:288 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\60
10:18:51:289 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\60\) returned status 00000000
10:18:51:289 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\61. Curr recurse remain: 248
10:18:51:290 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\61
10:18:51:290 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\61\) returned status 00000000
10:18:51:290 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\62. Curr recurse remain: 248
10:18:51:291 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\62
10:18:51:291 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\62\) returned status 00000000
10:18:51:292 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\63. Curr recurse remain: 248
10:18:51:292 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\63
10:18:51:292 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\63\) returned status 00000000
10:18:51:293 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\7. Curr recurse remain: 248
10:18:51:293 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\7
10:18:51:293 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\7\) returned status 00000000
10:18:51:294 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\8. Curr recurse remain: 248
10:18:51:295 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\8
10:18:51:295 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\8\) returned status 00000000
10:18:51:295 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\9. Curr recurse remain: 248
10:18:51:296 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\9
10:18:51:296 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\9\) returned status 00000000
10:18:51:297 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0
10:18:51:297 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\) returned status 00000000
10:18:51:298 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache
10:18:51:298 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\) returned status 00000000
10:18:51:298 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment
10:18:51:299 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\) returned status 00000000
10:18:51:299 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun\Java
10:18:51:299 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\Java\) returned status 00000000
10:18:51:300 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow\Sun
10:18:51:300 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\Sun\) returned status 00000000
10:18:51:301 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\LocalLow
10:18:51:301 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\LocalLow\) returned status 00000000
10:18:51:302 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming. Curr recurse remain: 254
10:18:51:302 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\ATI. Curr recurse remain: 253
10:18:51:302 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\ATI\ACE. Curr recurse remain: 252
10:18:51:302 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\ATI\ACE
10:18:51:302 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\ATI\ACE\) returned status 00000000
10:18:51:304 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\ATI
10:18:51:304 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\ATI\) returned status 00000000
10:18:51:306 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Canon. Curr recurse remain: 253
10:18:51:306 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Canon\Solution Menu EX. Curr recurse remain: 252
10:18:51:306 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Canon\Solution Menu EX\Files. Curr recurse remain: 251
10:18:51:307 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Canon\Solution Menu EX\Files
10:18:51:307 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Canon\Solution Menu EX\Files\) returned status 00000000
10:18:51:308 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Canon\Solution Menu EX\Update. Curr recurse remain: 251
10:18:51:308 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Canon\Solution Menu EX\Update
10:18:51:308 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Canon\Solution Menu EX\Update\) returned status 00000000
10:18:51:309 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Canon\Solution Menu EX\Updatedate. Curr recurse remain: 251
10:18:51:310 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Canon\Solution Menu EX\Updatedate
10:18:51:310 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Canon\Solution Menu EX\Updatedate\) returned status 00000000
10:18:51:311 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Canon\Solution Menu EX
10:18:51:311 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Canon\Solution Menu EX\) returned status 00000000
10:18:51:313 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Canon
10:18:51:316 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Canon\) returned status 00000000
10:18:51:317 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Identities. Curr recurse remain: 253
10:18:51:317 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Identities\{4FF35DDD-4401-481A-9C74-AFB5EC57599C}. Curr recurse remain: 252
10:18:51:317 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Identities\{4FF35DDD-4401-481A-9C74-AFB5EC57599C}
10:18:51:318 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Identities\{4FF35DDD-4401-481A-9C74-AFB5EC57599C}\) returned status 00000000
10:18:51:318 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Identities
10:18:51:318 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Identities\) returned status 00000000
10:18:51:319 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Malwarebytes. Curr recurse remain: 253
10:18:51:319 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware. Curr recurse remain: 252
10:18:51:320 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs. Curr recurse remain: 251
10:18:51:338 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs
10:18:51:338 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\) returned status 00000000
10:18:51:340 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine. Curr recurse remain: 251
10:18:51:340 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine
10:18:51:341 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\) returned status 00000000
10:18:51:342 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware
10:18:51:343 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\) returned status 00000000
10:18:51:344 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Malwarebytes
10:18:51:344 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Malwarebytes\) returned status 00000000
10:18:51:346 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Media Center Programs. Curr recurse remain: 253
10:18:51:346 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Media Center Programs
10:18:51:346 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Media Center Programs\) returned status 00000000
10:18:51:348 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft. Curr recurse remain: 253
10:18:51:348 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Credentials. Curr recurse remain: 252
10:18:51:349 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Credentials
10:18:51:349 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Credentials\) returned status 00000000
10:18:51:350 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer. Curr recurse remain: 252
10:18:51:350 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch. Curr recurse remain: 251
