DanielOverInPennsylvania Posted October 23, 2014 ID:895125 Share Posted October 23, 2014 I did click the Follow This Topic, but did not see where to receive immediate notifications. I've been messing with this, so let me give you the short version so you know where I'm at. Guess I should have started at this forum, but have run my laptop for two years without antivirus. I am pretty careful online. Oddly, I never activated my McAfee software, though it came as part of the package when I bought it, and clicked the nag screen away several times a day for those two years. It's still asking me to activate. Also oddly, its Site Advisor is active, and controlling Firewall, but that's all it does, and it's not from the program that came with my Best Buy Lenovo. I think it attached itself to a browser. AND, it's doing the job of having this malware from connecting.... It's a "risky connection" that McAfee is blocking that I know about where this sucker is: Users/dan2012/AppData/Roaming/Ahetax/dakus.exeAnd the .exec file fires up because "Bupekiuvfupila" is a "Startup Item" in System Configuration. In safe mode, I unchecked the box so it wouldn't load, but the dakus.exe still tries to run, but McAfee is still blocking it. It was interesting to search for Bupekiuvfupila and for dakus.exe in the reports. They show up not just at the "attention" arrows. Ran MS Safety Scanner for 6 hrs, 1,200,000 files; it cleaned a few things out.PWS:Win32/Zbot.gen!AP (Partially removed. I could not figure out what MS wanted me to do manually in addition, though I clicked to the page.)Trojan:MSIL/Injector.P (removed)TrojanDownloader:Win32/Notodar.A (removed) (I've been at this for 20 hrs straight.) Read an article in an online PC mag which recommended Malwarebytes (but not the forum). Went back to Safe Mode, ran disk cleanup on C: eliminated lots of temp files, as they recommended.Ran Malwarebytes, which found two other trojans, BUT NOT this dakus.exe, which is hanging me up. I changed folder options to see the system files, and found it and tried to rename dakus.exe to "stuff.jpg" (forgive my french) and it magically let me, but cloned itself right there in the directory [Ahetax] as good old dakus.exe. I gave up, found this forum, and here I am. When McAfee blocks these "risky connections" and notifies me, this is what they say. Always seems to be the same IP addresses, too. IP Address: 192.162.19.122Program: C:\USERS\DAN2012\APPDATA\ROAMING\AHETAX\DAKUS.EXE IP Addr: 5.79.66.43Program: Host Process for Windows Services IP Addr: 184.164.143.90Program: COM Surrogate NOTE: I have downloaded MSE to run realtime for now. I'm going today to Best Buy to get a hard drive to back up my files onto. (My other drive is 2000 miles away.) Here's the problem, though: the computer works fine if I turn the wifi off with the mechanical switch. But I can also get online with McAfee blocking the darn thing, which is the only way I can get back to the forum unless I venture into unfamiliar territory, like a library computer or something. That's how I downloaded MSE, FRST64, and Malwarebytes. And that's how I'm posting right now. But the browser works slowly, and sometimes "shell-something" stops working, and sometimes the video driver gives up, recovers, and sometimes crashes and I have to force restart. Only if I'm online. I got screenshots which I cropped on a lot of this stuff and saved in jpg format, if that'll help, but I forgot to take a screenshot of what malwarebytes eliminated. Here's my FRST and Additional txts, if they'll fit in one comment. (The site said not to bump a second comment on here or I might get missed, but I read some of the other threads and I see that sometimes you have to chop them up.) Thanks for whatever you can do to help me squash this bug. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-10-2014Ran by dan2012 (administrator) on DAN2012-PC on 23-10-2014 13:39:29Running from C:\Users\dan2012\DesktopLoaded Profile: dan2012 (Available profiles: dan2012)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe(AMD) C:\Windows\System32\atieclxx.exe(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe(Microsoft Corporation) C:\Windows\System32\StikyNot.exe() C:\Users\dan2012\AppData\Roaming\Ahetax\dakus.exe(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2538280 2010-12-22] (Synaptics Incorporated)HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2012-05-07] (Lenovo (Beijing) Limited)HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2012-05-07] (Lenovo(beijing) Limited)HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-05-07] (Lenovo)HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-28] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331_STI.EXE [548864 2011-06-15] (Vimicro)HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-11-05] (Egis Technology Inc.)HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202096 2010-11-05] (Egis Technology Inc.)HKLM-x32\...\Run: [VitaKeyTSR] => C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe [383344 2010-12-13] (Egis Technology Inc. )HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1675160 2012-03-21] (McAfee, Inc.)HKLM-x32\...\Run: [PLTSR] => C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe [364400 2010-10-22] (Egis Technology Inc. )HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-05-07] (Lenovo)HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-28] (CyberLink)HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-28] (CyberLink Corp.)HKLM-x32\...\Run: [updateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)HKLM-x32\...\Run: [updatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1942424 2014-10-10] (APN)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)HKLM\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-953073755-2712446163-3435037875-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)HKU\S-1-5-21-953073755-2712446163-3435037875-1000\...\Run: [bupekiuvfupila] => C:\Users\dan2012\AppData\Roaming\Ahetax\dakus.exe [306301 2014-10-23] ()HKU\S-1-5-21-953073755-2712446163-3435037875-1000\...\MountPoints2: {87b828b2-297d-11e2-b5de-f0def1f09e33} - G:\LaunchU3.exe -aHKU\S-1-5-21-953073755-2712446163-3435037875-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter EgisPLPwdFilterStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnkShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnkShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnkShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://us-mg6.mail.yahoo.com/neo/launch?HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENNHKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.facebook.com/HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No FileURLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)SearchScopes: HKCU - DefaultScope {4290B0D9-99DD-4FC6-8507-24073BA000F4} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US714D20140728&p={SearchTerms}SearchScopes: HKCU - {4290B0D9-99DD-4FC6-8507-24073BA000F4} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US714D20140728&p={SearchTerms}SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENNSearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =SearchScopes: HKCU - {E19052A8-9C4B-4F6A-8792-CF274F9E4247} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^TV&apn_dtid=^OSJ000^YY^US&apn_uid=EB6564D0-BEA3-4BA8-AAC2-1B5FF1B65916&apn_sauid=791D8917-788B-42FA-A376-0B0996D5057ABHO: EgisPBIE Class -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\EgisTec BioExcess\x64\EgisPBIE.dll (Egis Technology Inc.)BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120627144916.dll (McAfee, Inc.)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: EgisPBIE Class -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\EgisTec BioExcess\EgisPBIE.dll (Egis Technology Inc.)BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120627144916.dll (McAfee, Inc.)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No FileHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75 FireFox:========FF ProfilePath: C:\Users\dan2012\AppData\Roaming\Mozilla\Firefox\Profiles\pvbwf59h.defaultFF SearchEngineOrder.1: Secure SearchFF Homepage: hxxp://www.facebook.com/FF Keyword.URL: hxxp://search.yahoo.com/search?fr=mcafee&type=A111US714&p=FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll ()FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF SearchPlugin: C:\Users\dan2012\AppData\Roaming\Mozilla\Firefox\Profiles\pvbwf59h.default\searchplugins\askcom.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xmlFF Extension: Ask Toolbar - C:\Users\dan2012\AppData\Roaming\Mozilla\Firefox\Profiles\pvbwf59h.default\Extensions\toolbar@ask.com.xpi [2014-08-05]FF Extension: 1-Click YouTube Video Downloader - C:\Users\dan2012\AppData\Roaming\Mozilla\Firefox\Profiles\pvbwf59h.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-09-04]FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\EgisTec BioExcess\FFExtFF Extension: Online Accounts Extension - C:\Program Files (x86)\EgisTec BioExcess\FFExt [2012-05-07]FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisorFF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-05-07]FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCoreFF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-05-07]FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpiFF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome:=======CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENNCHR StartupUrls: Default -> "hxxp://www.yahoo.com/", "hxxp://www.facebook.com/"CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\dan2012\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\dan2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]CHR Extension: (YouTube) - C:\Users\dan2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-04]CHR Extension: (Video Downloader professional) - C:\Users\dan2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-09-04]CHR Extension: (SiteAdvisor) - C:\Users\dan2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2012-06-26]CHR Extension: (Google Wallet) - C:\Users\dan2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-09-26] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-09-22] (APN LLC.)R2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. )R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [225216 2011-01-28] (McAfee, Inc.)S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [502032 2012-04-19] (McAfee, Inc.)S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199304 2012-05-25] (McAfee, Inc.)R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [210616 2012-05-25] (McAfee, Inc.)R2 mfevtp; C:\windows\system32\mfevtps.exe [162224 2012-05-25] (McAfee, Inc.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [65264 2012-02-22] (McAfee, Inc.)R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [160792 2012-02-22] (McAfee, Inc.)R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [229528 2012-02-22] (McAfee, Inc.)U3 mfeavfk01; No ImagePathR3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [487296 2012-02-22] (McAfee, Inc.)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [647208 2012-02-22] (McAfee, Inc.)R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75936 2012-02-22] (McAfee, Inc.)S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc.)R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [289664 2012-02-22] (McAfee, Inc.)S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [250752 2011-06-14] (Vimicro Corporation)R3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)U3 BcmSqlStartupSvc; No ImagePathU2 CLKMSVC10_3A60B698; No ImagePathU2 CLKMSVC10_C3B3B687; No ImagePathU2 DriverService; No ImagePathU2 IAStorDataMgrSvc; No ImagePathU2 iATAgentService; No ImagePathU2 idealife Update Service; No ImagePathU3 IGRS; No ImagePathU2 IviRegMgr; No ImagePathU2 nvUpdatusService; No ImagePathU2 Oasis2Service; No ImagePathU2 PCCarerService; No ImagePathU2 ReadyComm.DirectRouter; No ImagePathU2 RichVideo; No ImagePathU2 RtLedService; No ImagePathU2 SeaPort; No ImagePathU2 SoftwareService; No ImagePathU3 SQLWriter; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-23 13:39 - 2014-10-23 13:40 - 00023857 _____ () C:\Users\dan2012\Desktop\FRST.txt2014-10-23 13:37 - 2014-10-23 13:39 - 00000000 ____D () C:\FRST2014-10-23 13:33 - 2014-10-23 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee2014-10-23 13:24 - 2014-10-23 13:24 - 01312616 _____ () C:\windows\Minidump\102314-37892-01.dmp2014-10-23 12:33 - 2014-10-23 12:35 - 02112000 _____ (Farbar) C:\Users\dan2012\Desktop\FRST64.exe2014-10-23 11:33 - 2014-10-23 11:38 - 14087848 _____ (Microsoft Corporation) C:\Users\dan2012\Downloads\mseinstall.exe2014-10-23 10:09 - 2014-10-23 10:09 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2014-10-23 10:09 - 2014-10-23 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-10-23 10:09 - 2014-10-23 10:09 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-10-23 10:09 - 2014-10-23 10:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-10-23 10:09 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys2014-10-23 10:09 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys2014-10-23 10:09 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys2014-10-23 09:28 - 2014-10-23 09:28 - 01179192 _____ () C:\windows\Minidump\102314-40139-01.dmp2014-10-23 09:09 - 2014-10-23 09:10 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\dan2012\Downloads\mbam-setup-2.0.3.1025.exe2014-10-23 08:52 - 2014-10-23 08:51 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe2014-10-23 08:51 - 2014-10-23 08:51 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe2014-10-23 08:51 - 2014-10-23 08:51 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe2014-10-23 08:51 - 2014-10-23 08:51 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll2014-10-23 08:51 - 2014-10-23 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-10-23 07:08 - 2014-10-23 07:08 - 01700608 _____ () C:\windows\Minidump\102314-28922-01.dmp2014-10-23 06:09 - 2014-10-23 06:10 - 01044904 _____ () C:\windows\Minidump\102314-39062-01.dmp2014-10-22 22:43 - 2014-10-22 22:43 - 01700608 _____ () C:\windows\Minidump\102214-39047-01.dmp2014-10-22 20:58 - 2014-10-22 20:58 - 00373488 _____ () C:\windows\Minidump\102214-40607-01.dmp2014-10-22 20:56 - 2014-10-22 21:29 - 119873792 _____ (Microsoft Corporation) C:\Users\dan2012\Downloads\msert.exe2014-10-22 18:03 - 2014-10-22 18:04 - 01700608 _____ () C:\windows\Minidump\102214-40435-01.dmp2014-10-22 15:52 - 2014-10-23 08:32 - 00000000 ____D () C:\Users\dan2012\AppData\Roaming\Ahetax2014-10-22 15:52 - 2014-10-22 15:52 - 00003824 _____ () C:\windows\System32\Tasks\Security Center Update - 2966741322014-10-22 15:52 - 2014-10-22 15:52 - 00003820 _____ () C:\windows\System32\Tasks\Security Center Update - 20901428912014-10-22 15:52 - 2014-10-22 15:52 - 00000000 ____D () C:\Users\dan2012\AppData\Roaming\Hyedosg2014-10-22 15:47 - 2014-10-22 15:47 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage2014-10-22 14:19 - 2014-10-22 14:19 - 00373152 _____ () C:\windows\Minidump\102214-27300-01.dmp2014-10-22 13:08 - 2014-10-22 13:08 - 01313512 _____ () C:\windows\Minidump\102214-33711-01.dmp2014-10-19 16:55 - 2014-10-19 16:55 - 00000000 ____D () C:\Users\dan2012\Downloads\aint dere no mo2014-10-18 15:40 - 2014-10-18 15:40 - 00373464 _____ () C:\windows\Minidump\101814-28501-01.dmp2014-10-18 12:30 - 2014-10-18 12:30 - 01700608 _____ () C:\windows\Minidump\101814-27908-01.dmp2014-10-18 10:08 - 2014-10-18 10:08 - 01313472 _____ () C:\windows\Minidump\101814-28532-01.dmp2014-10-15 21:36 - 2014-10-15 21:36 - 00642040 _____ () C:\windows\Minidump\101514-30435-01.dmp2014-10-15 02:26 - 2014-10-15 02:27 - 00000000 ____D () C:\Users\dan2012\Documents\x former post it notes2014-10-14 23:33 - 2014-09-28 20:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys2014-10-14 23:32 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll2014-10-14 23:32 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll2014-10-14 23:32 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll2014-10-14 23:32 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll2014-10-14 23:32 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll2014-10-14 23:32 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll2014-10-14 23:31 - 2014-08-18 23:11 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi2014-10-14 23:31 - 2014-08-18 23:10 - 00616352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi2014-10-14 23:31 - 2014-07-06 22:07 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll2014-10-14 23:31 - 2014-07-06 22:07 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll2014-10-14 23:31 - 2014-07-06 22:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll2014-10-14 23:31 - 2014-07-06 22:06 - 05551032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe2014-10-14 23:31 - 2014-07-06 22:06 - 04120576 _____ (Microsoft Corporation) C:\windows\system32\mf.dll2014-10-14 23:31 - 2014-07-06 22:06 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll2014-10-14 23:31 - 2014-07-06 22:06 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll2014-10-14 23:31 - 2014-07-06 22:06 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll2014-10-14 23:31 - 2014-07-06 22:06 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll2014-10-14 23:31 - 2014-07-06 22:06 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll2014-10-14 23:31 - 2014-07-06 22:06 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll2014-10-14 23:31 - 2014-07-06 22:06 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll2014-10-14 23:31 - 2014-07-06 22:06 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll2014-10-14 23:31 - 2014-07-06 22:06 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll2014-10-14 23:31 - 2014-07-06 22:06 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll2014-10-14 23:31 - 2014-07-06 22:06 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll2014-10-14 23:31 - 2014-07-06 22:06 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll2014-10-14 23:31 - 2014-07-06 22:06 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll2014-10-14 23:31 - 2014-07-06 22:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll2014-10-14 23:31 - 2014-07-06 21:52 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys2014-10-14 23:31 - 2014-07-06 21:40 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll2014-10-14 23:31 - 2014-07-06 21:40 - 03208704 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll2014-10-14 23:31 - 2014-07-06 21:40 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll2014-10-14 23:31 - 2014-07-06 21:40 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll2014-10-14 23:31 - 2014-07-06 21:40 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll2014-10-14 23:31 - 2014-07-06 21:40 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll2014-10-14 23:31 - 2014-07-06 21:40 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll2014-10-14 23:31 - 2014-07-06 21:40 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll2014-10-14 23:31 - 2014-07-06 21:40 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll2014-10-14 23:31 - 2014-07-06 21:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll2014-10-14 23:31 - 2014-07-06 21:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll2014-10-14 23:31 - 2014-07-06 21:39 - 03970488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe2014-10-14 23:31 - 2014-07-06 21:39 - 03914680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe2014-10-14 23:31 - 2014-06-27 20:21 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe2014-10-14 23:31 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe2014-10-14 23:31 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll2014-10-14 23:30 - 2014-08-18 23:08 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll2014-10-14 23:30 - 2014-08-18 23:08 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll2014-10-14 23:30 - 2014-08-18 23:08 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll2014-10-14 23:30 - 2014-08-18 23:07 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe2014-10-14 23:30 - 2014-08-18 23:07 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe2014-10-14 23:30 - 2014-08-18 23:07 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll2014-10-14 23:30 - 2014-08-18 23:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll2014-10-14 23:30 - 2014-08-18 23:07 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe2014-10-14 23:30 - 2014-08-18 22:41 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll2014-10-14 23:30 - 2014-08-18 22:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll2014-10-14 23:30 - 2014-08-18 22:06 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys2014-10-14 23:30 - 2014-07-06 22:06 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll2014-10-14 23:30 - 2014-07-06 22:06 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll2014-10-14 23:30 - 2014-07-06 22:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll2014-10-14 23:30 - 2014-07-06 22:06 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll2014-10-14 23:30 - 2014-07-06 22:06 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll2014-10-14 23:30 - 2014-07-06 22:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe2014-10-14 23:30 - 2014-07-06 22:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe2014-10-14 23:30 - 2014-07-06 22:06 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll2014-10-14 23:30 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx2014-10-14 23:30 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll2014-10-14 23:30 - 2014-07-06 22:05 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL2014-10-14 23:30 - 2014-07-06 22:05 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe2014-10-14 23:30 - 2014-07-06 22:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll2014-10-14 23:30 - 2014-07-06 21:40 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll2014-10-14 23:30 - 2014-07-06 21:40 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll2014-10-14 23:30 - 2014-07-06 21:40 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll2014-10-14 23:30 - 2014-07-06 21:40 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll2014-10-14 23:30 - 2014-07-06 21:40 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll2014-10-14 23:30 - 2014-07-06 21:40 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll2014-10-14 23:30 - 2014-07-06 21:40 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll2014-10-14 23:30 - 2014-07-06 21:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll2014-10-14 23:30 - 2014-07-06 21:40 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll2014-10-14 23:30 - 2014-07-06 21:40 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll2014-10-14 23:30 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx2014-10-14 23:30 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll2014-10-14 23:30 - 2014-07-06 21:39 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL2014-10-14 23:30 - 2014-07-06 21:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe2014-10-14 23:30 - 2014-07-06 21:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe2014-10-14 23:30 - 2014-07-06 21:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll2014-10-14 23:28 - 2014-10-06 22:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll2014-10-14 23:28 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll2014-10-14 23:28 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll2014-10-14 23:28 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll2014-10-14 23:28 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll2014-10-14 23:28 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll2014-10-14 23:28 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll2014-10-14 23:28 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl2014-10-14 23:28 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl2014-10-14 23:28 - 2014-09-18 21:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb2014-10-14 23:28 - 2014-09-18 21:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll2014-10-14 23:28 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll2014-10-14 23:28 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll2014-10-14 23:28 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll2014-10-14 23:28 - 2014-09-18 21:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll2014-10-14 23:28 - 2014-09-18 21:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll2014-10-14 23:28 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll2014-10-14 23:28 - 2014-09-18 21:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll2014-10-14 23:28 - 2014-09-18 21:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll2014-10-14 23:28 - 2014-09-18 21:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll2014-10-14 23:28 - 2014-09-18 21:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe2014-10-14 23:28 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll2014-10-14 23:28 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll2014-10-14 23:28 - 2014-09-18 21:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe2014-10-14 23:28 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb2014-10-14 23:28 - 2014-09-18 21:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll2014-10-14 23:28 - 2014-09-18 21:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll2014-10-14 23:28 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll2014-10-14 23:28 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll2014-10-14 23:28 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll2014-10-14 23:28 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll2014-10-14 23:28 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll2014-10-14 23:28 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll2014-10-14 23:28 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll2014-10-14 23:28 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll2014-10-14 23:28 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll2014-10-14 23:28 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll2014-10-14 23:28 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe2014-10-14 23:28 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll2014-10-14 23:28 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll2014-10-14 23:28 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe2014-10-14 23:28 - 2014-09-18 20:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll2014-10-14 23:28 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll2014-10-14 23:28 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll2014-10-14 23:28 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll2014-10-14 23:28 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll2014-10-14 23:28 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll2014-10-14 23:28 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll2014-10-14 23:28 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll2014-10-14 23:28 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll2014-10-14 23:27 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll2014-10-14 23:27 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll2014-10-14 23:27 - 2014-09-18 21:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe2014-10-14 23:27 - 2014-09-18 21:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll2014-10-14 23:27 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll2014-10-14 23:27 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll2014-10-14 23:27 - 2014-09-17 22:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll2014-10-14 23:27 - 2014-09-17 21:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll2014-10-14 23:26 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll2014-10-14 23:26 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll2014-10-14 23:26 - 2014-07-16 22:07 - 03722240 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll2014-10-14 23:26 - 2014-07-16 22:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe2014-10-14 23:26 - 2014-07-16 22:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll2014-10-14 23:26 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe2014-10-14 23:26 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll2014-10-14 23:26 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll2014-10-14 23:26 - 2014-07-16 22:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll2014-10-14 23:26 - 2014-07-16 22:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll2014-10-14 23:26 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll2014-10-14 23:26 - 2014-07-16 21:39 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll2014-10-14 23:26 - 2014-07-16 21:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe2014-10-14 23:26 - 2014-07-16 21:39 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll2014-10-14 23:26 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll2014-10-14 23:26 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll2014-10-14 23:26 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys2014-10-14 23:26 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys2014-10-14 23:24 - 2014-09-12 21:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll2014-10-14 23:24 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll2014-10-14 13:02 - 2014-10-14 13:03 - 00642056 _____ () C:\windows\Minidump\101414-31527-01.dmp2014-10-12 14:50 - 2014-10-12 14:50 - 00642040 _____ () C:\windows\Minidump\101214-25272-01.dmp2014-10-12 06:41 - 2014-10-12 06:41 - 01313488 _____ () C:\windows\Minidump\101214-27736-01.dmp2014-10-12 00:48 - 2014-10-12 00:48 - 00641888 _____ () C:\windows\Minidump\101214-33009-01.dmp2014-10-11 19:16 - 2014-10-11 19:16 - 00641736 _____ () C:\windows\Minidump\101114-28875-01.dmp2014-10-11 04:17 - 2014-10-11 04:18 - 00373520 _____ () C:\windows\Minidump\101114-24726-01.dmp2014-10-10 16:04 - 2014-10-10 16:04 - 00373488 _____ () C:\windows\Minidump\101014-25053-01.dmp2014-10-10 07:30 - 2014-10-10 07:30 - 01179208 _____ () C:\windows\Minidump\101014-24164-01.dmp2014-10-07 09:34 - 2014-10-15 08:17 - 00020876 _____ () C:\Users\dan2012\Documents\captions n info for FB pics.odt2014-10-07 05:56 - 2014-10-07 05:56 - 00910624 _____ () C:\windows\Minidump\100714-25272-01.dmp2014-10-06 16:53 - 2014-10-06 16:53 - 01447768 _____ () C:\windows\Minidump\100614-37580-01.dmp2014-10-06 05:48 - 2014-10-06 05:48 - 00373512 _____ () C:\windows\Minidump\100614-25240-01.dmp2014-10-03 09:30 - 2014-10-03 09:30 - 00373496 _____ () C:\windows\Minidump\100314-29733-01.dmp2014-09-30 22:08 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll2014-09-30 22:08 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll2014-09-28 03:52 - 2014-09-28 03:53 - 00000000 ____D () C:\Users\dan2012\Documents\0 other books2014-09-27 15:38 - 2014-09-27 15:38 - 01044616 _____ () C:\windows\Minidump\092714-29998-01.dmp2014-09-26 21:21 - 2014-09-26 21:21 - 00373456 _____ () C:\windows\Minidump\092614-27534-01.dmp2014-09-26 13:47 - 2014-09-26 13:47 - 00505112 _____ () C:\windows\Minidump\092614-27846-01.dmp2014-09-26 10:14 - 2014-09-27 04:26 - 00000000 ____D () C:\Users\dan2012\Downloads\historical2014-09-26 06:42 - 2014-09-26 06:42 - 01313184 _____ () C:\windows\Minidump\092614-29874-01.dmp2014-09-24 09:42 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll2014-09-24 09:42 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll2014-09-24 03:31 - 2014-09-24 03:31 - 01045912 _____ () C:\windows\Minidump\092414-28563-01.dmp ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-23 13:37 - 2009-07-14 00:45 - 00021280 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-10-23 13:37 - 2009-07-14 00:45 - 00021280 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-10-23 13:35 - 2009-07-14 01:13 - 00782510 _____ () C:\windows\system32\PerfStringBackup.INI2014-10-23 13:32 - 2012-05-07 15:30 - 01535931 _____ () C:\windows\WindowsUpdate.log2014-10-23 13:29 - 2012-05-07 16:42 - 00284559 _____ () C:\windows\system32\fastboot.set2014-10-23 13:29 - 2012-05-07 16:16 - 00000000 ____D () C:\ProgramData\VeriFace2014-10-23 13:28 - 2012-05-07 16:36 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2014-10-23 13:28 - 2012-05-07 16:16 - 07527175 _____ () C:\FaceProv.log2014-10-23 13:28 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT2014-10-23 13:28 - 2009-07-14 00:51 - 00068964 _____ () C:\windows\setupact.log2014-10-23 13:24 - 2012-08-16 13:03 - 482342757 _____ () C:\windows\MEMORY.DMP2014-10-23 13:24 - 2012-08-16 13:03 - 00000000 ____D () C:\windows\Minidump2014-10-23 13:16 - 2013-10-10 00:18 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job2014-10-23 12:43 - 2012-05-07 16:36 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2014-10-23 11:57 - 2014-05-19 04:48 - 00000000 ____D () C:\Users\dan2012\Downloads\00 pw pics, computer2014-10-23 11:27 - 2010-11-20 23:47 - 00123854 _____ () C:\windows\PFRO.log2014-10-23 09:00 - 2013-04-29 15:17 - 00000000 ____D () C:\Users\dan2012\Downloads\001 book research2014-10-23 08:52 - 2013-11-13 02:31 - 00000000 ____D () C:\ProgramData\Oracle2014-10-23 07:06 - 2013-07-26 20:50 - 00000000 ____D () C:\Users\dan2012\Documents\0 THE POWERS THAT BE rewrite20132014-10-23 00:19 - 2012-06-25 22:20 - 00000000 ____D () C:\Users\dan2012\AppData\Local\Apple Computer2014-10-22 23:33 - 2013-04-04 09:49 - 00000000 ____D () C:\Users\dan2012\Downloads\0 evocative2014-10-22 23:28 - 2014-07-03 09:31 - 00000000 ____D () C:\Users\dan2012\Downloads\memes for comments2014-10-22 22:51 - 2014-04-16 11:16 - 00000000 ____D () C:\Users\dan2012\Documents\correspondence2014-10-22 22:15 - 2013-03-07 10:40 - 00000000 ____D () C:\Users\dan2012\Documents\0 misc writing projects20132014-10-22 21:55 - 2012-11-18 09:43 - 00000000 ____D () C:\Users\dan2012\Documents\2012 112014-10-22 18:33 - 2013-04-05 09:42 - 00000000 ____D () C:\Users\dan2012\Downloads\portals -- paths tracks roads bridges tunnels2014-10-22 16:58 - 2013-04-16 13:02 - 00000000 ____D () C:\Users\dan2012\Downloads\00internet nuggets2014-10-22 16:01 - 2014-07-02 16:14 - 00000000 ____D () C:\Users\dan2012\Downloads\02 familypics2014-10-22 15:22 - 2013-04-11 10:09 - 00000000 ____D () C:\Users\dan2012\Downloads\writing2014-10-20 16:16 - 2014-07-26 21:49 - 00000000 ____D () C:\Users\dan2012\Documents\recipes2014-10-20 14:12 - 2013-07-17 21:06 - 00000000 ____D () C:\Users\dan2012\Downloads\art2014-10-20 13:39 - 2013-11-25 16:38 - 00000000 ____D () C:\Users\dan2012\Downloads\0092014-10-20 06:40 - 2013-11-04 04:23 - 00000000 ____D () C:\Users\dan2012\Downloads\women2014-10-19 23:25 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF2014-10-18 22:38 - 2012-05-07 16:36 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-10-18 22:38 - 2012-05-07 16:36 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-10-18 17:47 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache2014-10-18 16:06 - 2012-05-07 16:08 - 00000000 ____D () C:\ProgramData\McAfee2014-10-15 08:02 - 2014-09-08 14:36 - 00000000 ____D () C:\Users\dan2012\Downloads\light - the play of2014-10-15 07:58 - 2013-06-18 22:02 - 00000000 ____D () C:\Users\dan2012\Downloads\creature2014-10-15 03:57 - 2009-07-14 00:45 - 00289592 _____ () C:\windows\system32\FNTCACHE.DAT2014-10-15 03:54 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\Dism2014-10-15 03:54 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\Dism2014-10-15 03:19 - 2013-07-18 09:28 - 00000000 ____D () C:\windows\system32\MRT2014-10-15 03:02 - 2012-07-03 07:33 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe2014-10-15 01:43 - 2013-12-15 15:02 - 00000000 ____D () C:\Users\dan2012\Downloads\not shopped2014-10-14 12:21 - 2013-07-07 07:43 - 00000000 ____D () C:\Users\dan2012\Downloads\places-I know a place2014-10-12 04:11 - 2013-04-05 09:24 - 00000000 ____D () C:\Users\dan2012\Downloads\playing w food2014-10-11 20:23 - 2013-08-15 03:31 - 00000000 ____D () C:\Users\dan2012\Downloads\man machine2014-10-11 05:41 - 2013-07-20 18:35 - 00000000 ____D () C:\Users\dan2012\Downloads\science2014-10-11 05:17 - 2014-07-04 20:37 - 00000000 ____D () C:\Users\dan2012\Downloads\grammar spelling2014-10-11 03:30 - 2013-10-09 12:41 - 00000000 ____D () C:\Users\dan2012\Downloads\holidays2014-10-11 03:01 - 2013-04-22 00:03 - 00000000 ____D () C:\Users\dan2012\Downloads\by design2014-10-10 14:21 - 2013-05-23 00:34 - 00000000 ____D () C:\Users\dan2012\Downloads\001 my books images2014-10-10 10:30 - 2013-04-05 09:30 - 00000000 ____D () C:\Users\dan2012\Downloads\stairs2014-10-09 18:27 - 2013-04-05 09:43 - 00000000 ____D () C:\Users\dan2012\Downloads\cats2014-10-09 17:39 - 2013-08-03 12:52 - 00000000 ____D () C:\Users\dan2012\Downloads\adventure2014-10-09 16:19 - 2013-12-10 16:20 - 00000000 ____D () C:\Users\dan2012\Downloads\wizzy tech2014-10-08 01:14 - 2013-07-13 19:00 - 00000000 ____D () C:\Users\dan2012\Downloads\design intelligence2014-10-04 04:33 - 2013-07-14 15:26 - 00000000 ____D () C:\Users\dan2012\Downloads\home2014-10-04 03:47 - 2012-06-26 16:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-10-04 01:01 - 2013-06-18 21:49 - 00000000 ____D () C:\Users\dan2012\Downloads\garden2014-10-03 17:54 - 2014-06-18 13:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-10-02 15:53 - 2010-11-20 23:27 - 00278152 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe2014-09-30 01:44 - 2013-07-15 14:33 - 00000000 ____D () C:\Users\dan2012\Downloads\breath2014-09-28 04:00 - 2013-04-01 14:05 - 00000000 ____D () C:\Users\dan2012\Documents\novels 20132014-09-27 12:30 - 2013-08-16 12:58 - 00000000 ____D () C:\Users\dan2012\Downloads\ireland2014-09-26 09:48 - 2013-12-07 02:39 - 00000000 ____D () C:\Users\dan2012\Downloads\architecture2014-09-23 16:27 - 2013-10-10 00:18 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater2014-09-23 16:27 - 2012-06-26 22:03 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe2014-09-23 16:27 - 2012-06-26 22:03 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl Some content of TEMP:====================C:\Users\dan2012\AppData\Local\Temp\UpdateFlashPlayer_24f732e4.exeC:\Users\dan2012\AppData\Local\Temp\UpdateFlashPlayer_46bd34b4.exeC:\Users\dan2012\AppData\Local\Temp\UpdateFlashPlayer_877cc315.exeC:\Users\dan2012\AppData\Local\Temp\UpdateFlashPlayer_fc92586d.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-17 17:45 ==================== End Of Log ============================ [and the Additional] Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-10-2014Ran by dan2012 at 2014-10-23 13:42:04Running from C:\Users\dan2012\DesktopBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}FW: McAfee Firewall (Enabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)Adobe Reader 9.5.3 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.3 - Adobe Systems Incorporated)Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) HiddenAMD Media Foundation Decoders (Version: 1.0.60628.2255 - ATI Technologies Inc.) HiddenAMD VISION Engine Control Center (x32 Version: 2011.0628.2340.40663 - ATI) HiddenApple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Ask Shopping Toolbar (HKLM-x32\...\{4F524A00-6A76-A76A-76A7-A758B70C1200}) (Version: 12.18.0.89 - APN, LLC) <==== ATTENTIONAtheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)ATI AVIVO64 Codecs (Version: 11.6.0.10628 - ATI Technologies Inc.) HiddenATI Catalyst Install Manager (HKLM\...\{C5E7EB18-8F3A-2192-7435-7D68CB4907CB}) (Version: 3.0.829.0 - ATI Technologies, Inc.)Best Buy pc app (Version: 3.2.0.0 - Best Buy) HiddenBest Buy pc app (x32 Version: 3.2.0.0 - Best Buy) HiddenBioExcess (HKLM-x32\...\InstallShield_{E6CB67CC-71D2-46b9-8D43-A4641A9EECB2}) (Version: 7.0.67.0 - Egis Technology Inc.)BioExcess (Version: 7.0.67.0 - Egis Technology Inc.) HiddenBioExcess (x32 Version: 7.0.67.0 - Egis Technology Inc.) HiddenBonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) HiddenCatalyst Control Center Graphics Previews Common (x32 Version: 2011.0628.2340.40663 - ATI) HiddenCatalyst Control Center InstallProxy (x32 Version: 2011.0628.2340.40663 - ATI Technologies, Inc.) HiddenCatalyst Control Center Localization All (x32 Version: 2011.0628.2340.40663 - ATI) HiddenCatalyst Control Center Profiles Mobile (x32 Version: 2011.0628.2340.40663 - ATI) HiddenCCC Help Chinese Standard (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Chinese Traditional (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Czech (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Danish (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Dutch (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help English (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Finnish (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help French (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help German (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Greek (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Hungarian (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Italian (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Japanese (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Korean (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Norwegian (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Polish (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Russian (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Spanish (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Swedish (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Thai (x32 Version: 2011.0628.2339.40663 - ATI) HiddenCCC Help Turkish (x32 Version: 2011.0628.2339.40663 - ATI) Hiddenccc-utility64 (Version: 2011.0628.2340.40663 - ATI) HiddenConexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.4.50 - Conexant)CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)CyberLink YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) HiddenD3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenEgisTec ES603 WDM Driver (HKLM-x32\...