10:18:51:351 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
10:18:51:351 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\) returned status 00000000
10:18:51:352 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\UserData. Curr recurse remain: 251
10:18:51:352 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low. Curr recurse remain: 250
10:18:51:352 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
10:18:51:352 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low\) returned status 00000000
10:18:51:353 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\UserData
10:18:51:353 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\UserData\) returned status 00000000
10:18:51:354 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer
10:18:51:354 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\) returned status 00000000
10:18:51:355 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Protect. Curr recurse remain: 252
10:18:51:355 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Protect\S-1-5-21-2230609155-3124472653-3679513960-500. Curr recurse remain: 251
10:18:51:361 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Protect\S-1-5-21-2230609155-3124472653-3679513960-500
10:18:51:361 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Protect\S-1-5-21-2230609155-3124472653-3679513960-500\) returned status 00000000
10:18:51:362 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Protect
10:18:51:363 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Protect\) returned status 00000000
10:18:51:363 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates. Curr recurse remain: 252
10:18:51:364 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My. Curr recurse remain: 251
10:18:51:364 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates. Curr recurse remain: 250
10:18:51:364 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
10:18:51:364 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\) returned status 00000000
10:18:51:365 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs. Curr recurse remain: 250
10:18:51:365 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
10:18:51:365 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\) returned status 00000000
10:18:51:366 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs. Curr recurse remain: 250
10:18:51:367 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
10:18:51:367 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\) returned status 00000000
10:18:51:367 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My
10:18:51:368 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My\) returned status 00000000
10:18:51:368 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates
10:18:51:368 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates\) returned status 00000000
10:18:51:369 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows. Curr recurse remain: 252
10:18:51:369 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies. Curr recurse remain: 251
10:18:51:370 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\Low. Curr recurse remain: 250
10:18:51:370 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\Low
10:18:51:370 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\Low\) returned status 00000000
10:18:51:371 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies
10:18:51:371 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\) returned status 00000000
10:18:51:372 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IECompatCache. Curr recurse remain: 251
10:18:51:372 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IECompatCache\Low. Curr recurse remain: 250
10:18:51:372 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
10:18:51:373 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IECompatCache\Low\) returned status 00000000
10:18:51:373 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IECompatCache
10:18:51:373 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IECompatCache\) returned status 00000000
10:18:51:374 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IETldCache. Curr recurse remain: 251
10:18:51:374 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IETldCache\Low. Curr recurse remain: 250
10:18:51:375 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IETldCache\Low
10:18:51:375 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IETldCache\Low\) returned status 00000000
10:18:51:376 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IETldCache
10:18:51:376 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IETldCache\) returned status 00000000
10:18:51:376 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Network Shortcuts. Curr recurse remain: 251
10:18:51:377 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Network Shortcuts
10:18:51:377 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Network Shortcuts\) returned status 00000000
10:18:51:378 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Printer Shortcuts. Curr recurse remain: 251
10:18:51:378 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
10:18:51:378 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\) returned status 00000000
10:18:51:379 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\PrivacIE. Curr recurse remain: 251
10:18:51:379 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\PrivacIE\Low. Curr recurse remain: 250
10:18:51:379 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
10:18:51:379 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\PrivacIE\Low\) returned status 00000000
10:18:51:381 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\PrivacIE
10:18:51:381 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\PrivacIE\) returned status 00000000
10:18:51:383 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent. Curr recurse remain: 251
10:18:51:383 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent
10:18:51:383 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\) returned status 00000000
10:18:51:384 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo. Curr recurse remain: 251
10:18:51:402 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo
10:18:51:402 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo\) returned status 00000000
10:18:51:403 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu. Curr recurse remain: 251
10:18:51:403 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs. Curr recurse remain: 250
10:18:51:404 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories. Curr recurse remain: 249
10:18:51:404 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility. Curr recurse remain: 248
10:18:51:408 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
10:18:51:408 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\) returned status 00000000
10:18:51:409 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools. Curr recurse remain: 248
10:18:51:424 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
10:18:51:424 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\) returned status 00000000
10:18:51:425 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
10:18:51:425 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\) returned status 00000000
10:18:51:426 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools. Curr recurse remain: 249
10:18:51:426 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
10:18:51:426 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools\) returned status 00000000
10:18:51:427 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite. Curr recurse remain: 249
 