\InstallShield_{AE4167B0-F589-4D2A-BF05-E181D543C49F}) (Version: 3.0.20.0 - Egis Technology Inc.)Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.1 - Lenovo)Energy Management (x32 Version: 6.0.2.1 - Lenovo) HiddenES603 WDM Driver (x32 Version: 3.0.20.0 - Egis Technology Inc.) HiddenGoogle Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) HiddeniExplorer 3.2.5.6 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - Macroplant LLC)IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) HiddenJavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenLenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.11.616.1 - Vimicro)Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.2525 - CyberLink Corp.)Lenovo OneKey Recovery (Version: 7.0.0.2525 - CyberLink Corp.) HiddenLenovo Security Suite (HKLM-x32\...\InstallShield_{0034859F-8E01-4C1D-BE77-F891C4786FBC}) (Version: 2.0.13.0 - Lenovo)Lenovo Security Suite (x32 Version: 2.0.13.0 - Lenovo) HiddenMalwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 11.0.678 - McAfee, Inc.)McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.143 - McAfee, Inc.)Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) HiddenOnline Bible 12.31 (HKCU\...\OnlineBible) (Version: - )Online Bible 12.31 (HKLM-x32\...\OnlineBible) (Version: - )OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)Port Locker (HKLM-x32\...\InstallShield_{A6FEE06D-C7E1-48CB-A9DF-1E317CF83CA4}) (Version: 1.0.5.24 - Egis Technology Inc.)Port Locker (Version: 1.0.5.24 - Egis Technology Inc.) HiddenPort Locker (x32 Version: 1.0.5.24 - Egis Technology Inc.) HiddenPower2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)PowerXpressHybrid (x32 Version: 1.00.0000 - ATI) HiddenQuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.7.0 - Synaptics Incorporated)TSP_CODEC (HKLM-x32\...\{A90C03D6-08E1-4C59-B93B-6919A6C0AC19}) (Version: 1.00.0000 - Bytescribe)UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)UserGuide (x32 Version: 1.0.0.6 - Lenovo) HiddenVeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.0.1224 - Lenovo)Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) HiddenWindows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-953073755-2712446163-3435037875-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks? ==================== Restore Points ========================= 01-10-2014 07:00:31 Windows Update09-10-2014 08:33:58 Scheduled Checkpoint15-10-2014 07:01:00 Windows Update23-10-2014 11:56:34 Windows Update23-10-2014 12:49:15 Installed Java 7 Update 71 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {21440AC3-B55A-488E-B7AE-80EEEAF7B3A0} - System32\Tasks\{E1DB34BD-FFDA-CAD4-CDB0-CBB898F8FADD} => C:\Users\dan2012\AppData\Roaming\mjcsesu.dll/s "C:\Users\dan2012\AppData\Roaming\mjcsesu.dll" <==== ATTENTIONTask: {2616B4CE-D6AD-4EC4-BC24-D6C3A9F9C13C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)Task: {46F1F313-A4F1-422D-9D33-F2466B66349F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)Task: {77847CD6-86A2-47A3-92CE-81903A5AB749} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-28] (CyberLink)Task: {8276AA39-EDEB-457E-BCED-EF457A4F0463} - System32\Tasks\{4A1E4D61-0F33-2B15-1A97-CE3E941048E5} => C:\Users\dan2012\AppData\Roaming\kggpmve.dll/s "C:\Users\dan2012\AppData\Roaming\kggpmve.dll" <==== ATTENTIONTask: {A898D5F8-7F4F-49B8-BF1A-3D8FA6D1A084} - System32\Tasks\Security Center Update - 2090142891 => C:\Users\dan2012\AppData\Roaming\Ahetax\dakus.exe [2014-10-23] () <==== ATTENTIONTask: {B4D3CEF8-80C1-4D9B-B8C7-6B379F66A38C} - System32\Tasks\Security Center Update - 296674132 => C:\Users\dan2012\AppData\Roaming\Hyedosg\orhim.exe [2014-07-13] () <==== ATTENTIONTask: {E31A7306-9F2A-4948-A894-0D719999D82B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)Task: {F450D10A-B0A0-41A5-9603-EC773D586CF8} - System32\Tasks\{BA918A07-15AA-C50E-B092-889E8A93FDF8} => C:\Users\dan2012\AppData\Roaming\idkqoc.dll/s "C:\Users\dan2012\AppData\Roaming\idkqoc.dll" <==== ATTENTIONTask: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2009-01-21 12:45 - 2009-01-21 12:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec BioExcess\x64\LIBEAY32.dll2012-05-07 16:16 - 2012-05-07 16:16 - 01508192 _____ () C:\windows\system32\IcnOvrly.dll2012-05-07 16:16 - 2012-05-07 16:16 - 00628064 _____ () C:\windows\system32\SimpleExt.dll2008-12-19 23:20 - 2012-05-07 16:39 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll2008-12-19 23:20 - 2012-05-07 16:39 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll2014-10-23 08:32 - 2014-10-23 08:32 - 00306301 _____ () C:\Users\dan2012\AppData\Roaming\Ahetax\dakus.exe2011-03-14 10:21 - 2011-03-14 10:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll2011-06-28 19:38 - 2011-06-28 19:38 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2012-05-07 16:16 - 2012-05-07 16:16 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Bupekiuvfupila => C:\Users\dan2012\AppData\Roaming\Ahetax\dakus.exeMSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-953073755-2712446163-3435037875-500 - Administrator - Disabled)dan2012 (S-1-5-21-953073755-2712446163-3435037875-1000 - Administrator - Enabled) => C:\Users\dan2012Guest (S-1-5-21-953073755-2712446163-3435037875-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-953073755-2712446163-3435037875-1002 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (10/23/2014 01:30:06 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 01:25:35 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 11:29:34 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 11:01:18 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 10:59:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object. Details:Could not query the status of the EventSystem service.System Error:A system shutdown is in progress.. Error: (10/23/2014 09:29:25 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 08:41:15 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 07:46:23 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 07:10:23 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 06:11:11 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors:=============Error: (10/23/2014 01:29:52 PM) (Source: DCOM) (EventID: 10010) (User: )Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (10/23/2014 01:26:38 PM) (Source: DCOM) (EventID: 10010) (User: )Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (10/23/2014 01:25:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1068 Error: (10/23/2014 01:25:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1068 Error: (10/23/2014 01:25:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1068 Error: (10/23/2014 01:25:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1068 Error: (10/23/2014 01:25:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1068 Error: (10/23/2014 01:25:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1068 Error: (10/23/2014 01:25:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1068 Error: (10/23/2014 01:25:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1068 Microsoft Office Sessions:=========================Error: (10/23/2014 01:30:06 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 01:25:35 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 11:29:34 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 11:01:18 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 10:59:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )Description:Details:Could not query the status of the EventSystem service.System Error:A system shutdown is in progress. Error: (10/23/2014 09:29:25 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 08:41:15 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 07:46:23 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 07:10:23 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2014 06:11:11 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Processor: AMD E-450 APU with Radeon HD GraphicsPercentage of memory in use: 28%Total physical RAM: 3686.11 MBAvailable physical RAM: 2639.21 MBTotal Pagefile: 7370.4 MBAvailable Pagefile: 5585.09 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:254.14 GB) (Free:116.3 GB) NTFSDrive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.16 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 92133C21)Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=254.1 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12) ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
LiquidTension Posted October 23, 2014 ID:895128 Share Posted October 23, 2014 Hello DanielOverInPennsylvania, welcome to Malwarebytes' Malware Removal forum!My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.If you would allow me to call you by your first name I would prefer that. General P2P/Piracy Notice: If you are using Peer to Peer (P2P) filesharing software such as uTorrent, BitTorrent or similar you must either fully uninstall or completely disable the programme(s) from running whilst receiving assistance at this forum. Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked/keygen or similar software on the computer, please remove/uninstall the software now and read the policy on Piracy. Failure to do so will also result in your topic being closed. ======================================================Please read through the points below to ensure this process moves as quickly and efficiently as possible.Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation and providing the best set of instructions for you.Please backup important files before proceeding with my instructions. Malware removal can be unpredictable.If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.Ensure you are following this topic. Click at the top of the page.====================================================== Unfortunately, your computer is badly infected, so I must issue the following warning. Please let me know what you think, and how you wish to proceed. BACKDOOR WARNING ------------------------------One or more of the identified infections is known to use a backdoor, that allows attackers to remotely control your computer, download/execute files and steal critical system, financial and personal information.Please disconnect your computer from the Internet immediately. If your computer was used for online banking, has credit card information or other sensitive data, using a non-infected computer/device you should immediately change all account information (including those used for banking, email, eBay, paypal, online forums, etc).Banking and credit card institutions should be notified of the possible security breach immediately. Please read the following article for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?Whilst the identified infection(s) can be removed, there is no way to guarantee that your computer will be trustworthy again unless you reformat your Hard Drive and reinstall your Operating System. This is due to the nature of the infection, which allows the attacker complete control over the computer. Many experts in the security community believe that once infected with this type of malware, the best course of action is to reformat/reinstall. Please read the following articles for more information.When should I re-format? How should I reinstall?Help: I Got Hacked. Now What Do I Do?Where to draw the line? When to recommend a format and reinstall?You have a choice between cleaning the infection(s) or reformatting your computer. Ultimately, the decision is personal, and up to you and whatever you're most comfortable with. Please let me know how you wish to proceed, and if you have any questions. Link to post Share on other sites More sharing options...
DanielOverInPennsylvania Posted October 24, 2014 Author ID:895604 Share Posted October 24, 2014 Hi Adam. Absolutely, call me Dan.I've read the stuff. I've also read threads that tell me what you're likely to say next. Long process. It's pretty screwed up that the "professionals" haven't figured out a way to close the back doors that come with this crap. But it is what is is. At this point, I'm going to go with cleaning. Lead me on. But first, I need to back up important files, and just purchased a new external hard drive. Do you have any advice so that I'm not going to backup malware, in case I later decide to wipe the hard drive and reinstall the op sys? Link to post Share on other sites More sharing options...
LiquidTension Posted October 24, 2014 ID:895613 Share Posted October 24, 2014 Hi Dan, If you wish to backup your data, I suggest doing the following.STEP 1 involves using a clean PC to protect your external drive against autorun infections, and STEP 2 discusses which files you should and should not backup. Please let me know when you're ready to begin the cleaning of this machine. STEP 1 Panda USB VaccineUsing a clean PC, please download Panda USB Vaccine and save the file to your Desktop.Double-click USBVaccineSetup.exe to install the programme.Read and accept the license agreement, then click Next.Upon completion of the setup, ensure Launch Panda USB Vaccine is checked and click Finish.Click the Vaccinate Computer button. It should now show a green checkmark and confirm Computer vaccinated. Hold down the Shift key on your keyboard and insert your external drive.When the name of the drive appears in the Panda USB Vaccine dialog box, click the Vaccinate USB drive(s) button.Exit the programme when done.-- Computer Vaccination will prevent any AutoRun file from running, regardless of whether the removable device is infected or not. USB Vaccination disables the autorun file so it cannot be read, modified or replaced and creates an AUTORUN_.INF as protection against malicious code. The Panda Resarch Blog advises that once USB drives have been vaccinated, they cannot be reversed except with a format. If you do this, be sure to back up your data files first or they will be lost during the formatting process. STEP 2 Backup DataThe safest practice is not to backup any executable (.exe), screensavers (.scr), dynamic link library (.dll), autorun (.ini) or script (.php,.asp, .htm, .html, .xml) files because they may be infected by malware. You should also avoid backing up compressed (.zip, .cab, .rar) files that have executables inside as some types of malware can penetrate compressed files and infect the .exe files within them. Other types of malware may disguise itself by hiding a file extension or by adding double file extensions and/or space(s) in the file's name to hide the real extension, so be sure you look closely at the full file name.Backing up documents, image, music and video is fine.Specially crafted Word/Excel/PDF can be used for malicious intent, so I recommend only backing up documents you created, or know to come from a clean source. To repeat, do not backup up files with the following extensions:.exe, .scr, .bat, .com, .cmd, .msi, .pif, .ini, .htm, .html, .hta, .php, .asp, .xml, .zip, .rar, .cabHold the shift key on your infected PC, and insert your external drive. Copy the files you wish to backup onto your external drive. Remove the external drive from the PC. Link to post Share on other sites More sharing options...
DanielOverInPennsylvania Posted October 24, 2014 Author ID:895752 Share Posted October 24, 2014 I'm kind of at a loss, here, Adam.I'm really not in a position to purchase a clean machine, and only have this laptop. The McAfee element that's been blocking the original problem that was unresolved by either the MS scanner/destroyer or the malwarebytes scanner is now blocking a new risky connection from a different .exe file in the same general location as the other one, so it appears as if the cancer is reproducing itself. I'm pretty screwed. Link to post Share on other sites More sharing options...
DanielOverInPennsylvania Posted October 24, 2014 Author ID:895755 Share Posted October 24, 2014 Is there a free tool like McAfee's "shred" tool, where I can right-click on an .exe file and kill it directly? As I said, the file(s) won't let me rename them or trash them. I'd really like to try that if there is a way. Thanks for your help. Link to post Share on other sites More sharing options...
LiquidTension Posted October 24, 2014 ID:895761 Share Posted October 24, 2014 It's' fine. I suggest you proceed by backing up your data. The first step is only a precautionary measure to protect against autorun infections. However, I see no evidence of such an infection, so you should be OK to skip STEP 1. Alternatively, you can just install Panda USB Vaccine on the infected computer and follow the instructions from there. Either way, it's not a big deal.---------Once you've backed up your data, let me know and we can begin. Forget about trying to stop individual executables as it doesn't work like that. The infections present are far deeper. Link to post Share on other sites More sharing options...
DanielOverInPennsylvania Posted October 26, 2014 Author ID:896622 Share Posted October 26, 2014 I've backed up my data, and possibly infected my new external hard drive in the process. I did it before reading your previous. The virus has reproduced a new one, and it wouldn't let me shut down without force-quitting. It would generate multiple browser windows when I attempted to shut down normally. I had no choice but to try to repair on startup, and started with resetting my only image of the system, which happened to be Oct 9 of this year. Then I used Repair Startup, which went on for a long time, and almost miraculously got the thing to start again. Seriously: is there a tool where I can cherry pick the startup doc and the .exe files in my User data folders? Link to post Share on other sites More sharing options...
LiquidTension Posted October 26, 2014 ID:896630 Share Posted October 26, 2014 OK. I think our best option is to proceed with cleaning. We can look into scanning your external drive later. STEP 1 ComboFixNote: Please read through these instructions before running ComboFix. Please download ComboFix and save the file to your Desktop. << Important!Temporarily disable your anti-virus software. For instructions, please refer to the following link.Right-Click ComboFix.exe and select Run as administrator to run the programme.Follow the prompts. Allow ComboFix to complete it's removal routine (please refer to Important Notes:).Upon completion, a log (ComboFix.txt) will be created in the root directory (C:\). Copy the contents of the log and paste in your next reply.Re-enable your anti-virus software. Important Notes:Do NOT mouse click ComboFix's window whilst it is running. This may cause the programme to stall.Do NOT use your computer whilst ComboFix is running.Your Desktop/taskbar may disappear whilst ComboFix is running; this is normal. If you get the message Illegal operation attempted on registry key that has been marked for deletion please reboot your computer.ComboFix will disconnect your machine from the Internet as soon as it starts.Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.If you are unable to access the Internet after running ComboFix, please reboot your computer. STEP 2 TDSSKiller ScanPlease download TDSSKiller and save the file to your Desktop.Right-Click TDSSKiller.exe and select Run as administrator to run the programme.Click Change parameters. Place a checkmark next to:Loaded ModulesDetect TDLFS file systemVerify file digital signaturesNote: If you receive the following message: Extended Monitoring Driver is required, click Reboot now, and continue from here following the reboot.Click Start Scan. Do not use the computer during the scan.If objects are found, change the action to skip.Click Continue and close the window.A log will be created and saved to the root directory (usually C:\). Attach the log in your next reply. STEP 3 Farbar Recovery Scan Tool (FRST) ScanRight-Click FRST64.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. ====================================================== STEP 4 LogsIn your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.ComboFix.txtTDSSKiller log (attached)FRST.txtAddition.txt Link to post Share on other sites More sharing options...
DanielOverInPennsylvania Posted October 27, 2014 Author ID:896936 Share Posted October 27, 2014 OK, I'll go to work on that. thank you Link to post Share on other sites More sharing options...
DanielOverInPennsylvania Posted October 27, 2014 Author ID:896954 Share Posted October 27, 2014 question:You say to turn off firewall for the combofix and then back on. I don't need to do that for the TDSSkiller also?also, I can flip the physical switch to kill WIFI reception during these steps. Do you recommend that?thx again! Link to post Share on other sites More sharing options...
LiquidTension Posted October 27, 2014 ID:896974 Share Posted October 27, 2014 The instructions say to turn off your Anti-Virus. This only needs to be done during the ComboFix scan.You don't need to turn your WiFi off. Link to post Share on other sites More sharing options...
DanielOverInPennsylvania Posted October 27, 2014 Author ID:896981 Share Posted October 27, 2014 OK, that's done and the logs are below. I got a "Post too long" error, even splitting it in two, so I'm posting it in THREE posts.My sound has disappeared. The volume horn in the systray by the clock has an X next to it, and when I hover over it, it says "The audio service is not running". If I click it, it runs a diagnostic and reports that no solutions are found. Thanks for your help. ComboFix 14-10-27.01 - dan2012 10/27/2014 3:57.1.2 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3686.2334 [GMT -4:00]Running from: c:\users\dan2012\Desktop\ComboFix.exeAV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\wrnhoah.tmpc:\windows\s.batc:\windows\WindowsUpdate.log..((((((((((((((((((((((((( Files Created from 2014-09-27 to 2014-10-27 )))))))))))))))))))))))))))))))..2014-10-27 08:25 . 2014-10-27 08:25 -------- d-----w- c:\users\Default\AppData\Local\temp2014-10-27 07:06 . 2014-10-27 07:06 -------- d-----w- c:\program files\Microsoft Silverlight2014-10-27 07:06 . 2014-10-27 07:06 -------- d-----w- c:\program files (x86)\Microsoft Silverlight2014-10-27 03:07 . 2014-10-27 03:07 -------- d-----w- c:\program files (x86)\Common Files\Java2014-10-27 03:05 . 2014-10-27 03:05 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2014-10-27 02:44 . 2014-09-10 20:30 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EA6B016F-38FB-4E82-A649-409A19656C16}\gapaengine.dll2014-10-27 02:43 . 2014-10-20 07:37 11627712 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4A12E2C5-7379-474D-B993-42CDFE9B1DAC}\mpengine.dll2014-10-27 02:40 . 2014-10-27 02:40 -------- d-----w- c:\program files (x86)\Microsoft Security Client2014-10-27 02:40 . 2014-10-27 02:40 -------- d-----w- c:\program files\Microsoft Security Client2014-10-26 16:02 . 2014-09-29 00:58 3198976 ----a-w- c:\windows\system32\win32k.sys2014-10-26 16:02 . 2014-06-18 22:23 1943696 ----a-w- c:\windows\system32\dfshim.dll2014-10-26 16:02 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\SysWow64\dfshim.dll2014-10-26 16:02 . 2014-06-18 22:23 73880 ----a-w- c:\windows\system32\mscories.dll2014-10-26 16:02 . 2014-06-18 22:23 81560 ----a-w- c:\windows\SysWow64\mscories.dll2014-10-26 16:02 . 2014-06-18 22:23 156824 ----a-w- c:\windows\SysWow64\mscorier.dll2014-10-26 16:02 . 2014-09-19 01:47 48128 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll2014-10-26 16:02 . 2014-09-19 01:01 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll2014-10-26 16:00 . 2014-09-18 02:00 3241472 ----a-w- c:\windows\system32\msi.dll2014-10-26 16:00 . 2014-09-18 01:32 2363904 ----a-w- c:\windows\SysWow64\msi.dll2014-10-26 15:58 . 2014-09-13 01:58 77312 ----a-w- c:\windows\system32\packager.dll2014-10-26 15:58 . 2014-09-13 01:40 67072 ----a-w- c:\windows\SysWow64\packager.dll2014-10-24 23:47 . 2014-10-24 23:47 -------- d-----w- c:\program files\Common Files\Western Digital2014-10-24 23:47 . 2014-10-24 23:47 -------- d-----w- c:\program files\Western Digital2014-10-24 23:46 . 2014-10-25 20:33 -------- d-----w- c:\program files (x86)\Common Files\Western Digital2014-10-24 23:46 . 2014-10-24 23:47 -------- d-----w- c:\program files (x86)\Western Digital2014-10-24 23:44 . 2014-10-24 23:58 -------- d-----w- c:\programdata\Western Digital2014-10-24 16:03 . 2014-10-25 20:21 -------- d-----w- c:\users\dan2012\AppData\Roaming\Alviwu2014-10-24 16:03 . 2014-10-25 20:21 -------- d-----w- c:\users\dan2012\AppData\Roaming\Erbibaa2014-10-23 17:37 . 2014-10-23 17:43 -------- d-----w- C:\FRST2014-10-23 14:36 . 2014-10-27 02:57 -------- d-----w- c:\users\dan2012\AppData\Local\ElevatedDiagnostics2014-10-23 14:09 . 2014-10-25 20:33 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware2014-10-23 14:09 . 2014-10-23 14:09 -------- d-----w- c:\programdata\Malwarebytes2014-10-15 03:32 . 2014-06-18 22:23 156312 ----a-w- c:\windows\system32\mscorier.dll2014-10-15 03:27 . 2014-09-18 23:59 775168 ----a-w- c:\windows\system32\ieapfltr.dll2014-10-01 02:08 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll2014-10-01 02:08 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2014-10-27 05:02 . 2012-07-03 11:33 103265616 ----a-w- c:\windows\system32\MRT.exe2014-10-25 22:08 . 2009-07-13 23:53 79872 ----a-w- c:\windows\system32\cryptsp.dll2014-10-25 22:08 . 2010-11-21 03:23 780008 ----a-w- c:\windows\system32\ci.dll2014-09-23 20:27 . 2012-06-27 02:03 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2014-09-23 20:27 . 2012-06-27 02:03 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2014-09-22 06:42 . 2010-11-21 03:27 278152 ------w- c:\windows\system32\MpSigStub.exe2014-09-18 18:46 . 2014-09-18 18:46 0 ----a-w- c:\users\dan2012\AppData\Roaming\hezmjib.dll2014-09-09 22:11 . 2014-09-24 13:42 2048 ----a-w- c:\windows\system32\tzres.dll2014-09-09 21:47 . 2014-09-24 13:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll2014-08-30 04:41 . 2010-06-24 11:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2014-08-23 02:07 . 2014-08-27 19:47 404480 ----a-w- c:\windows\system32\gdi32.dll2014-08-23 01:45 . 2014-08-27 19:47 311808 ----a-w- c:\windows\SysWow64\gdi32.dll2014-08-18 20:38 . 2014-09-12 10:36 775168 ----a-w- c:\windows\system32\ieapfltr(458).dll2014-08-13 01:10 . 2014-08-13 01:10 0 ----a-w- c:\users\dan2012\AppData\Roaming\lvvsi.dll2014-08-12 23:04 . 2014-08-12 23:04 0 ----a-w- c:\users\dan2012\AppData\Roaming\fztona.dll2014-08-01 11:53 . 2014-09-11 10:58 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll2014-08-01 11:35 . 2014-09-11 10:58 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]2014-09-22 20:44 12184 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport.dll" [2014-09-22 12184].[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}][HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1][HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}][HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd].[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]2012-04-09 20:27 158224 ----a-w- c:\windows\SysWOW64\CbFsMntNtf3.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-28 336384]"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2011-06-15 548864]"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-11-05 407920]"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-11-05 202096]"VitaKeyTSR"="c:\program files (x86)\EgisTec BioExcess\EgisTSR.exe" [2010-12-13 383344]"PLTSR"="c:\program files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [2010-10-22 364400]"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-05-07 329056]"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-31 43816]"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2014-10-10 1942424]"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-09-01 152392]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016].c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe "c:\programdata\Best Buy pc app\Best Buy pc app.application" [2011-2-25 15776].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"aux"=wdmaud.drv.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]@="Service".R2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]S1 EgisTecFF;EgisTecFF;c:\windows\system32\DRIVERS\EgisTecFF.sys;c:\windows\SYSNATIVE\DRIVERS\EgisTecFF.sys [x]S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]S2 APNMCP;Ask Update Service;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]S2 EgisTec Service Help;EgisTec Service Help;c:\program files (x86)\EgisTec Port Locker\Egishlpsvc.exe;c:\program files (x86)\EgisTec Port Locker\Egishlpsvc.exe [x]S2 EgisTec Service;EgisTec Service;c:\program files (x86)\EgisTec BioExcess\EgisService.exe;c:\program files (x86)\EgisTec BioExcess\EgisService.exe [x]S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]S3 cbfs3;EldoS Callback File System driver v3;c:\windows\system32\DRIVERS\cbfs3.sys;c:\windows\SYSNATIVE\DRIVERS\cbfs3.sys [x]S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]S3 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys;c:\windows\SYSNATIVE\Drivers\FPSensor.sys [x]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]S3 vmuvcflt;Vimicro USB Camera Filter;c:\windows\system32\Drivers\vmuvcflt.sys;c:\windows\SYSNATIVE\Drivers\vmuvcflt.sys [x]..--- Other Services/Drivers In Memory ---.*NewlyCreated* - WS2IFSL.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2014-10-14 23:56 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2014-10-27 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-27 20:27].2014-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07 16:38].2014-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07 16:38]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]2012-04-09 20:27 190480 ----a-w- c:\windows\System32\CbFsMntNtf3.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]@="{771C7324-DA80-49D3-8017-753B0AF60951}"[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]2012-05-07 20:16 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-05-07 9769888]"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-05-07 5908928]"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-05-07 206176]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288].------- Supplementary Scan -------.uStart Page = https://us-mg6.mail.yahoo.com/neo/launch?uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = *.localTCP: DhcpNameServer = 75.75.76.76 75.75.75.75FF - ProfilePath - c:\users\dan2012\AppData\Roaming\Mozilla\Firefox\Profiles\pvbwf59h.default\FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&type=A111US714&p=.- - - - ORPHANS REMOVED - - - -.URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files (x86)\Ask.com\GenericAskToolbar.dllToolbar-Locked - (no file)Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exeHKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - startToolbar-Locked - (no file)HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\software\McAfee]"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exec:\program files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exec:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe.**************************************************************************.Completion time: 2014-10-27 04:46:37 - machine was rebootedComboFix-quarantined-files.txt 2014-10-27 08:46.Pre-Run: 119,891,578,880 bytes freePost-Run: 126,101,749,760 bytes free.- - End Of File - - 9F956013330FB59D8CC21AA7B44985A0A36C5E4F47E84449FF07ED3517B43A31 Link to post Share on other sites More sharing options...
DanielOverInPennsylvania Posted October 27, 2014 Author ID:896984 Share Posted October 27, 2014 This was going to be LOG post TWO of THREE, but the TDSS killer log by itself was too long. I'm going to try cutting it in half.OK, THAT didn't work.... let me try thirds...05:21:26.0991 0x0a68 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:5805:21:27.0225 0x0a68 ============================================================05:21:27.0225 0x0a68 Current date / time: 2014/10/27 05:21:27.022505:21:27.0225 0x0a68 SystemInfo:05:21:27.0225 0x0a68 05:21:27.0225 0x0a68 OS Version: 6.1.7601 ServicePack: 1.005:21:27.0225 0x0a68 Product type: Workstation05:21:27.0225 0x0a68 ComputerName: DAN2012-PC05:21:27.0225 0x0a68 UserName: dan201205:21:27.0225 0x0a68 Windows directory: C:\windows05:21:27.0225 0x0a68 System windows directory: C:\windows05:21:27.0225 0x0a68 Running under WOW6405:21:27.0225 0x0a68 Processor architecture: Intel x6405:21:27.0225 0x0a68 Number of processors: 205:21:27.0225 0x0a68 Page size: 0x100005:21:27.0225 0x0a68 Boot type: Normal boot05:21:27.0225 0x0a68 ============================================================05:21:27.0225 0x0a68 BG loaded05:21:27.0631 0x0a68 System UUID: {975FC680-7AC6-374E-173F-00080A6E7633}05:21:28.0894 0x0a68 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004005:21:28.0926 0x0a68 ============================================================05:21:28.0926 0x0a68 \Device\Harddisk0\DR0:05:21:28.0926 0x0a68 MBR partitions:05:21:28.0926 0x0a68 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6400005:21:28.0926 0x0a68 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x1FC4980005:21:28.0957 0x0a68 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1FCAE800, BlocksNum 0x39FD80005:21:28.0957 0x0a68 ============================================================05:21:29.0004 0x0a68 C: <-> \Device\Harddisk0\DR0\Partition205:21:29.0128 0x0a68 D: <-> \Device\Harddisk0\DR0\Partition305:21:29.0128 0x0a68 ============================================================05:21:29.0128 0x0a68 Initialize success05:21:29.0128 0x0a68 ============================================================05:21:53.0343 0x0ce8 ============================================================05:21:53.0343 0x0ce8 Scan started05:21:53.0343 0x0ce8 Mode: Manual; SigCheck; TDLFS;05:21:53.0343 0x0ce8 ============================================================05:21:53.0343 0x0ce8 KSN ping started05:21:53.0514 0x0ce8 KSN ping finished: false05:21:59.0536 0x0ce8 ================ Scan system memory ========================05:21:59.0536 0x0ce8 System memory - ok05:21:59.0536 0x0ce8 ================ Scan services =============================05:21:59.0926 0x0ce8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys05:22:15.0978 0x0ce8 1394ohci - ok05:22:16.0056 0x0ce8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys05:22:16.0119 0x0ce8 ACPI - ok05:22:16.0150 0x0ce8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys05:22:16.0290 0x0ce8 AcpiPmi - ok05:22:16.0337 0x0ce8 [ 5BBFF8B826EC38D32C26334E079C7EFC, 673D46409F0225A804B55FFB77E82AF34F8C7A93BEEF92DC3DFAC7EFCC5F09B6 ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys05:22:16.0368 0x0ce8 ACPIVPC - ok05:22:16.0712 0x0ce8 [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe05:22:16.0743 0x0ce8 AdobeFlashPlayerUpdateSvc - ok05:22:16.0852 0x0ce8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys05:22:16.0899 0x0ce8 adp94xx - ok05:22:16.0961 0x0ce8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys05:22:17.0008 0x0ce8 adpahci - ok05:22:17.0039 0x0ce8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys05:22:17.0070 0x0ce8 adpu320 - ok05:22:17.0133 0x0ce8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll05:22:17.0351 0x0ce8 AeLookupSvc - ok05:22:17.0429 0x0ce8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys05:22:17.0523 0x0ce8 AFD - ok05:22:17.0570 0x0ce8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys05:22:17.0616 0x0ce8 agp440 - ok05:22:17.0663 0x0ce8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe05:22:17.0757 0x0ce8 ALG - ok05:22:17.0819 0x0ce8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys05:22:17.0850 0x0ce8 aliide - ok05:22:17.0928 0x0ce8 [ 310F88A93C3B02E3D1F906FB57B9E01E, C12CF7005F681305FA4A945C77E0C6C6AD674037187030FA506EA85DB37CA68C ] AMD External Events Utility C:\windows\system32\atiesrxx.exe05:22:18.0053 0x0ce8 AMD External Events Utility - ok05:22:18.0069 0x0ce8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys05:22:18.0084 0x0ce8 amdide - ok05:22:18.0131 0x0ce8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys05:22:18.0194 0x0ce8 AmdK8 - ok05:22:18.0896 0x0ce8 [ 62DDF55680F8C53E4B8DDE4189ADA0B8, 0840DC0F30430C708896859ABEFEBB9802EE6544F0BEE7C16EFCBC991B49C43C ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys05:22:19.0488 0x0ce8 amdkmdag - ok05:22:19.0598 0x0ce8 [ 51F027DFFEDFB8D763FABFFA06B56E6D, 85C6173B910E90C399A0AE3000C6527E390B72B8550618FA91D4E979793DB19C ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys05:22:19.0676 0x0ce8 amdkmdap - ok05:22:19.0722 0x0ce8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys05:22:19.0785 0x0ce8 AmdPPM - ok05:22:19.0847 0x0ce8 [ CC3021D064EB6D3C2F949530E2B0BA47, 3BEFF55082E742454283CC963624B3E11EE0BB4AA8B605D8F26CCCDB9FF4AE38 ] amdsata C:\windows\system32\DRIVERS\amdsata.sys05:22:19.0878 0x0ce8 amdsata - ok05:22:19.0925 0x0ce8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys05:22:19.0956 0x0ce8 amdsbs - ok05:22:19.0972 0x0ce8 [ FFC5A0F6263574EF0D5467496B721F77, 85C949FA223099B33AFCFBC8AC85E82E6CDAAA315F13B7AF1189AC917CB70331 ] amdxata C:\windows\system32\drivers\amdxata.sys05:22:20.0003 0x0ce8 amdxata - ok05:22:20.0268 0x0ce8 [ E2D3363D2298F8B4DEF484AB40E66C49, 2BC5AB307837DDD63B68385B032EF8D9B76507851545BB51EC218D164C62C42C ] APNMCP C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe05:22:20.0300 0x0ce8 APNMCP - ok05:22:20.0393 0x0ce8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\windows\system32\drivers\appid.sys05:22:20.0690 0x0ce8 AppID - ok05:22:20.0736 0x0ce8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\windows\System32\appidsvc.dll05:22:20.0830 0x0ce8 AppIDSvc - ok05:22:20.0892 0x0ce8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll05:22:20.0970 0x0ce8 Appinfo - ok05:22:21.0080 0x0ce8 [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe05:22:21.0111 0x0ce8 Apple Mobile Device - ok05:22:21.0189 0x0ce8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys05:22:21.0204 0x0ce8 arc - ok05:22:21.0236 0x0ce8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys05:22:21.0251 0x0ce8 arcsas - ok05:22:21.0392 0x0ce8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe05:22:21.0501 0x0ce8 aspnet_state - ok05:22:21.0548 0x0ce8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys05:22:21.0657 0x0ce8 AsyncMac - ok05:22:21.0719 0x0ce8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys05:22:21.0735 0x0ce8 atapi - ok05:22:21.0969 0x0ce8 [ CC406DA84E7DD3FA3AD20340DBC66CF2, 295F02AA66A3E7879329DC18A741021923C7B389AD8AC6C25A07CAAD6D9CAD33 ] athr C:\windows\system32\DRIVERS\athrx.sys05:22:22.0203 0x0ce8 athr - ok05:22:22.0296 0x0ce8 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47, 172240231981162F67DD2CF13C6D8C807EFFCE9C24B476F2942BC3E1F41C1A71 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys05:22:22.0328 0x0ce8 AtiHDAudioService - ok05:22:22.0437 0x0ce8 [ 88CA5C2310C7FC5397F26363638AC145, 1B4A0ECA74C335C891A3EAB2758BF8D9B03B24812F63B44BC95691E4A7605DEE ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll05:22:22.0640 0x0ce8 AudioEndpointBuilder - detected UnsignedFile.Multi.Generic ( 1 )05:22:22.0796 0x0ce8 Object is SCO, delete is not allowed05:22:22.0796 0x0ce8 AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - warning05:22:22.0842 0x0ce8 [ 88CA5C2310C7FC5397F26363638AC145, 1B4A0ECA74C335C891A3EAB2758BF8D9B03B24812F63B44BC95691E4A7605DEE ] AudioSrv C:\windows\System32\Audiosrv.dll05:22:22.0905 0x0ce8 AudioSrv - detected UnsignedFile.Multi.Generic ( 1 )05:22:22.0905 0x0ce8 Object is SCO, delete is not allowed05:22:22.0905 0x0ce8 AudioSrv ( UnsignedFile.Multi.Generic ) - warning05:22:22.0967 0x0ce8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll05:22:23.0092 0x0ce8 AxInstSV - ok05:22:23.0170 0x0ce8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys05:22:23.0279 0x0ce8 b06bdrv - ok05:22:23.0342 0x0ce8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys05:22:23.0404 0x0ce8 b57nd60a - ok05:22:23.0466 0x0ce8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll05:22:23.0513 0x0ce8 BDESVC - ok05:22:23.0529 0x0ce8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys05:22:23.0622 0x0ce8 Beep - ok05:22:23.0716 0x0ce8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll05:22:23.0825 0x0ce8 BFE - ok05:22:23.0888 0x0ce8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\system32\qmgr.dll05:22:24.0044 0x0ce8 BITS - ok05:22:24.0090 0x0ce8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys05:22:24.0106 0x0ce8 blbdrive - ok05:22:24.0231 0x0ce8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe05:22:24.0262 0x0ce8 Bonjour Service - ok05:22:24.0340 0x0ce8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys05:22:24.0418 0x0ce8 bowser - ok05:22:24.0465 0x0ce8 [ AAA4F992F879977A000FE8B8C730CD2C, A109D3F7CA9D49B98FDA5CA34C60055690F72400CCC96D48076FA86086E4C74D ] BPntDrv C:\windows\system32\drivers\BPntDrv.sys05:22:24.0496 0x0ce8 BPntDrv - ok05:22:24.0543 0x0ce8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys05:22:24.0605 0x0ce8 BrFiltLo - ok05:22:24.0636 0x0ce8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys05:22:24.0668 0x0ce8 BrFiltUp - ok05:22:24.0730 0x0ce8 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys05:22:24.0824 0x0ce8 BridgeMP - ok05:22:24.0917 0x0ce8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll05:22:24.0995 0x0ce8 Browser - ok05:22:25.0026 0x0ce8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys05:22:25.0120 0x0ce8 Brserid - ok05:22:25.0136 0x0ce8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys05:22:25.0198 0x0ce8 BrSerWdm - ok05:22:25.0229 0x0ce8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys05:22:25.0276 0x0ce8 BrUsbMdm - ok05:22:25.0292 0x0ce8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys05:22:25.0323 0x0ce8 BrUsbSer - ok05:22:25.0385 0x0ce8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\drivers\BthEnum.sys05:22:25.0479 0x0ce8 BthEnum - ok05:22:25.0494 0x0ce8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys05:22:25.0557 0x0ce8 BTHMODEM - ok05:22:25.0588 0x0ce8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys05:22:25.0650 0x0ce8 BthPan - ok05:22:25.0760 0x0ce8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys05:22:25.0869 0x0ce8 BTHPORT - ok05:22:25.0931 0x0ce8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll05:22:26.0025 0x0ce8 bthserv - ok05:22:26.0056 0x0ce8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys05:22:26.0103 0x0ce8 BTHUSB - ok05:22:26.0165 0x0ce8 catchme - ok05:22:26.0228 0x0ce8 [ 555FA105C22B1616094EDAD1CBFB0551, 3DB8EB0F95589E8CC338AE033C314256296F0BF039B338CF023FE393CF80840C ] cbfs3 C:\windows\system32\DRIVERS\cbfs3.sys05:22:26.0290 0x0ce8 cbfs3 - ok05:22:26.0321 0x0ce8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys05:22:26.0384 0x0ce8 cdfs - ok05:22:26.0477 0x0ce8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys05:22:26.0524 0x0ce8 cdrom - ok05:22:26.0586 0x0ce8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll05:22:26.0664 0x0ce8 CertPropSvc - ok05:22:26.0696 0x0ce8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys05:22:26.0727 0x0ce8 circlass - ok05:22:26.0774 0x0ce8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys05:22:26.0820 0x0ce8 CLFS - ok05:22:26.0976 0x0ce8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe05:22:27.0023 0x0ce8 clr_optimization_v2.0.50727_32 - ok05:22:27.0070 0x0ce8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe05:22:27.0117 0x0ce8 clr_optimization_v2.0.50727_64 - ok05:22:27.0257 0x0ce8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe05:22:27.0413 0x0ce8 clr_optimization_v4.0.30319_32 - ok05:22:27.0460 0x0ce8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe05:22:27.0522 0x0ce8 clr_optimization_v4.0.30319_64 - ok05:22:27.0585 0x0ce8 [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\windows\system32\DRIVERS\clwvd.sys05:22:27.0600 0x0ce8 clwvd - ok05:22:27.0663 0x0ce8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys05:22:27.0725 0x0ce8 CmBatt - ok05:22:27.0756 0x0ce8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys05:22:27.0803 0x0ce8 cmdide - ok05:22:27.0912 0x0ce8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\windows\system32\Drivers\cng.sys05:22:27.0975 0x0ce8 CNG - ok05:22:28.0131 0x0ce8 [ A260BE645DD096D90318C8CF98536720, ACFDC643485AAAB40ABB3A00C8D9F2E962AF273B95118F0CD19FB8E93E8BF032 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys05:22:28.0224 0x0ce8 CnxtHdAudService - ok05:22:28.0302 0x0ce8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\drivers\compbatt.sys05:22:28.0334 0x0ce8 Compbatt - ok05:22:28.0365 0x0ce8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys05:22:28.0427 0x0ce8 CompositeBus - ok05:22:28.0443 0x0ce8 COMSysApp - ok05:22:28.0474 0x0ce8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys05:22:28.0490 0x0ce8 crcdisk - ok05:22:28.0568 0x0ce8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\windows\system32\cryptsvc.dll05:22:28.0646 0x0ce8 CryptSvc - ok05:22:28.0677 0x0ce8 [ F160B26B26BA4AFE8CECC12ED5AC231E, 8DA8921A40B67ACFC7E47A54870181CDA1866901A3E8B3A2393D7C006C6B3A42 ] CxAudMsg C:\windows\system32\CxAudMsg64.exe05:22:28.0724 0x0ce8 CxAudMsg - ok05:22:28.0786 0x0ce8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll05:22:28.0911 0x0ce8 DcomLaunch - ok05:22:28.0958 0x0ce8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll05:22:29.0067 0x0ce8 defragsvc - ok05:22:29.0098 0x0ce8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys05:22:29.0192 0x0ce8 DfsC - ok05:22:29.0254 0x0ce8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll05:22:29.0348 0x0ce8 Dhcp - ok05:22:29.0379 0x0ce8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys05:22:29.0441 0x0ce8 discache - ok05:22:29.0488 0x0ce8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\drivers\disk.sys05:22:29.0519 0x0ce8 Disk - ok05:22:29.0582 0x0ce8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll05:22:29.0660 0x0ce8 Dnscache - ok05:22:29.0738 0x0ce8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll05:22:29.0831 0x0ce8 dot3svc - ok05:22:29.0878 0x0ce8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll05:22:29.0972 0x0ce8 DPS - ok05:22:30.0050 0x0ce8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys05:22:30.0112 0x0ce8 drmkaud - ok05:22:30.0221 0x0ce8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys05:22:30.0299 0x0ce8 DXGKrnl - ok05:22:30.0362 0x0ce8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll05:22:30.0455 0x0ce8 EapHost - ok05:22:30.0892 0x0ce8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys05:22:31.0157 0x0ce8 ebdrv - ok05:22:31.0235 0x0ce8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\windows\System32\lsass.exe05:22:31.0298 0x0ce8 EFS - ok05:22:31.0625 0x0ce8 [ 2C1A297638E4319179A1112D4D6522B8, A5A9A82245D631EE50C9F5BF22C85B18E4BAABAB1C559E1833164578C2EC618F ] EgisTec Service C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe05:22:31.0672 0x0ce8 EgisTec Service - ok05:22:31.0781 0x0ce8 [ 0AC3BAA7DF250C76DD9BCFC51565CB5F, 018F0DABF6B948E39423CE899BEFC864240402D5F31B86BEAD655ABEF4AFAFC3 ] EgisTec Service Help C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe05:22:31.0828 0x0ce8 EgisTec Service Help - ok05:22:31.0875 0x0ce8 [ 7745AAFFB61438C28C75E18CE98D4E64, 236FFA327A6EC1DB952B23ECAAA4969241F15376D374CDFD39916E1C0882B216 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe05:22:31.0937 0x0ce8 EgisTec Ticket Service - ok05:22:31.0953 0x0ce8 [ 33708C6D915F8DE734CF3ABB0731515B, AE4FFC410C0A90C94C196E04DEACD0E707750D14DEC460D6DD79140320FE62B0 ] EgisTecFF C:\windows\system32\DRIVERS\EgisTecFF.sys05:22:31.0984 0x0ce8 EgisTecFF - ok05:22:32.0156 0x0ce8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe05:22:32.0265 0x0ce8 ehRecvr - ok05:22:32.0280 0x0ce8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe05:22:32.0343 0x0ce8 ehSched - ok05:22:32.0405 0x0ce8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys05:22:32.0468 0x0ce8 elxstor - ok05:22:32.0499 0x0ce8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys05:22:32.0561 0x0ce8 ErrDev - ok05:22:32.0655 0x0ce8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll05:22:32.0748 0x0ce8 EventSystem - ok05:22:32.0811 0x0ce8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys05:22:32.0904 0x0ce8 exfat - ok05:22:32.0936 0x0ce8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys05:22:33.0045 0x0ce8 fastfat - ok05:22:33.0154 0x0ce8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe05:22:33.0279 0x0ce8 Fax - ok05:22:33.0310 0x0ce8 [ 0BDD7984DB7AAFF6DFEFD11D82D473DB, 616B20DD438DA1F18949DD99513889D47A5773E7FD98776B61A2A654733C855E ] fbfmon C:\windows\system32\drivers\fbfmon.sys05:22:33.0341 0x0ce8 fbfmon - ok05:22:33.0388 0x0ce8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys05:22:33.0435 0x0ce8 fdc - ok05:22:33.0466 0x0ce8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll05:22:33.0560 0x0ce8 fdPHost - ok05:22:33.0591 0x0ce8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll05:22:33.0684 0x0ce8 FDResPub - ok05:22:33.0731 0x0ce8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys05:22:33.0762 0x0ce8 FileInfo - ok05:22:33.0778 0x0ce8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys05:22:33.0872 0x0ce8 Filetrace - ok05:22:33.0918 0x0ce8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys05:22:33.0950 0x0ce8 flpydisk - ok05:22:33.0981 0x0ce8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys05:22:34.0012 0x0ce8 FltMgr - ok05:22:34.0262 0x0ce8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\windows\system32\FntCache.dll05:22:34.0371 0x0ce8 FontCache - ok05:22:34.0464 0x0ce8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe05:22:34.0511 0x0ce8 FontCache3.0.0.0 - ok05:22:34.0542 0x0ce8 [ 721A1C957BD23829C6D2BE5C7CDC1012, 8ACCDC0B059032824BA1D52030CD7F3D8A3F4D90FCE5968E0094DC3F437C8385 ] FPSensor C:\windows\system32\Drivers\FPSensor.sys05:22:34.0574 0x0ce8 FPSensor - ok05:22:34.0620 0x0ce8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys05:22:34.0652 0x0ce8 FsDepends - ok05:22:34.0698 0x0ce8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys05:22:34.0730 0x0ce8 Fs_Rec - ok05:22:34.0808 0x0ce8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys05:22:34.0854 0x0ce8 fvevol - ok05:22:34.0901 0x0ce8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys05:22:34.0917 0x0ce8 gagp30kx - ok05:22:34.0964 0x0ce8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys05:22:34.0995 0x0ce8 GEARAspiWDM - ok05:22:35.0073 0x0ce8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll05:22:35.0182 0x0ce8 gpsvc - ok05:22:35.0276 0x0ce8 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe05:22:35.0291 0x0ce8 gupdate - ok05:22:35.0338 0x0ce8 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe05:22:35.0354 0x0ce8 gupdatem - ok05:22:35.0447 0x0ce8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys05:22:35.0510 0x0ce8 hcw85cir - ok05:22:35.0572 0x0ce8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys05:22:35.0666 0x0ce8 HdAudAddService - ok05:22:35.0697 0x0ce8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys05:22:35.0775 0x0ce8 HDAudBus - ok05:22:35.0806 0x0ce8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys05:22:35.0853 0x0ce8 HidBatt - ok05:22:35.0884 0x0ce8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys05:22:35.0962 0x0ce8 HidBth - ok05:22:36.0056 0x0ce8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys05:22:36.0087 0x0ce8 HidIr - ok05:22:36.0134 0x0ce8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\System32\hidserv.dll05:22:36.0227 0x0ce8 hidserv - ok05:22:36.0305 0x0ce8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys05:22:36.0336 0x0ce8 HidUsb - ok05:22:36.0430 0x0ce8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll05:22:36.0539 0x0ce8 hkmsvc - ok05:22:36.0586 0x0ce8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll05:22:36.0664 0x0ce8 HomeGroupListener - ok05:22:36.0695 0x0ce8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll05:22:36.0758 0x0ce8 HomeGroupProvider - ok05:22:36.0820 0x0ce8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys05:22:36.0836 0x0ce8 HpSAMD - ok05:22:36.0914 0x0ce8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\windows\system32\drivers\HTTP.sys05:22:37.0054 0x0ce8 HTTP - ok05:22:37.0085 0x0ce8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys05:22:37.0116 0x0ce8 hwpolicy - ok05:22:37.0163 0x0ce8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys05:22:37.0194 0x0ce8 i8042prt - ok05:22:37.0257 0x0ce8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys05:22:37.0319 0x0ce8 iaStorV - ok05:22:37.0444 0x0ce8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe05:22:37.0569 0x0ce8 idsvc - ok05:22:37.0600 0x0ce8 IEEtwCollectorService - ok05:22:37.0631 0x0ce8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys05:22:37.0662 0x0ce8 iirsp - ok05:22:37.0756 0x0ce8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll05:22:37.0865 0x0ce8 IKEEXT - ok05:22:37.0896 0x0ce8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys05:22:37.0928 0x0ce8 intelide - ok05:22:37.0974 0x0ce8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\drivers\intelppm.sys05:22:38.0037 0x0ce8 intelppm - ok05:22:38.0084 0x0ce8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll05:22:38.0177 0x0ce8 IPBusEnum - ok05:22:38.0208 0x0ce8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys05:22:38.0286 0x0ce8 IpFilterDriver - ok05:22:38.0396 0x0ce8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll05:22:38.0505 0x0ce8 iphlpsvc - ok05:22:38.0567 0x0ce8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys05:22:38.0614 0x0ce8 IPMIDRV - ok05:22:38.0645 0x0ce8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys05:22:38.0739 0x0ce8 IPNAT - ok05:22:38.0832 0x0ce8 [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe05:22:38.0895 0x0ce8 iPod Service - ok05:22:38.0942 0x0ce8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys05:22:39.0004 0x0ce8 IRENUM - ok05:22:39.0020 0x0ce8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys05:22:39.0035 0x0ce8 isapnp - ok05:22:39.0098 0x0ce8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys05:22:39.0144 0x0ce8 iScsiPrt - ok05:22:39.0191 0x0ce8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys05:22:39.0207 0x0ce8 kbdclass - ok05:22:39.0254 0x0ce8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys05:22:39.0300 0x0ce8 kbdhid - ok05:22:39.0347 0x0ce8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\windows\system32\lsass.exe05:22:39.0378 0x0ce8 KeyIso - ok05:22:39.0456 0x0ce8 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys05:22:39.0488 0x0ce8 KSecDD - ok05:22:39.0519 0x0ce8 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys05:22:39.0550 0x0ce8 KSecPkg - ok05:22:39.0581 0x0ce8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys05:22:39.0675 0x0ce8 ksthunk - ok05:22:39.0737 0x0ce8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll05:22:39.0862 0x0ce8 KtmRm - ok05:22:40.0127 0x0ce8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\System32\srvsvc.dll05:22:40.0236 0x0ce8 LanmanServer - ok05:22:40.0361 0x0ce8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll05:22:40.0470 0x0ce8 LanmanWorkstation - ok05:22:40.0642 0x0ce8 [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr C:\windows\system32\DRIVERS\LhdX64.sys05:22:40.0704 0x0ce8 LHDmgr - ok05:22:40.0892 0x0ce8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys05:22:41.0001 0x0ce8 lltdio - ok05:22:41.0126 0x0ce8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll05:22:41.0266 0x0ce8 lltdsvc - ok05:22:41.0313 0x0ce8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll05:22:41.0391 0x0ce8 lmhosts - ok05:22:41.0469 0x0ce8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys05:22:41.0500 0x0ce8 LSI_FC - ok05:22:41.0547 0x0ce8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys05:22:41.0562 0x0ce8 LSI_SAS - ok05:22:41.0609 0x0ce8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys05:22:41.0640 0x0ce8 LSI_SAS2 - ok05:22:41.0656 0x0ce8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys05:22:41.0687 0x0ce8 LSI_SCSI - ok05:22:41.0750 0x0ce8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys05:22:41.0843 0x0ce8 luafv - ok05:22:41.0890 0x0ce8 McAfee SiteAdvisor Service - ok05:22:42.0077 0x0ce8 [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe05:22:42.0155 0x0ce8 McComponentHostService - ok05:22:42.0186 0x0ce8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll05:22:42.0249 0x0ce8 Mcx2Svc - ok05:22:42.0264 0x0ce8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys05:22:42.0296 0x0ce8 megasas - ok05:22:42.0358 0x0ce8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys05:22:42.0405 0x0ce8 MegaSR - ok05:22:42.0467 0x0ce8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll05:22:42.0561 0x0ce8 MMCSS - ok05:22:42.0576 0x0ce8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys05:22:42.0670 0x0ce8 Modem - ok05:22:42.0701 0x0ce8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys05:22:42.0748 0x0ce8 monitor - ok05:22:42.0810 0x0ce8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys05:22:42.0826 0x0ce8 mouclass - ok05:22:42.0857 0x0ce8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys05:22:42.0920 0x0ce8 mouhid - ok05:22:43.0013 0x0ce8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\windows\system32\drivers\mountmgr.sys05:22:43.0029 0x0ce8 mountmgr - ok05:22:43.0107 0x0ce8 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe05:22:43.0138 0x0ce8 MozillaMaintenance - ok05:22:43.0216 0x0ce8 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys05:22:43.0263 0x0ce8 MpFilter - ok05:22:43.0310 0x0ce8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys05:22:43.0341 0x0ce8 mpio - ok05:22:43.0388 0x0ce8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys05:22:43.0466 0x0ce8 mpsdrv - ok05:22:43.0559 0x0ce8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll05:22:43.0715 0x0ce8 MpsSvc - ok05:22:43.0809 0x0ce8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\windows\system32\drivers\mrxdav.sys05:22:43.0871 0x0ce8 MRxDAV - ok05:22:43.0902 0x0ce8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys05:22:43.0980 0x0ce8 mrxsmb - ok05:22:44.0105 0x0ce8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys05:22:44.0168 