10:18:51:428 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\LabelPrint. Curr recurse remain: 248
10:18:51:428 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\LabelPrint
10:18:51:428 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\LabelPrint\) returned status 00000000
10:18:51:429 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD. Curr recurse remain: 248
10:18:51:437 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD
10:18:51:437 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD\) returned status 00000000
10:18:51:438 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
10:18:51:438 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\) returned status 00000000
10:18:51:439 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance. Curr recurse remain: 249
10:18:51:439 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
10:18:51:439 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\) returned status 00000000
10:18:51:440 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup. Curr recurse remain: 249
10:18:51:441 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
10:18:51:441 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\) returned status 00000000
10:18:51:442 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
10:18:51:442 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\) returned status 00000000
10:18:51:442 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu
10:18:51:443 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\) returned status 00000000
10:18:51:443 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates. Curr recurse remain: 251
10:18:51:444 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates
10:18:51:444 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates\) returned status 00000000
10:18:51:444 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows
10:18:51:444 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\) returned status 00000000
10:18:51:445 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming\Microsoft
10:18:51:445 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\Microsoft\) returned status 00000000
10:18:51:446 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData\Roaming
10:18:51:446 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\Roaming\) returned status 00000000
10:18:51:447 4388 ScanDir: Scanning directory: C:\Users\Administrator\AppData
10:18:51:447 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\AppData\) returned status 00000000
10:18:51:448 4388 ProcessEnumEx: (C:\Users\Administrator\Application Data) - Reparse point detected!
10:18:51:448 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\Contacts. Curr recurse remain: 255
10:18:51:448 4388 ScanDir: Scanning directory: C:\Users\Administrator\Contacts
10:18:51:448 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\Contacts\) returned status 00000000
10:18:51:449 4388 ProcessEnumEx: (C:\Users\Administrator\Cookies) - Reparse point detected!
10:18:51:449 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\Desktop. Curr recurse remain: 255
10:18:51:449 4388 ScanDir: Scanning directory: C:\Users\Administrator\Desktop
10:18:51:449 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\Desktop\) returned status 00000000
10:18:51:450 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\Documents. Curr recurse remain: 255
10:18:51:450 4388 ProcessEnumEx: (C:\Users\Administrator\Documents\My Music) - Reparse point detected!
10:18:51:450 4388 ProcessEnumEx: (C:\Users\Administrator\Documents\My Pictures) - Reparse point detected!
10:18:51:450 4388 ProcessEnumEx: (C:\Users\Administrator\Documents\My Videos) - Reparse point detected!
10:18:51:450 4388 ScanDir: Scanning directory: C:\Users\Administrator\Documents
10:18:51:450 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\Documents\) returned status 00000000
10:18:51:451 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\Downloads. Curr recurse remain: 255
10:18:51:452 4388 ScanDir: Scanning directory: C:\Users\Administrator\Downloads
10:18:51:452 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\Downloads\) returned status 00000000
10:18:51:452 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\Favorites. Curr recurse remain: 255
10:18:51:453 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\Favorites\Links. Curr recurse remain: 254
10:18:51:453 4388 ScanDir: Scanning directory: C:\Users\Administrator\Favorites\Links
10:18:51:453 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\Favorites\Links\) returned status 00000000
10:18:51:454 4388 ScanDir: Scanning directory: C:\Users\Administrator\Favorites
10:18:51:454 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\Favorites\) returned status 00000000
10:18:51:454 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\Links. Curr recurse remain: 255
10:18:51:468 4388 ScanDir: Scanning directory: C:\Users\Administrator\Links
10:18:51:468 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\Links\) returned status 00000000
10:18:51:469 4388 ProcessEnumEx: (C:\Users\Administrator\Local Settings) - Reparse point detected!
10:18:51:469 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\Music. Curr recurse remain: 255
10:18:51:470 4388 ScanDir: Scanning directory: C:\Users\Administrator\Music
10:18:51:470 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\Music\) returned status 00000000
10:18:51:470 4388 ProcessEnumEx: (C:\Users\Administrator\My Documents) - Reparse point detected!
10:18:51:470 4388 ProcessEnumEx: (C:\Users\Administrator\NetHood) - Reparse point detected!
10:18:51:471 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\Pictures. Curr recurse remain: 255
10:18:51:471 4388 ScanDir: Scanning directory: C:\Users\Administrator\Pictures
10:18:51:471 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\Pictures\) returned status 00000000
10:18:51:472 4388 ProcessEnumEx: (C:\Users\Administrator\PrintHood) - Reparse point detected!
10:18:51:472 4388 ProcessEnumEx: (C:\Users\Administrator\Recent) - Reparse point detected!
10:18:51:472 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\Saved Games. Curr recurse remain: 255
10:18:51:472 4388 ScanDir: Scanning directory: C:\Users\Administrator\Saved Games
10:18:51:472 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\Saved Games\) returned status 00000000
10:18:51:473 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\Searches. Curr recurse remain: 255
10:18:51:478 4388 ScanDir: Scanning directory: C:\Users\Administrator\Searches
10:18:51:478 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\Searches\) returned status 00000000
10:18:51:478 4388 ProcessEnumEx: (C:\Users\Administrator\SendTo) - Reparse point detected!
10:18:51:478 4388 ProcessEnumEx: (C:\Users\Administrator\Start Menu) - Reparse point detected!
10:18:51:479 4388 ProcessEnumEx: (C:\Users\Administrator\Templates) - Reparse point detected!
10:18:51:479 4388 ProcessEnumEx: Starting enum on path: C:\Users\Administrator\Videos. Curr recurse remain: 255
10:18:51:479 4388 ScanDir: Scanning directory: C:\Users\Administrator\Videos
10:18:51:479 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\Videos\) returned status 00000000
10:18:51:480 4388 ScanDir: Scanning directory: C:\Users\Administrator
10:18:51:480 4388 MyNtCreateFileW: NtCreateFile(\??\C:\Users\Administrator\) returned status 00000000
10:18:51:480 4388 ZBotMainCure: Enum stopped on index 5 and status 259
10:18:51:481 4388
10:18:51:481 4388
Completed
Results:
10:18:51:482 4388 Infected files: 0
10:18:51:482 4388 Infected threads: 0
10:18:51:484 4388 Unhooked functions: 47
10:18:51:485 4388 Deleted files: 0
10:18:51:486 4388 Fixed registry keys: 0
 