0x0ce8 mrxsmb10 - ok05:22:44.0214 0x0ce8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys05:22:44.0246 0x0ce8 mrxsmb20 - ok05:22:44.0292 0x0ce8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys05:22:44.0339 0x0ce8 msahci - ok05:22:44.0402 0x0ce8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys05:22:44.0433 0x0ce8 msdsm - ok05:22:44.0448 0x0ce8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe05:22:44.0511 0x0ce8 MSDTC - ok05:22:44.0558 0x0ce8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys05:22:44.0636 0x0ce8 Msfs - ok05:22:44.0667 0x0ce8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys05:22:44.0760 0x0ce8 mshidkmdf - ok05:22:44.0792 0x0ce8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys05:22:44.0807 0x0ce8 msisadrv - ok05:22:44.0838 0x0ce8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll05:22:44.0932 0x0ce8 MSiSCSI - ok05:22:44.0948 0x0ce8 msiserver - ok05:22:44.0979 0x0ce8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys05:22:45.0088 0x0ce8 MSKSSRV - ok05:22:45.0197 0x0ce8 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe05:22:45.0228 0x0ce8 MsMpSvc - ok05:22:45.0275 0x0ce8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys05:22:45.0338 0x0ce8 MSPCLOCK - ok05:22:45.0353 0x0ce8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys05:22:45.0431 0x0ce8 MSPQM - ok05:22:45.0462 0x0ce8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys05:22:45.0540 0x0ce8 MsRPC - ok05:22:45.0556 0x0ce8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys05:22:45.0587 0x0ce8 mssmbios - ok05:22:45.0634 0x0ce8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys05:22:45.0712 0x0ce8 MSTEE - ok05:22:45.0743 0x0ce8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys05:22:45.0790 0x0ce8 MTConfig - ok05:22:45.0821 0x0ce8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys05:22:45.0852 0x0ce8 Mup - ok05:22:45.0884 0x0ce8 [ 9B1EAC6FAF6F37305E822F5588DC8056, AE0DC044159BB03EE8A39AE0682C8F6A78D89AD5A6192E7006D75850ECD50E9D ] mwlPSDFilter C:\windows\system32\DRIVERS\mwlPSDFilter.sys05:22:45.0915 0x0ce8 mwlPSDFilter - ok05:22:45.0946 0x0ce8 [ AD55C1524B296280ED9C6E0D730D35DA, 8E5F9652CFCB325E131CEB2E4871126EB6F940DF7894B2E7F8241F1EF69920ED ] mwlPSDNServ C:\windows\system32\DRIVERS\mwlPSDNServ.sys05:22:45.0977 0x0ce8 mwlPSDNServ - ok05:22:46.0008 0x0ce8 [ 2B599E6EC8843637BDD62E7F8F3BA201, 51EE657FC6CA4F2BCC24573B27379231EF30920A559423A860A278C59F4B9F98 ] mwlPSDVDisk C:\windows\system32\DRIVERS\mwlPSDVDisk.sys05:22:46.0024 0x0ce8 mwlPSDVDisk - ok05:22:46.0164 0x0ce8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll05:22:46.0274 0x0ce8 napagent - ok05:22:46.0352 0x0ce8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys05:22:46.0430 0x0ce8 NativeWifiP - ok05:22:46.0570 0x0ce8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys05:22:46.0664 0x0ce8 NDIS - ok05:22:46.0710 0x0ce8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys05:22:46.0788 0x0ce8 NdisCap - ok05:22:46.0851 0x0ce8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys05:22:46.0929 0x0ce8 NdisTapi - ok05:22:46.0976 0x0ce8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys05:22:47.0069 0x0ce8 Ndisuio - ok05:22:47.0116 0x0ce8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys05:22:47.0225 0x0ce8 NdisWan - ok05:22:47.0256 0x0ce8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys05:22:47.0319 0x0ce8 NDProxy - ok05:22:47.0381 0x0ce8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys05:22:47.0475 0x0ce8 NetBIOS - ok05:22:47.0568 0x0ce8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys05:22:47.0646 0x0ce8 NetBT - ok05:22:47.0709 0x0ce8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\windows\system32\lsass.exe05:22:47.0740 0x0ce8 Netlogon - ok05:22:47.0802 0x0ce8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll05:22:47.0912 0x0ce8 Netman - ok05:22:47.0990 0x0ce8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe05:22:48.0083 0x0ce8 NetMsmqActivator - ok05:22:48.0099 0x0ce8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe05:22:48.0130 0x0ce8 NetPipeActivator - ok05:22:48.0239 0x0ce8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll05:22:48.0364 0x0ce8 netprofm - ok05:22:48.0395 0x0ce8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe05:22:48.0426 0x0ce8 NetTcpActivator - ok05:22:48.0442 0x0ce8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe05:22:48.0473 0x0ce8 NetTcpPortSharing - ok05:22:48.0536 0x0ce8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys05:22:48.0567 0x0ce8 nfrd960 - ok05:22:48.0645 0x0ce8 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys05:22:48.0692 0x0ce8 NisDrv - ok05:22:48.0785 0x0ce8 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe05:22:48.0848 0x0ce8 NisSrv - ok05:22:48.0926 0x0ce8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\windows\System32\nlasvc.dll05:22:48.0988 0x0ce8 NlaSvc - ok05:22:49.0019 0x0ce8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys05:22:49.0097 0x0ce8 Npfs - ok05:22:49.0160 0x0ce8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll05:22:49.0238 0x0ce8 nsi - ok05:22:49.0269 0x0ce8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys05:22:49.0347 0x0ce8 nsiproxy - ok05:22:49.0690 0x0ce8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys05:22:49.0799 0x0ce8 Ntfs - ok05:22:49.0877 0x0ce8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys05:22:49.0971 0x0ce8 Null - ok05:22:50.0018 0x0ce8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys05:22:50.0049 0x0ce8 nvraid - ok05:22:50.0096 0x0ce8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys05:22:50.0127 0x0ce8 nvstor - ok05:22:50.0158 0x0ce8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys05:22:50.0189 0x0ce8 nv_agp - ok05:22:50.0205 0x0ce8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys05:22:50.0252 0x0ce8 ohci1394 - ok05:22:50.0376 0x0ce8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll05:22:50.0470 0x0ce8 p2pimsvc - ok05:22:50.0517 0x0ce8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll05:22:50.0579 0x0ce8 p2psvc - ok05:22:50.0626 0x0ce8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys05:22:50.0673 0x0ce8 Parport - ok05:22:50.0735 0x0ce8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys05:22:50.0766 0x0ce8 partmgr - ok05:22:50.0829 0x0ce8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\windows\System32\pcasvc.dll05:22:50.0891 0x0ce8 PcaSvc - ok05:22:50.0954 0x0ce8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys05:22:51.0000 0x0ce8 pci - ok05:22:51.0063 0x0ce8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys05:22:51.0094 0x0ce8 pciide - ok05:22:51.0125 0x0ce8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys05:22:51.0172 0x0ce8 pcmcia - ok05:22:51.0203 0x0ce8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys05:22:51.0234 0x0ce8 pcw - ok05:22:51.0468 0x0ce8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\windows\system32\drivers\peauth.sys05:22:51.0593 0x0ce8 PEAUTH - ok05:22:51.0874 0x0ce8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe05:22:51.0936 0x0ce8 PerfHost - ok05:22:52.0155 0x0ce8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll05:22:52.0311 0x0ce8 pla - ok05:22:52.0404 0x0ce8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll05:22:52.0514 0x0ce8 PlugPlay - ok05:22:52.0545 0x0ce8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll05:22:52.0592 0x0ce8 PNRPAutoReg - ok05:22:52.0638 0x0ce8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll05:22:52.0685 0x0ce8 PNRPsvc - ok05:22:52.0810 0x0ce8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll05:22:52.0935 0x0ce8 PolicyAgent - ok05:22:53.0013 0x0ce8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll05:22:53.0122 0x0ce8 Power - ok05:22:53.0200 0x0ce8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys05:22:53.0309 0x0ce8 PptpMiniport - ok05:22:53.0340 0x0ce8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys05:22:53.0387 0x0ce8 Processor - ok05:22:53.0465 0x0ce8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\windows\system32\profsvc.dll05:22:53.0590 0x0ce8 ProfSvc - ok05:22:53.0606 0x0ce8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe05:22:53.0637 0x0ce8 ProtectedStorage - ok05:22:53.0699 0x0ce8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys05:22:53.0808 0x0ce8 Psched - ok05:22:53.0964 0x0ce8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys05:22:54.0074 0x0ce8 ql2300 - ok05:22:54.0198 0x0ce8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys05:22:54.0230 0x0ce8 ql40xx - ok05:22:54.0292 0x0ce8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll05:22:54.0339 0x0ce8 QWAVE - ok05:22:54.0354 0x0ce8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys05:22:54.0432 0x0ce8 QWAVEdrv - ok05:22:54.0464 0x0ce8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys05:22:54.0557 0x0ce8 RasAcd - ok05:22:54.0604 0x0ce8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys05:22:54.0682 0x0ce8 RasAgileVpn - ok05:22:54.0744 0x0ce8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll05:22:54.0838 0x0ce8 RasAuto - ok05:22:54.0869 0x0ce8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys05:22:54.0963 0x0ce8 Rasl2tp - ok05:22:55.0056 0x0ce8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll05:22:55.0181 0x0ce8 RasMan - ok05:22:55.0212 0x0ce8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys05:22:55.0290 0x0ce8 RasPppoe - ok05:22:55.0337 0x0ce8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys05:22:55.0431 0x0ce8 RasSstp - ok05:22:55.0556 0x0ce8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys05:22:55.0665 0x0ce8 rdbss - ok05:22:55.0680 0x0ce8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys05:22:55.0727 0x0ce8 rdpbus - ok05:22:55.0790 0x0ce8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys05:22:55.0868 0x0ce8 RDPCDD - ok05:22:55.0914 0x0ce8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys05:22:56.0008 0x0ce8 RDPENCDD - ok05:22:56.0070 0x0ce8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys05:22:56.0148 0x0ce8 RDPREFMP - ok05:22:56.0226 0x0ce8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys05:22:56.0304 0x0ce8 RDPWD - ok05:22:56.0351 0x0ce8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys05:22:56.0382 0x0ce8 rdyboost - ok05:22:56.0445 0x0ce8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll05:22:56.0538 0x0ce8 RemoteAccess - ok05:22:56.0616 0x0ce8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll05:22:56.0694 0x0ce8 RemoteRegistry - ok05:22:56.0757 0x0ce8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys05:22:56.0819 0x0ce8 RFCOMM - ok05:22:56.0850 0x0ce8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll05:22:56.0960 0x0ce8 RpcEptMapper - ok05:22:56.0991 0x0ce8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe05:22:57.0053 0x0ce8 RpcLocator - ok05:22:57.0209 0x0ce8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll05:22:57.0303 0x0ce8 RpcSs - ok05:22:57.0365 0x0ce8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys05:22:57.0459 0x0ce8 rspndr - ok05:22:57.0521 0x0ce8 [ E54A5586A28D0630A79A68BBAB84BFCF, F6FBF1E4C64351CEB205DDCD17C35EA26439E98F3528F96AE326959A7C26B488 ] RSUSBVSTOR C:\windows\system32\Drivers\RtsUVStor.sys05:22:57.0584 0x0ce8 RSUSBVSTOR - ok05:22:57.0646 0x0ce8 [ 3372196F61AF48503656EF6AA3E92D1B, 47816E28E9DE9F9698A47D7C7782D2F9E62D51A7BC92F91F2B23F818C61F2020 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys05:22:57.0693 0x0ce8 RTL8167 - ok05:22:57.0724 0x0ce8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\windows\system32\lsass.exe05:22:57.0786 0x0ce8 SamSs - ok05:22:57.0833 0x0ce8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys05:22:57.0864 0x0ce8 sbp2port - ok05:22:57.0942 0x0ce8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll05:22:58.0036 0x0ce8 SCardSvr - ok05:22:58.0067 0x0ce8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys05:22:58.0161 0x0ce8 scfilter - ok05:22:58.0239 0x0ce8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll05:22:58.0395 0x0ce8 Schedule - ok05:22:58.0442 0x0ce8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll05:22:58.0520 0x0ce8 SCPolicySvc - ok05:22:58.0566 0x0ce8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll05:22:58.0660 0x0ce8 SDRSVC - ok05:22:58.0707 0x0ce8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys05:22:58.0800 0x0ce8 secdrv - ok05:22:58.0847 0x0ce8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll05:22:58.0910 0x0ce8 seclogon - ok05:22:58.0941 0x0ce8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\system32\sens.dll05:22:59.0034 0x0ce8 SENS - ok05:22:59.0066 0x0ce8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll05:22:59.0144 0x0ce8 SensrSvc - ok05:22:59.0159 0x0ce8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\drivers\serenum.sys05:22:59.0206 0x0ce8 Serenum - ok05:22:59.0268 0x0ce8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys05:22:59.0331 0x0ce8 Serial - ok05:22:59.0362 0x0ce8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys05:22:59.0409 0x0ce8 sermouse - ok Link to post Share on other sites More sharing options...
DanielOverInPennsylvania Posted October 27, 2014 Author ID:896986 Share Posted October 27, 2014 Second part of second log:05:22:59.0471 0x0ce8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll05:22:59.0565 0x0ce8 SessionEnv - ok05:22:59.0596 0x0ce8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys05:22:59.0627 0x0ce8 sffdisk - ok05:22:59.0627 0x0ce8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys05:22:59.0690 0x0ce8 sffp_mmc - ok05:22:59.0690 0x0ce8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys05:22:59.0736 0x0ce8 sffp_sd - ok05:22:59.0768 0x0ce8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys05:22:59.0830 0x0ce8 sfloppy - ok05:22:59.0877 0x0ce8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll05:22:59.0986 0x0ce8 SharedAccess - ok05:23:00.0080 0x0ce8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll05:23:00.0189 0x0ce8 ShellHWDetection - ok05:23:00.0220 0x0ce8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys05:23:00.0251 0x0ce8 SiSRaid2 - ok05:23:00.0267 0x0ce8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys05:23:00.0298 0x0ce8 SiSRaid4 - ok05:23:00.0329 0x0ce8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys05:23:00.0438 0x0ce8 Smb - ok05:23:00.0501 0x0ce8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe05:23:00.0532 0x0ce8 SNMPTRAP - ok05:23:00.0563 0x0ce8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys05:23:00.0594 0x0ce8 spldr - ok05:23:00.0672 0x0ce8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe05:23:00.0750 0x0ce8 Spooler - ok05:23:01.0109 0x0ce8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe05:23:01.0452 0x0ce8 sppsvc - ok05:23:01.0499 0x0ce8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll05:23:01.0577 0x0ce8 sppuinotify - ok05:23:01.0686 0x0ce8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys05:23:01.0796 0x0ce8 srv - ok05:23:01.0858 0x0ce8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys05:23:01.0936 0x0ce8 srv2 - ok05:23:01.0967 0x0ce8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys05:23:01.0998 0x0ce8 srvnet - ok05:23:02.0061 0x0ce8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll05:23:02.0186 0x0ce8 SSDPSRV - ok05:23:02.0201 0x0ce8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll05:23:02.0279 0x0ce8 SstpSvc - ok05:23:02.0326 0x0ce8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys05:23:02.0357 0x0ce8 stexstor - ok05:23:02.0529 0x0ce8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll05:23:02.0607 0x0ce8 stisvc - ok05:23:02.0638 0x0ce8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\DRIVERS\swenum.sys05:23:02.0654 0x0ce8 swenum - ok05:23:02.0778 0x0ce8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll05:23:02.0903 0x0ce8 swprv - ok05:23:03.0293 0x0ce8 [ 08425CD92972C6430F350A9697F4A553, F6DAA0EB637232BEA34B73AB1E59F55A6602F209A10529D486B8134AA002762D ] SynTP C:\windows\system32\DRIVERS\SynTP.sys05:23:03.0387 0x0ce8 SynTP - ok05:23:03.0668 0x0ce8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll05:23:03.0824 0x0ce8 SysMain - ok05:23:03.0855 0x0ce8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll05:23:03.0917 0x0ce8 TabletInputService - ok05:23:03.0980 0x0ce8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll05:23:04.0089 0x0ce8 TapiSrv - ok05:23:04.0120 0x0ce8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll05:23:04.0198 0x0ce8 TBS - ok05:23:04.0557 0x0ce8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys05:23:04.0682 0x0ce8 Tcpip - ok05:23:04.0806 0x0ce8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys05:23:04.0916 0x0ce8 TCPIP6 - ok05:23:04.0994 0x0ce8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys05:23:05.0009 0x0ce8 tcpipreg - ok05:23:05.0056 0x0ce8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys05:23:05.0134 0x0ce8 TDPIPE - ok05:23:05.0165 0x0ce8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys05:23:05.0212 0x0ce8 TDTCP - ok05:23:05.0259 0x0ce8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\windows\system32\DRIVERS\tdx.sys05:23:05.0337 0x0ce8 tdx - ok05:23:05.0368 0x0ce8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\DRIVERS\termdd.sys05:23:05.0399 0x0ce8 TermDD - ok05:23:05.0462 0x0ce8 [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\windows\System32\termsrv.dll05:23:05.0571 0x0ce8 TermService - ok05:23:05.0618 0x0ce8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll05:23:05.0649 0x0ce8 Themes - ok05:23:05.0680 0x0ce8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll05:23:05.0758 0x0ce8 THREADORDER - ok05:23:05.0805 0x0ce8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll05:23:05.0898 0x0ce8 TrkWks - ok05:23:05.0976 0x0ce8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe05:23:06.0054 0x0ce8 TrustedInstaller - ok05:23:06.0117 0x0ce8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys05:23:06.0148 0x0ce8 tssecsrv - ok05:23:06.0195 0x0ce8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys05:23:06.0226 0x0ce8 TsUsbFlt - ok05:23:06.0257 0x0ce8 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys05:23:06.0304 0x0ce8 TsUsbGD - ok05:23:06.0366 0x0ce8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys05:23:06.0429 0x0ce8 tunnel - ok05:23:06.0460 0x0ce8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys05:23:06.0491 0x0ce8 uagp35 - ok05:23:06.0538 0x0ce8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys05:23:06.0678 0x0ce8 udfs - ok05:23:06.0741 0x0ce8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe05:23:06.0772 0x0ce8 UI0Detect - ok05:23:06.0819 