Hmm, strange. It didn't find ZBOT. :p Let's do the following:

CapperKiller Scan

The CapperKiller utility is designed for treating the aftermaths of a Trojan-Banker.Win32.Capper infection.

How to use the utility:
  • Download the CapperKiller.exe utility.
  • Run CapperKiller.exe

    9208-1-en.png
  • A reboot may be required after the treatment. Please make sure it reboots, if it asks.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "CapperKiller.[Version]_[Date]_[Time]_log.txt".
  • Please copy and paste its contents on your next reply.
  • Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.
 
CapperKiller log:

10:41:58.0969 2332 Trojan-Banker.Win32.Capper removal tool 1.0.6.0 Oct 26 2012 17:47:38
10:41:59.0232 2332 ============================================================
10:41:59.0232 2332 Current date / time: 2012/10/31 10:41:59.0232
10:41:59.0232 2332 SystemInfo:
10:41:59.0232 2332
10:41:59.0232 2332 OS Version: 6.0.6002 ServicePack: 2.0
10:41:59.0232 2332 Product type: Workstation
10:41:59.0232 2332 ComputerName: NEWLAPTOP
10:41:59.0233 2332 UserName: Tamara Fulcher
10:41:59.0233 2332 Windows directory: C:\Windows
10:41:59.0233 2332 System windows directory: C:\Windows
10:41:59.0233 2332 Processor architecture: Intel x86
10:41:59.0233 2332 Number of processors: 2
10:41:59.0233 2332 Page size: 0x1000
10:41:59.0233 2332 Boot type: Normal boot
10:41:59.0233 2332 ============================================================
10:41:59.0234 2332 Initialize success
10:41:59.0234 2332 ============================================================
10:42:35.0536 4280 ================================================================================
10:42:35.0536 4280 Scan started
10:42:35.0536 4280 ================================================================================
10:42:35.0551 4280 ProcessDriveEnumEx: Drive C:\ type 3:0
10:49:46.0006 4280 ProcessDriveEnumEx: Drive D:\ type 3:0
10:50:02.0105 4280 ProcessDriveEnumEx: Drive E:\ type 5:0
10:50:02.0125 4280 ================================================================================
10:50:02.0125 4280 Scan finished
10:50:02.0125 4280 ================================================================================
 
I'm aware of this. Many times viruses/malware like the one we might be dealing with like to hide, and need to be caught. :D We'll do these hopefully final diagnostics...

Norman Malware Cleaner

Please download Norman Malware Cleaner and save to your desktop.
alternate download link
  • Double-click on Norman_Malware_Cleaner.exe to start the program.
  • Read the End User License Agreement and click the Accept button to open the scanning window.
  • Click Start Scan to begin.
  • In some cases Norman Malware Cleaner may require that you restart the computer to completely remove an infection. If prompted, reboot and run the tool again to ensure that all infections are removed.
  • After the scan has finished, a log file with the date (I.e. NFix_2009-06-22_07-08-56.log) will be created on your desktop with the results.
Note: For usb flash drives and/or other removable drives to scan, use the Add button to browse to the drives location, click on the drive to highlight and choose Ok.


RogueKiller Scan

  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
RGKRScan.png


  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.
RGKRDelete.png


  • The report has been created on the desktop.
  • Next click on the ShortcutsFix

    RGKRShortcutsFix.png
  • The report has been created on the desktop.
Please post:

All RKreport.txt text files located on your desktop.
 
I ran a full scan with Norman. Result as follows:

Norman Malware Cleaner v2.06.01
Copyright © 1990 - 2012, Norman ASA.
Norman Scanner Engine Version: 7.00.12
nvcbin.def: Version: 7.00.1690, Date: 2012/10/31 09:31:30, Variants: 15094728
nvcmacro.def: Version: 0.00.00, Date: 1970/01/01 00:00:00, Variants: 0
Operating System: Windows Vista Service Pack 2
Switches: /iagree /cleanrootkit
Scan started: 2012/11/01 10:27:45
Running pre-scan cleanup routine...
Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s
Scanning system for active rootkit activity...
Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 1s
Scanning running processes and process memory...
Number of objects found: 2885
Number of objects scanned: 2885
Number of objects not scanned: 0
Number of malicious memory objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 2m 36s
Scanning system for FakeAV...
Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s
Running full scan...
C:\Boot\BCD: Error opening file for read: 0x00000020
C:\Boot\BCD.LOG: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\IMpServiceEDB4FA23-53B8-4AFA-8C5D-99752CCA7094.lock: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\CacheManager\MpScanCache-0.bin: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-477BC3BEEE69D73ECB318A007C566C2031B3772F.bin.67: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-477BC3BEEE69D73ECB318A007C566C2031B3772F.bin.7E: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-477BC3BEEE69D73ECB318A007C566C2031B3772F.bin.80: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-477BC3BEEE69D73ECB318A007C566C2031B3772F.bin.87: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-477BC3BEEE69D73ECB318A007C566C2031B3772F.bin.A0: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-477BC3BEEE69D73ECB318A007C566C2031B3772F.bin.VE0: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-477BC3BEEE69D73ECB318A007C566C2031B3772F.bin.VE1: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-477BC3BEEE69D73ECB318A007C566C2031B3772F.bin.VE2: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-477BC3BEEE69D73ECB318A007C566C2031B3772F.bin.VF: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MpDiag.bin: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Google\Chrome\User Data\Default\Cache\index: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Google\Chrome\User Data\Default\Current Session: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Google\Chrome\User Data\lockfile: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{D8D85593-2348-11E2-B450-001377B44913}.dat: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{0C386230-234A-11E2-B450-001377B44913}.dat: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{4E4105E0-2356-11E2-B450-001377B44913}.dat: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{99A91A20-240C-11E2-B450-001377B44913}.dat: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{E58C5410-240D-11E2-B450-001377B44913}.dat: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Browser\data_0: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Browser\data_1: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Browser\data_3: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Browser\data_2: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Browser\index: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Storage\03\033cc2b75cd23f1b7f7a5bd7ddcb5984205836cb.file: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Storage\15\157d74c25ad47fa104670d4bb4e281398086591c.file: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Storage\16\16b426577d723fcadaedc3a8632dc854766110be.file: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Storage\26\267eaebcfac03df54a63cbcbca9a44b770fcac81.file: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Storage\46\46067ce98a0c78476c7a8c51d1d99a663bb7ac82.file: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Storage\59\595d76436ae4d65e83aa0cfdc417bcfdee376ed7.file: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Storage\71\715ffd9ba1502d135e21fa506414ae192a22097f.file: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Storage\7a\7adff29d314e52833f926e81cf93ae34eeb8bb04.file: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Storage\91\9145a2f6e9af41cff6299626b7b8c0e2213fd748.file: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Storage\a5\a59bdeac488823a4b400d9a6991f1cd7703e85d9.file: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Storage\ad\ada54316bc3279967378b9217dfa566d7c7537e6.file: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Storage\b8\b8f675e73b0ddd10a168f5e5b2f9b8a9647ade9b.file: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Storage\c4\c4f29b8b19866c52e6d373ce31c2d50a8393be6d.file: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Storage\df\dfb8d083744c85388f5255d9191986094e6417b0.file: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\Spotify\Storage\index.dat: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\temp\etilqs_DmyexJvJhjeaBpL: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\temp\~DF3AD8.tmp: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\temp\~DF625F.tmp: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\temp\~DFB8E0.tmp: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\temp\~DFC8E3.tmp: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Local\temp\~DFF7EF.tmp: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Roaming\Skype\shared_dynco\dc.lock: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\AppData\Roaming\Skype\shared_httpfe\queue.lock: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\ntuser.dat: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\Tamara Fulcher\ntuser.dat.LOG2: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG2: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0: Error opening file for read: 0x00000020
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\edb.log: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb: Error opening file for read: 0x00000020
C:\Windows\System32\config\COMPONENTS: Error opening file for read: 0x00000020
C:\Windows\System32\config\COMPONENTS.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\COMPONENTS.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\COMPONENTS: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\DEFAULT: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SAM: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SECURITY: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SOFTWARE: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SYSTEM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTkerberos.etl: Error opening file for read: 0x00000020
C:\Windows\temp\TMP0000079AFA432E81A9B707BD: Error opening file for read: 0x00000020
C:\Windows\temp\TMP0000079C9EE59B251CC9D6C7: Error opening file for read: 0x00000020
C:\Windows\temp\TMP000008207D723663E63A48DF: Error opening file for read: 0x00000020
Number of files found: 139571
Number of archives unpacked: 2909
Number of objects found: 449682
Number of objects scanned: 449572
Number of objects not scanned: 110
Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 1h 34m 10s
Running post-scan cleanup routine...
Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s
Results:
Total number of files found: 139571
Total number of archives unpacked: 2909
Total number of objects found: 452567
Total number of objects scanned: 452457
Total number of objects not scanned: 110
Total number of malicious objects found: 0
Total scanning time: 1h 36m 47s
 
Three reports from RogueKiller:

RogueKiller V8.2.1 [10/29/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com
Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Tamara Fulcher [Admin rights]
Mode : Scan -- Date : 11/01/2012 12:28:20
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Obhai ("C:\Users\Tamara Fulcher\AppData\Roaming\Zyuvym\yphow.exe") -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-2230609155-3124472653-3679513960-1003[...]\Run : Obhai ("C:\Users\Tamara Fulcher\AppData\Roaming\Zyuvym\yphow.exe") -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS543232L9A300 ATA Device +++++
--- User ---
[MBR] 07029813238b168e9339ab1b8ac5965d
[BSP] f4d4bb2db9739228656a9ded3e5c197e : KIWI Image system MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 88153 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 201510912 | Size: 206850 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1].txt >>
RKreport[1].txt
 
RogueKiller V8.2.1 [10/29/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com
Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Tamara Fulcher [Admin rights]
Mode : Remove -- Date : 11/01/2012 12:29:12
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 4 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Obhai ("C:\Users\Tamara Fulcher\AppData\Roaming\Zyuvym\yphow.exe") -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS543232L9A300 ATA Device +++++
--- User ---
[MBR] 07029813238b168e9339ab1b8ac5965d
[BSP] f4d4bb2db9739228656a9ded3e5c197e : KIWI Image system MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 88153 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 201510912 | Size: 206850 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
 
RogueKiller V8.2.1 [10/29/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com
Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Tamara Fulcher [Admin rights]
Mode : Shortcuts HJfix -- Date : 11/01/2012 12:30:33
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 1 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 15 / Fail 0
Start menu: Success 1 / Fail 0
User folder: Success 298 / Fail 0
My documents: Success 4 / Fail 4
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 396 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 125 / Fail 0
Backup: [NOT FOUND]
Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped
Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
 
Status
Not open for further replies.

Similar threads

D
Mini PCs sold on Amazon contained factory-installed spyware
Replies
16
Views
393
Fastturtle
F
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
Daniel Sims
Microsoft and Intel nail down what an "AI PC" is
Replies
18
Views
232
hwertz
hwertz

Latest posts

Back