0x0ce8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys05:23:06.0834 0x0ce8 uliagpkx - ok05:23:06.0897 0x0ce8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys05:23:07.0240 0x0ce8 umbus - ok05:23:07.0287 0x0ce8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\drivers\umpass.sys05:23:07.0380 0x0ce8 UmPass - ok05:23:07.0427 0x0ce8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll05:23:07.0614 0x0ce8 upnphost - ok05:23:07.0677 0x0ce8 [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys05:23:07.0755 0x0ce8 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )05:23:07.0755 0x0ce8 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning05:23:07.0802 0x0ce8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys05:23:07.0864 0x0ce8 usbccgp - ok05:23:07.0958 0x0ce8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys05:23:08.0129 0x0ce8 usbcir - ok05:23:08.0238 0x0ce8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys05:23:08.0301 0x0ce8 usbehci - ok05:23:08.0441 0x0ce8 [ 573D192E268F0C5B486B7E96F661E538, 0F32BD82CA7B5D4DE234EFC6527EF4C854BD15B3057FE4A0151C70115493FFDC ] usbfilter C:\windows\system32\DRIVERS\usbfilter.sys05:23:08.0472 0x0ce8 usbfilter - ok05:23:08.0644 0x0ce8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys05:23:08.0706 0x0ce8 usbhub - ok05:23:08.0738 0x0ce8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\DRIVERS\usbohci.sys05:23:08.0784 0x0ce8 usbohci - ok05:23:08.0862 0x0ce8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\drivers\usbprint.sys05:23:08.0972 0x0ce8 usbprint - ok05:23:09.0050 0x0ce8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS05:23:09.0159 0x0ce8 USBSTOR - ok05:23:09.0221 0x0ce8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys05:23:09.0252 0x0ce8 usbuhci - ok05:23:09.0377 0x0ce8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys05:23:09.0892 0x0ce8 usbvideo - ok05:23:09.0970 0x0ce8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll05:23:10.0064 0x0ce8 UxSms - ok05:23:10.0812 0x0ce8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\windows\system32\lsass.exe05:23:10.0844 0x0ce8 VaultSvc - ok05:23:10.0906 0x0ce8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys05:23:10.0937 0x0ce8 vdrvroot - ok05:23:11.0031 0x0ce8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe05:23:11.0171 0x0ce8 vds - ok05:23:11.0234 0x0ce8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys05:23:11.0280 0x0ce8 vga - ok05:23:11.0296 0x0ce8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys05:23:11.0358 0x0ce8 VgaSave - ok05:23:11.0499 0x0ce8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys05:23:11.0608 0x0ce8 vhdmp - ok05:23:11.0686 0x0ce8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys05:23:11.0702 0x0ce8 viaide - ok05:23:11.0951 0x0ce8 [ 2355B35BF277965EFA3DAE43B7D78239, F75D1F4B9CCB63121F2030E0DE0CC05475DEA90E45F223BA58CFEED63CB2AD7D ] vm331avs C:\windows\system32\Drivers\vm331avs.sys05:23:12.0014 0x0ce8 vm331avs - ok05:23:12.0060 0x0ce8 [ 40C39413A2458016FF43444750F467CA, 7753B8C622F15D851FC65851586E8C0FDDD0B00D66C54C5222BB1BD06DCD2A90 ] vmuvcflt C:\windows\system32\Drivers\vmuvcflt.sys05:23:12.0092 0x0ce8 vmuvcflt - ok05:23:12.0123 0x0ce8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys05:23:12.0154 0x0ce8 volmgr - ok05:23:12.0185 0x0ce8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys05:23:12.0263 0x0ce8 volmgrx - ok05:23:12.0310 0x0ce8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys05:23:12.0357 0x0ce8 volsnap - ok05:23:12.0435 0x0ce8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys05:23:12.0466 0x0ce8 vsmraid - ok05:23:12.0575 0x0ce8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe05:23:12.0825 0x0ce8 VSS - ok05:23:12.0872 0x0ce8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys05:23:12.0934 0x0ce8 vwifibus - ok05:23:13.0012 0x0ce8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys05:23:13.0074 0x0ce8 vwififlt - ok05:23:13.0168 0x0ce8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll05:23:13.0277 0x0ce8 W32Time - ok05:23:13.0324 0x0ce8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys05:23:13.0371 0x0ce8 WacomPen - ok05:23:13.0449 0x0ce8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys05:23:13.0636 0x0ce8 WANARP - ok05:23:13.0745 0x0ce8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys05:23:13.0823 0x0ce8 Wanarpv6 - ok05:23:14.0135 0x0ce8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe05:23:14.0229 0x0ce8 WatAdminSvc - ok05:23:14.0603 0x0ce8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe05:23:14.0978 0x0ce8 wbengine - ok05:23:15.0071 0x0ce8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll05:23:15.0134 0x0ce8 WbioSrvc - ok05:23:15.0227 0x0ce8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll05:23:15.0383 0x0ce8 wcncsvc - ok05:23:15.0430 0x0ce8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll05:23:15.0648 0x0ce8 WcsPlugInService - ok05:23:15.0758 0x0ce8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys05:23:15.0820 0x0ce8 Wd - ok05:23:15.0945 0x0ce8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys05:23:16.0070 0x0ce8 Wdf01000 - ok05:23:16.0116 0x0ce8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\windows\system32\wdi.dll05:23:17.0957 0x0ce8 WdiServiceHost - ok05:23:18.0082 0x0ce8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\windows\system32\wdi.dll05:23:18.0129 0x0ce8 WdiSystemHost - ok05:23:18.0269 0x0ce8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll05:23:18.0316 0x0ce8 WebClient - ok05:23:18.0425 0x0ce8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll05:23:18.0534 0x0ce8 Wecsvc - ok05:23:18.0581 0x0ce8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll05:23:18.0675 0x0ce8 wercplsupport - ok05:23:18.0737 0x0ce8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll05:23:18.0846 0x0ce8 WerSvc - ok05:23:18.0956 0x0ce8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys05:23:19.0205 0x0ce8 WfpLwf - ok05:23:19.0283 0x0ce8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys05:23:19.0346 0x0ce8 WIMMount - ok05:23:19.0439 0x0ce8 WinDefend - ok05:23:19.0470 0x0ce8 WinHttpAutoProxySvc - ok05:23:19.0580 0x0ce8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll05:23:19.0658 0x0ce8 Winmgmt - ok05:23:19.0814 0x0ce8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\windows\system32\WsmSvc.dll05:23:20.0126 0x0ce8 WinRM - ok05:23:20.0375 0x0ce8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys05:23:20.0422 0x0ce8 WinUsb - ok05:23:20.0516 0x0ce8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll05:23:20.0625 0x0ce8 Wlansvc - ok05:23:20.0703 0x0ce8 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe05:23:20.0750 0x0ce8 wlcrasvc - ok05:23:21.0186 0x0ce8 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE05:23:21.0327 0x0ce8 wlidsvc - ok05:23:21.0389 0x0ce8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys05:23:21.0420 0x0ce8 WmiAcpi - ok05:23:21.0467 0x0ce8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe05:23:21.0530 0x0ce8 wmiApSrv - ok05:23:21.0608 0x0ce8 WMPNetworkSvc - ok05:23:21.0686 0x0ce8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll05:23:21.0732 0x0ce8 WPCSvc - ok05:23:21.0764 0x0ce8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll05:23:21.0795 0x0ce8 WPDBusEnum - ok05:23:21.0826 0x0ce8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys05:23:21.0935 0x0ce8 ws2ifsl - ok05:23:21.0982 0x0ce8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\system32\wscsvc.dll05:23:22.0076 0x0ce8 wscsvc - ok05:23:22.0091 0x0ce8 WSearch - ok05:23:22.0169 0x0ce8 [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd C:\windows\system32\DRIVERS\wsvd.sys05:23:22.0216 0x0ce8 wsvd - ok05:23:22.0466 0x0ce8 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\windows\system32\wuaueng.dll05:23:22.0622 0x0ce8 wuauserv - ok05:23:22.0684 0x0ce8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys05:23:22.0793 0x0ce8 WudfPf - ok05:23:22.0871 0x0ce8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys05:23:22.0934 0x0ce8 WUDFRd - ok05:23:22.0980 0x0ce8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll05:23:23.0043 0x0ce8 wudfsvc - ok05:23:23.0121 0x0ce8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll05:23:23.0277 0x0ce8 WwanSvc - ok05:23:23.0308 0x0ce8 ================ Scan global ===============================05:23:23.0370 0x0ce8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll05:23:23.0448 0x0ce8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll05:23:23.0495 0x0ce8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll05:23:23.0526 0x0ce8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll05:23:23.0589 0x0ce8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe05:23:23.0604 0x0ce8 [ Global ] - ok05:23:23.0620 0x0ce8 ================ Scan MBR ==================================05:23:23.0620 0x0ce8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR005:23:24.0509 0x0ce8 \Device\Harddisk0\DR0 - ok05:23:24.0525 0x0ce8 ================ Scan VBR ==================================05:23:24.0556 0x0ce8 [ 170398DEE109F8922748288FDB48254F ] \Device\Harddisk0\DR0\Partition105:23:24.0556 0x0ce8 \Device\Harddisk0\DR0\Partition1 - ok05:23:24.0572 0x0ce8 [ A641E6649CB791B1C1A1B148D95F4F3D ] \Device\Harddisk0\DR0\Partition205:23:24.0587 0x0ce8 \Device\Harddisk0\DR0\Partition2 - ok05:23:24.0618 0x0ce8 [ 713321401AE339804DC8128F2481769E ] \Device\Harddisk0\DR0\Partition305:23:24.0618 0x0ce8 \Device\Harddisk0\DR0\Partition3 - ok05:23:24.0634 0x0ce8 ================ Scan active images ========================05:23:24.0634 0x0ce8 [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys05:23:24.0634 0x0ce8 C:\Windows\System32\drivers\crashdmp.sys - ok05:23:24.0650 0x0ce8 [ CC3021D064EB6D3C2F949530E2B0BA47, 3BEFF55082E742454283CC963624B3E11EE0BB4AA8B605D8F26CCCDB9FF4AE38 ] C:\Windows\System32\drivers\amdsata.sys05:23:24.0650 0x0ce8 C:\Windows\System32\drivers\amdsata.sys - ok05:23:24.0665 0x0ce8 [ B3222734D80013D2C73841B0C549FA63, F712A301B74F4E55E37189B989E02E845B15BFAF70749DA4000DA26E40CCFC90 ] C:\Windows\System32\drivers\Diskdump.sys05:23:24.0665 0x0ce8 C:\Windows\System32\drivers\Diskdump.sys - ok05:23:24.0665 0x0ce8 [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys05:23:24.0665 0x0ce8 C:\Windows\System32\drivers\dumpfve.sys - ok05:23:24.0681 0x0ce8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys05:23:24.0681 0x0ce8 C:\Windows\System32\drivers\cdrom.sys - ok05:23:24.0696 0x0ce8 [ 33708C6D915F8DE734CF3ABB0731515B, AE4FFC410C0A90C94C196E04DEACD0E707750D14DEC460D6DD79140320FE62B0 ] C:\Windows\System32\drivers\EgisTecFF.sys05:23:24.0696 0x0ce8 C:\Windows\System32\drivers\EgisTecFF.sys - ok05:23:24.0712 0x0ce8 [ 9B1EAC6FAF6F37305E822F5588DC8056, AE0DC044159BB03EE8A39AE0682C8F6A78D89AD5A6192E7006D75850ECD50E9D ] C:\Windows\System32\drivers\mwlPSDFilter.sys05:23:24.0712 0x0ce8 C:\Windows\System32\drivers\mwlPSDFilter.sys - ok05:23:24.0712 0x0ce8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys05:23:24.0712 0x0ce8 C:\Windows\System32\drivers\beep.sys - ok05:23:24.0728 0x0ce8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys05:23:24.0728 0x0ce8 C:\Windows\System32\drivers\null.sys - ok05:23:24.0743 0x0ce8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys05:23:24.0743 0x0ce8 C:\Windows\System32\drivers\vga.sys - ok05:23:24.0759 0x0ce8 [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys05:23:24.0759 0x0ce8 C:\Windows\System32\drivers\videoprt.sys - ok05:23:24.0759 0x0ce8 [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys05:23:24.0774 0x0ce8 C:\Windows\System32\drivers\watchdog.sys - ok05:23:24.0774 0x0ce8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys05:23:24.0774 0x0ce8 C:\Windows\System32\drivers\RDPCDD.sys - ok05:23:24.0790 0x0ce8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys05:23:24.0790 0x0ce8 C:\Windows\System32\drivers\RDPENCDD.sys - ok05:23:24.0806 0x0ce8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys05:23:24.0806 0x0ce8 C:\Windows\System32\drivers\RDPREFMP.sys - ok05:23:24.0806 0x0ce8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys05:23:24.0806 0x0ce8 C:\Windows\System32\drivers\msfs.sys - ok05:23:24.0821 0x0ce8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys05:23:24.0821 0x0ce8 C:\Windows\System32\drivers\npfs.sys - ok05:23:24.0837 0x0ce8 [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys05:23:24.0837 0x0ce8 C:\Windows\System32\drivers\tdi.sys - ok05:23:24.0837 0x0ce8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys05:23:24.0837 0x0ce8 C:\Windows\System32\drivers\tdx.sys - ok05:23:24.0852 0x0ce8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys05:23:24.0852 0x0ce8 C:\Windows\System32\drivers\netbt.sys - ok05:23:24.0868 0x0ce8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] C:\Windows\System32\drivers\afd.sys05:23:24.0868 0x0ce8 C:\Windows\System32\drivers\afd.sys - ok05:23:24.0884 0x0ce8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys05:23:24.0884 0x0ce8 C:\Windows\System32\drivers\pacer.sys - ok05:23:24.0899 0x0ce8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys05:23:24.0899 0x0ce8 C:\Windows\System32\drivers\wfplwf.sys - ok05:23:24.0899 0x0ce8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] C:\Windows\System32\drivers\ws2ifsl.sys05:23:24.0899 0x0ce8 C:\Windows\System32\drivers\ws2ifsl.sys - ok05:23:24.0915 0x0ce8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys05:23:24.0915 0x0ce8 C:\Windows\System32\drivers\netbios.sys - ok05:23:24.0930 0x0ce8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] C:\Windows\System32\drivers\vwififlt.sys05:23:24.0930 0x0ce8 C:\Windows\System32\drivers\vwififlt.sys - ok05:23:24.0946 0x0ce8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys05:23:24.0946 0x0ce8 C:\Windows\System32\drivers\termdd.sys - ok05:23:24.0946 0x0ce8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys05:23:24.0946 0x0ce8 C:\Windows\System32\drivers\wanarp.sys - ok05:23:24.0962 0x0ce8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys05:23:24.0962 0x0ce8 C:\Windows\System32\drivers\rdbss.sys - ok05:23:24.0977 0x0ce8 [ 2B599E6EC8843637BDD62E7F8F3BA201, 51EE657FC6CA4F2BCC24573B27379231EF30920A559423A860A278C59F4B9F98 ] C:\Windows\System32\drivers\mwlPSDVDisk.sys05:23:24.0977 0x0ce8 C:\Windows\System32\drivers\mwlPSDVDisk.sys - ok05:23:24.0993 0x0ce8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys05:23:24.0993 0x0ce8 C:\Windows\System32\drivers\nsiproxy.sys - ok05:23:24.0993 0x0ce8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys05:23:24.0993 0x0ce8 C:\Windows\System32\drivers\discache.sys - ok05:23:25.0008 0x0ce8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys05:23:25.0008 0x0ce8 C:\Windows\System32\drivers\mssmbios.sys - ok05:23:25.0024 0x0ce8 [ AD55C1524B296280ED9C6E0D730D35DA, 8E5F9652CFCB325E131CEB2E4871126EB6F940DF7894B2E7F8241F1EF69920ED ] C:\Windows\System32\drivers\mwlPSDNserv.sys05:23:25.0024 0x0ce8 C:\Windows\System32\drivers\mwlPSDNserv.sys - ok05:23:25.0040 0x0ce8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys05:23:25.0040 0x0ce8 C:\Windows\System32\drivers\dfsc.sys - ok05:23:25.0055 0x0ce8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys05:23:25.0055 0x0ce8 C:\Windows\System32\drivers\blbdrive.sys - ok05:23:25.0071 0x0ce8 [ B1DADC050C697C6371590389EDF89A95, B3C78EE0C1027EB62DC32E6889F0C146FD1299A4731A9AFAD43F54AF66EBD558 ] C:\Windows\System32\drivers\BootVid.dll05:23:25.0071 0x0ce8 C:\Windows\System32\drivers\BootVid.dll - ok05:23:25.0086 0x0ce8 [ AAA4F992F879977A000FE8B8C730CD2C, A109D3F7CA9D49B98FDA5CA34C60055690F72400CCC96D48076FA86086E4C74D ] C:\Windows\System32\drivers\BPntDrv.sys05:23:25.0086 0x0ce8 C:\Windows\System32\drivers\BPntDrv.sys - ok05:23:25.0086 0x0ce8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys05:23:25.0086 0x0ce8 C:\Windows\System32\drivers\tunnel.sys - ok05:23:25.0102 0x0ce8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] C:\Windows\System32\drivers\amdppm.sys05:23:25.0102 0x0ce8 C:\Windows\System32\drivers\amdppm.sys - ok05:23:25.0118 0x0ce8 [ 51F027DFFEDFB8D763FABFFA06B56E6D, 85C6173B910E90C399A0AE3000C6527E390B72B8550618FA91D4E979793DB19C ] C:\Windows\System32\drivers\atikmpag.sys05:23:25.0118 0x0ce8 C:\Windows\System32\drivers\atikmpag.sys - ok05:23:25.0133 0x0ce8 [ F0970A4BC8395659C22BF53D0FADF16F, 23BE3066D89A5ACBF8130899640D377476E78B6C3D19E2D13C32238464A83E21 ] C:\Windows\System32\smss.exe05:23:25.0133 0x0ce8 C:\Windows\System32\smss.exe - ok05:23:25.0133 0x0ce8 [ CAAAC014C5C56A69F710B5F1B836DE22, DA98EF2EBF9A7F180344A88CC2C74F69101E17BBAB58B1C46176FD6EE7AA2E6A ] C:\Windows\System32\ntdll.dll05:23:25.0133 0x0ce8 C:\Windows\System32\ntdll.dll - ok05:23:25.0149 0x0ce8 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe05:23:25.0149 0x0ce8 C:\Windows\System32\autochk.exe - ok05:23:25.0164 0x0ce8 [ 62DDF55680F8C53E4B8DDE4189ADA0B8, 0840DC0F30430C708896859ABEFEBB9802EE6544F0BEE7C16EFCBC991B49C43C ] C:\Windows\System32\drivers\atikmdag.sys05:23:25.0164 0x0ce8 C:\Windows\System32\drivers\atikmdag.sys - ok05:23:25.0180 0x0ce8 [ 796B47A4B82EF1C39F13435B88834C48, AFC3E89476BAAD8A71663F0DB8D15E00FF9D131F1306A2F69D728E3AD1184602 ] C:\Windows\System32\lpk.dll05:23:25.0180 0x0ce8 C:\Windows\System32\lpk.dll - ok05:23:25.0180 0x0ce8 [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll05:23:25.0180 0x0ce8 C:\Windows\System32\msctf.dll - ok05:23:25.0196 0x0ce8 [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll05:23:25.0196 0x0ce8 C:\Windows\System32\sechost.dll - ok05:23:25.0211 0x0ce8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] C:\Windows\System32\drivers\dxgkrnl.sys05:23:25.0211 0x0ce8 C:\Windows\System32\drivers\dxgkrnl.sys - ok05:23:25.0227 0x0ce8 [ 1F04CFB79DD5FB7694468CE3FB3DCC31, A40C0BF6D1EC6C4281611A830EA7B22FEF523A3E197E5A8F59332D64E90376B6 ] C:\Windows\System32\drivers\dxgmms1.sys05:23:25.0227 0x0ce8 C:\Windows\System32\drivers\dxgmms1.sys - ok05:23:25.0227 0x0ce8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] C:\Windows\System32\drivers\GEARAspiWDM.sys05:23:25.0227 0x0ce8 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok05:23:25.0258 0x0ce8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys05:23:25.0258 0x0ce8 C:\Windows\System32\drivers\hdaudbus.sys - ok05:23:25.0258 0x0ce8 [ 12FEB33791920678F8433701C822BCFD, 7D1AD944CF0532D5AF951ACCE064EA9288F068964603674854CD7658D2B96039 ] C:\Windows\System32\drivers\usbport.sys05:23:25.0258 0x0ce8 C:\Windows\System32\drivers\usbport.sys - ok05:23:25.0274 0x0ce8 [ 573D192E268F0C5B486B7E96F661E538, 0F32BD82CA7B5D4DE234EFC6527EF4C854BD15B3057FE4A0151C70115493FFDC ] C:\Windows\System32\drivers\usbfilter.sys05:23:25.0274 0x0ce8 C:\Windows\System32\drivers\usbfilter.sys - ok05:23:25.0289 0x0ce8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] C:\Windows\System32\drivers\usbohci.sys05:23:25.0289 0x0ce8 C:\Windows\System32\drivers\usbohci.sys - ok05:23:25.0289 0x0ce8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] C:\Windows\System32\drivers\CmBatt.sys05:23:25.0289 0x0ce8 C:\Windows\System32\drivers\CmBatt.sys - ok05:23:25.0305 0x0ce8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] C:\Windows\System32\drivers\usbehci.sys05:23:25.0305 0x0ce8 C:\Windows\System32\drivers\usbehci.sys - ok05:23:25.0320 0x0ce8 [ 5BBFF8B826EC38D32C26334E079C7EFC, 673D46409F0225A804B55FFB77E82AF34F8C7A93BEEF92DC3DFAC7EFCC5F09B6 ] C:\Windows\System32\drivers\AcpiVpc.sys05:23:25.0320 0x0ce8 C:\Windows\System32\drivers\AcpiVpc.sys - ok05:23:25.0336 0x0ce8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] C:\Windows\System32\drivers\i8042prt.sys05:23:25.0336 0x0ce8 C:\Windows\System32\drivers\i8042prt.sys - ok05:23:25.0336 0x0ce8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys05:23:25.0336 0x0ce8 C:\Windows\System32\drivers\kbdclass.sys - ok05:23:25.0352 0x0ce8 [ FFA06EF43987ED0DD42AD59B260C0C78, 260518D5E077E55E0F2099037DBEFA93016FD4D4655456DDB3147AF9CBE7BF6B ] C:\Windows\System32\drivers\usbd.sys05:23:25.0352 0x0ce8 C:\Windows\System32\drivers\usbd.sys - ok05:23:25.0367 0x0ce8 [ 08425CD92972C6430F350A9697F4A553, F6DAA0EB637232BEA34B73AB1E59F55A6602F209A10529D486B8134AA002762D ] C:\Windows\System32\drivers\SynTP.sys05:23:25.0367 0x0ce8 C:\Windows\System32\drivers\SynTP.sys - ok05:23:25.0383 0x0ce8 [ 63A580C88CFAF72A92550940054569EF, A66C89123D1833446ACC31D5CF536B0D0EC24D2F805C022A637596CF98429D9F ] C:\Windows\System32\advapi32.dll05:23:25.0383 0x0ce8 C:\Windows\System32\advapi32.dll - ok05:23:25.0383 0x0ce8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys05:23:25.0383 0x0ce8 C:\Windows\System32\drivers\mouclass.sys - ok05:23:25.0398 0x0ce8 [ 3372196F61AF48503656EF6AA3E92D1B, 47816E28E9DE9F9698A47D7C7782D2F9E62D51A7BC92F91F2B23F818C61F2020 ] C:\Windows\System32\drivers\Rt64win7.sys05:23:25.0398 0x0ce8 C:\Windows\System32\drivers\Rt64win7.sys - ok05:23:25.0414 0x0ce8 [ CC406DA84E7DD3FA3AD20340DBC66CF2, 295F02AA66A3E7879329DC18A741021923C7B389AD8AC6C25A07CAAD6D9CAD33 ] C:\Windows\System32\drivers\athrx.sys05:23:25.0414 0x0ce8 C:\Windows\System32\drivers\athrx.sys - ok05:23:25.0430 0x0ce8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys05:23:25.0430 0x0ce8 C:\Windows\System32\drivers\CompositeBus.sys - ok05:23:25.0445 0x0ce8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] C:\Windows\System32\drivers\vwifibus.sys05:23:25.0445 0x0ce8 C:\Windows\System32\drivers\vwifibus.sys - ok05:23:25.0445 0x0ce8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] C:\Windows\System32\drivers\wmiacpi.sys05:23:25.0445 0x0ce8 C:\Windows\System32\drivers\wmiacpi.sys - ok05:23:25.0461 0x0ce8 [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys05:23:25.0461 0x0ce8 C:\Windows\System32\drivers\ks.sys - ok05:23:25.0476 0x0ce8 [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] C:\Windows\System32\drivers\clwvd.sys05:23:25.0476 0x0ce8 C:\Windows\System32\drivers\clwvd.sys - ok05:23:25.0492 0x0ce8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys05:23:25.0492 0x0ce8 C:\Windows\System32\drivers\ksthunk.sys - ok05:23:25.0508 0x0ce8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys05:23:25.0508 0x0ce8 C:\Windows\System32\drivers\agilevpn.sys - ok05:23:25.0508 0x0ce8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys05:23:25.0508 0x0ce8 C:\Windows\System32\drivers\ndistapi.sys - ok05:23:25.0523 0x0ce8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys05:23:25.0523 0x0ce8 C:\Windows\System32\drivers\rasl2tp.sys - ok05:23:25.0539 0x0ce8 [ D2A513EE880D71BDE7F0257F38B9D019, 7BDBFEA312061C0498E4C09EF5E4B3AAA23309E7448028F67EAA6F8F7188E871 ] C:\Windows\System32\kernel32.dll05:23:25.0539 0x0ce8 C:\Windows\System32\kernel32.dll - ok05:23:25.0539 0x0ce8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys05:23:25.0539 0x0ce8 C:\Windows\System32\drivers\ndiswan.sys - ok05:23:25.0554 0x0ce8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys05:23:25.0554 0x0ce8 C:\Windows\System32\drivers\raspppoe.sys - ok05:23:25.0570 0x0ce8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys05:23:25.0570 0x0ce8 C:\Windows\System32\drivers\raspptp.sys - ok05:23:25.0586 0x0ce8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys05:23:25.0586 0x0ce8 C:\Windows\System32\drivers\rassstp.sys - ok05:23:25.0601 0x0ce8 [ 555FA105C22B1616094EDAD1CBFB0551, 3DB8EB0F95589E8CC338AE033C314256296F0BF039B338CF023FE393CF80840C ] C:\Windows\System32\drivers\cbfs3.sys05:23:25.0601 0x0ce8 C:\Windows\System32\drivers\cbfs3.sys - ok05:23:25.0617 0x0ce8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys05:23:25.0617 0x0ce8 C:\Windows\System32\drivers\swenum.sys - ok05:23:25.0617 0x0ce8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys05:23:25.0617 0x0ce8 C:\Windows\System32\drivers\umbus.sys - ok05:23:25.0632 0x0ce8 [ 0F5A279522FA6A30C9C5A297A1064933, 875F9B983295B0ACB3080BA8C4587C055393F6E8C95F4237BF60297C4D16940A ] C:\Windows\System32\urlmon.dll05:23:25.0632 0x0ce8 C:\Windows\System32\urlmon.dll - ok05:23:25.0648 0x0ce8 [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll05:23:25.0648 0x0ce8 C:\Windows\System32\user32.dll - ok05:23:25.0664 0x0ce8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] C:\Windows\System32\drivers\usbhub.sys05:23:25.0664 0x0ce8 C:\Windows\System32\drivers\usbhub.sys - ok05:23:25.0664 0x0ce8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys05:23:25.0664 0x0ce8 C:\Windows\System32\drivers\ndproxy.sys - ok05:23:25.0679 0x0ce8 [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll05:23:25.0679 0x0ce8 C:\Windows\System32\normaliz.dll - ok05:23:25.0695 0x0ce8 [ E0D3CD5841E5C7BE7B94BA946AF1E498, 4EAE1B226255623DA41A047633994D6902F6D4CA5757BF5D85E227378336227F ] C:\Windows\System32\drivers\drmk.sys05:23:25.0695 0x0ce8 C:\Windows\System32\drivers\drmk.sys - ok05:23:25.0695 0x0ce8 [ 1E0B4CBBA91C6B041A14ECC2186F7E24, 63039A317F906454A0652704DA2D646658A148B9B55BFB5D2F4B27997F357DF9 ] C:\Windows\System32\drivers\portcls.sys05:23:25.0695 0x0ce8 C:\Windows\System32\drivers\portcls.sys - ok05:23:25.0710 0x0ce8 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll05:23:25.0710 0x0ce8 C:\Windows\System32\setupapi.dll - ok05:23:25.0726 0x0ce8 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47, 172240231981162F67DD2CF13C6D8C807EFFCE9C24B476F2942BC3E1F41C1A71 ] C:\Windows\System32\drivers\AtihdW76.sys05:23:25.0726 0x0ce8 C:\Windows\System32\drivers\AtihdW76.sys - ok05:23:25.0742 0x0ce8 [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll05:23:25.0742 0x0ce8 C:\Windows\System32\ole32.dll - ok05:23:25.0742 0x0ce8 [ A260BE645DD096D90318C8CF98536720, ACFDC643485AAAB40ABB3A00C8D9F2E962AF273B95118F0CD19FB8E93E8BF032 ] C:\Windows\System32\drivers\CHDRT64.sys05:23:25.0742 0x0ce8 C:\Windows\System32\drivers\CHDRT64.sys - ok05:23:25.0757 0x0ce8 [ 9D98D4F390F0B14A782F3B931E613A1A, DF11CA01EC78076072A6283DED5A9B8EDF6DD56C5D1D4A0C61773D9CF61F2E4E ] C:\Windows\System32\wininet.dll05:23:25.0757 0x0ce8 C:\Windows\System32\wininet.dll - ok05:23:25.0773 0x0ce8 [ 088CF6AFCD5CDD44E40C0ACDE3C1A5E0, AC6AFCAE3A58AAABC972B3D6A1ED383A59910C689F38D9D4A059A0A535BA1039 ] C:\Windows\System32\usp10.dll05:23:25.0773 0x0ce8 C:\Windows\System32\usp10.dll - ok05:23:25.0788 0x0ce8 [ AE57F6C7AB3ED244B5F14151C4EA0057, 60BAF0909C60B2387E2972EBBC77140E9E982549F0746EE26AF4EFB4E9FD77A4 ] C:\Windows\System32\shell32.dll05:23:25.0788 0x0ce8 C:\Windows\System32\shell32.dll - ok05:23:25.0788 0x0ce8 [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll05:23:25.0788 0x0ce8 C:\Windows\System32\nsi.dll - ok05:23:25.0804 0x0ce8 [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll05:23:25.0804 0x0ce8 C:\Windows\System32\ws2_32.dll - ok05:23:25.0820 0x0ce8 [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll05:23:25.0820 0x0ce8 C:\Windows\System32\difxapi.dll - ok05:23:25.0835 0x0ce8 [ B4F29F65AD3114051F01E9403346047F, 7EB58545211C51E95B3F45C47C1F7CCE05B707D168E7C20F46D36E19EE3D8DFC ] C:\Windows\System32\imagehlp.dll05:23:25.0835 0x0ce8 C:\Windows\System32\imagehlp.dll - ok05:23:25.0851 0x0ce8 [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll05:23:25.0851 0x0ce8 C:\Windows\System32\msvcrt.dll - ok05:23:25.0851 0x0ce8 [ 050FD78BA4EFA62417F61F4C098B5B25, 889EF561939B67DAD774E90DFDFEA01BC54BFCCD922EE11329A0B44FC2C12604 ] C:\Windows\System32\iertutil.dll05:23:25.0851 0x0ce8 C:\Windows\System32\iertutil.dll - ok05:23:25.0866 0x0ce8 [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll05:23:25.0866 0x0ce8 C:\Windows\System32\clbcatq.dll - ok05:23:25.0882 0x0ce8 [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll05:23:25.0882 0x0ce8 C:\Windows\System32\oleaut32.dll - ok05:23:25.0898 0x0ce8 [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll05:23:25.0898 0x0ce8 C:\Windows\System32\Wldap32.dll - ok05:23:25.0898 0x0ce8 [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll05:23:25.0898 0x0ce8 C:\Windows\System32\imm32.dll - ok05:23:25.0913 0x0ce8 [ 860528C9E50AB84935843B23A80E665E, 1BBC4FC384A2C9B2E30DC8D84C435A6A8E1993F074CDBF0A6A3AC774A3E62AD4 ] C:\Windows\System32\gdi32.dll05:23:25.0913 0x0ce8 C:\Windows\System32\gdi32.dll - ok05:23:25.0929 0x0ce8 [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll05:23:25.0929 0x0ce8 C:\Windows\System32\comdlg32.dll - ok05:23:25.0944 0x0ce8 [ F947D57534E01E3CA597BCF2AD8AE65B, 498A87443CE3344F82B19D4903F128337B5B3DA49D3C208F796394DA6B3A8946 ] C:\Windows\System32\rpcrt4.dll05:23:25.0944 0x0ce8 C:\Windows\System32\rpcrt4.dll - ok05:23:25.0944 0x0ce8 [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll05:23:25.0944 0x0ce8 C:\Windows\System32\shlwapi.dll - ok05:23:25.0960 0x0ce8 [ 9094039A00485F71C4DE64BF51F64C46, 4ACFEF4C747ADF806A4FDEDDFD9CC48168DFB05075306C77D3F3927749DD7484 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll05:23:25.0960 0x0ce8 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok05:23:25.0976 0x0ce8 [ 721A1C957BD23829C6D2BE5C7CDC1012, 8ACCDC0B059032824BA1D52030CD7F3D8A3F4D90FCE5968E0094DC3F437C8385 ] C:\Windows\System32\drivers\FPSensor.sys05:23:25.0976 0x0ce8 C:\Windows\System32\drivers\FPSensor.sys - ok05:23:25.0991 0x0ce8 [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll05:23:25.0991 0x0ce8 C:\Windows\System32\psapi.dll - ok05:23:25.0991 0x0ce8 [ 780F6ECC4F55D76C9730E6B6C9B31913, 1AEA642AFA210A672A92AAA49CFDE52D9E48ED41248F7644FAADE760E8A0E72E ] C:\Windows\System32\crypt32.dll05:23:25.0991 0x0ce8 C:\Windows\System32\crypt32.dll - ok05:23:26.0007 0x0ce8 [ 851BB346CD59D9B3BC8854384C7DD5C3, 0CA1BCBDA6CB8CAC1186B3BE13C3937EDF46264FDFFCEBDF94C7EB10DE957DC6 ] C:\Windows\System32\KernelBase.dll05:23:26.0007 0x0ce8 C:\Windows\System32\KernelBase.dll - ok05:23:26.0022 0x0ce8 [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll05:23:26.0022 0x0ce8 C:\Windows\System32\cfgmgr32.dll - ok05:23:26.0038 0x0ce8 [ 64A4AB126E24FD3F58EBE64852773DB5, ED425BBC91EB8BEF54C363036A770C551C97EF324F1AE31049CA750D0E2D6776 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll05:23:26.0038 0x0ce8 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok05:23:26.0038 0x0ce8 [ 0E6FBF19D9DFBB77316C23DF91F8A101, 680F88E1BC55EA3342AACE6F2E3511BF877AC8F03276D028FEE84EEFE8B5611A ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll05:23:26.0038 0x0ce8 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok05:23:26.0054 0x0ce8 [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\System32\comctl32.dll05:23:26.0054 0x0ce8 C:\Windows\System32\comctl32.dll - ok05:23:26.0069 0x0ce8 [ 959041D7014C97133D859B45BCA0FC58, 282D34828DA7404470949483CB9789A8B4861D188093F0FBD07138A37F60B94B ] C:\Windows\System32\wintrust.dll05:23:26.0069 0x0ce8 C:\Windows\System32\wintrust.dll - ok05:23:26.0069 0x0ce8 [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll05:23:26.0069 0x0ce8 C:\Windows\System32\userenv.dll - ok05:23:26.0085 0x0ce8 [ F49E92B50CED5C9F1725D3C0329FD933, 6155FA4D8242F07FC578FF746890C2EE19FC3D6A20ED8AE4C6F021DB2DAC184F ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll05:23:26.0085 0x0ce8 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok05:23:26.0100 0x0ce8 [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A, 445C2857398252756FD25BB94DAFCCEFF573DE55F1F8BF9094C191F409FE6437 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll05:23:26.0100 0x0ce8 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok05:23:26.0116 0x0ce8 [ 72723D3E4781BADC62C3180C137E7B23, 0BDA5292928578C5DA79C761E15B8A892B9D4A3DA26D3635E714797C653CF492 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll05:23:26.0116 0x0ce8 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok05:23:26.0132 0x0ce8 [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll05:23:26.0132 0x0ce8 C:\Windows\System32\devobj.dll - ok05:23:26.0147 0x0ce8 [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll05:23:26.0147 0x0ce8 C:\Windows\System32\msasn1.dll - ok05:23:26.0147 0x0ce8 [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll05:23:26.0147 0x0ce8 C:\Windows\System32\profapi.dll - ok05:23:26.0163 0x0ce8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] C:\Windows\System32\drivers\usbccgp.sys05:23:26.0163 0x0ce8 C:\Windows\System32\drivers\usbccgp.sys - ok05:23:26.0178 0x0ce8 [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll05:23:26.0178 0x0ce8 C:\Windows\SysWOW64\normaliz.dll - ok05:23:26.0178 0x0ce8 [ 001CC10FA5E71AE1119115E126C8750D, 2C9F0AB6D98E06B08E4FC5866B4706E3212A2F74941AB63602473A26DED11BB0 ] C:\Windows\System32\drivers\stream.sys05:23:26.0178 0x0ce8 C:\Windows\System32\drivers\stream.sys - ok05:23:26.0194 0x0ce8 [ 2355B35BF277965EFA3DAE43B7D78239, F75D1F4B9CCB63121F2030E0DE0CC05475DEA90E45F223BA58CFEED63CB2AD7D ] C:\Windows\System32\drivers\vm331avs.sys05:23:26.0194 0x0ce8 C:\Windows\System32\drivers\vm331avs.sys - ok05:23:26.0210 0x0ce8 [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys05:23:26.0210 0x0ce8 C:\Windows\System32\drivers\dxapi.sys - ok05:23:26.0225 0x0ce8 [ 5602D4C331FD7938ADE06D9242138922, 852A18136E899A165C7FFC14542FCC9E3CB9420E6634E80B8378865D655106B3 ] C:\Windows\System32\win32k.sys05:23:26.0225 0x0ce8 C:\Windows\System32\win32k.sys - ok05:23:26.0241 0x0ce8 [ 40C39413A2458016FF43444750F467CA, 7753B8C622F15D851FC65851586E8C0FDDD0B00D66C54C5222BB1BD06DCD2A90 ] C:\Windows\System32\drivers\vmuvcflt.sys05:23:26.0241 0x0ce8 C:\Windows\System32\drivers\vmuvcflt.sys - ok05:23:26.0241 0x0ce8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll05:23:26.0241 0x0ce8 C:\Windows\System32\basesrv.dll - ok05:23:26.0256 0x0ce8 [ 216BABD555BC550952320EEA89C25DDF, 1BBB92415280032CD18F361382A69D0D91266AAD56FC88A99C804B0053743D72 ] C:\Windows\System32\csrsrv.dll05:23:26.0256 0x0ce8 C:\Windows\System32\csrsrv.dll - ok05:23:26.0272 0x0ce8 [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe05:23:26.0272 0x0ce8 C:\Windows\System32\csrss.exe - ok05:23:26.0288 0x0ce8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\System32\winsrv.dll05:23:26.0288 0x0ce8 C:\Windows\System32\winsrv.dll - ok05:23:26.0288 0x0ce8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys05:23:26.0288 0x0ce8 C:\Windows\System32\drivers\monitor.sys - ok05:23:26.0303 0x0ce8 [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll05:23:26.0303 0x0ce8 C:\Windows\System32\tsddd.dll - ok05:23:26.0319 0x0ce8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll05:23:26.0319 0x0ce8 C:\Windows\System32\sxssrv.dll - ok05:23:26.0334 0x0ce8 [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe05:23:26.0334 0x0ce8 C:\Windows\System32\wininit.exe - ok05:23:26.0350 0x0ce8 [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll05:23:26.0350 0x0ce8 C:\Windows\System32\RpcRtRemote.dll - ok05:23:26.0350 0x0ce8 [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL05:23:26.0350 0x0ce8 C:\Windows\System32\KBDUS.DLL - ok05:23:26.0366 0x0ce8 [ 943F527DF79E6B400104341AA7023C75, 53C7B9426181D3D172E6B1A07E6DF8A0CB8FCA27D3A03CE5F544D3209B5F4651 ] C:\Windows\System32\cdd.dll05:23:26.0366 0x0ce8 C:\Windows\System32\cdd.dll - ok05:23:26.0381 0x0ce8 [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll05:23:26.0381 0x0ce8 C:\Windows\System32\WlS0WndH.dll - ok05:23:26.0397 0x0ce8 [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll05:23:26.0397 0x0ce8 C:\Windows\System32\sxs.dll - ok05:23:26.0397 0x0ce8 [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll05:23:26.0397 0x0ce8 C:\Windows\System32\cryptbase.dll - ok05:23:26.0412 0x0ce8 [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll05:23:26.0412 0x0ce8 C:\Windows\System32\apphelp.dll - ok05:23:26.0428 0x0ce8 [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe05:23:26.0428 0x0ce8 C:\Windows\System32\lsm.exe - ok05:23:26.0444 0x0ce8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe05:23:26.0444 0x0ce8 C:\Windows\System32\services.exe - ok05:23:26.0459 0x0ce8 [ EE4B105F1DBE1E864AFC72E7F0315432, 0E69A25BA7ED920B3103F219D3BF117D8CEFBD4DC74C762945AE291D24772FAD ] C:\Windows\System32\lsasrv.dll05:23:26.0459 0x0ce8 C:\Windows\System32\lsasrv.dll - ok05:23:26.0459 0x0ce8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] C:\Windows\System32\lsass.exe05:23:26.0459 0x0ce8 C:\Windows\System32\lsass.exe - ok05:23:26.0475 0x0ce8 [ C072064F95579C0D6D86AF5B3DC53192, CF4A088DF97F4D4963BEAB9CBDBF69FEA2D4773159054A0AF8B8DFFDF83E18DA ] C:\Windows\System32\sspicli.dll05:23:26.0475 0x0ce8 C:\Windows\System32\sspicli.dll - ok05:23:26.0490 0x0ce8 [ 8098627D0AA1706D69C5AF3F74332ABB, 9582F6162A8405DC568FFBEA08A9090FE92FE2C9DB640077BD7F23AC4FABF700 ] C:\Windows\System32\sspisrv.dll05:23:26.0490 0x0ce8 C:\Windows\System32\sspisrv.dll - ok05:23:26.0490 0x0ce8 [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll05:23:26.0490 0x0ce8 C:\Windows\System32\scext.dll - ok05:23:26.0506 0x0ce8 [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll05:23:26.0506 0x0ce8 C:\Windows\System32\scesrv.dll - ok05:23:26.0522 0x0ce8 [ 39312B37C5FE5138F99680A49ACD3AEA, B9566B4117FBBECF77A0D3F49E9DF302088B9D483F817720B22E4F9C5754264A ] C:\Windows\System32\secur32.dll05:23:26.0522 0x0ce8 C:\Windows\System32\secur32.dll - ok05:23:26.0537 0x0ce8 [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll05:23:26.0537 0x0ce8 C:\Windows\System32\samsrv.dll - ok05:23:26.0537 0x0ce8 [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll05:23:26.0537 0x0ce8 C:\Windows\System32\sysntfy.dll - ok05:23:26.0553 0x0ce8 [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll05:23:26.0553 0x0ce8 C:\Windows\System32\srvcli.dll - ok05:23:26.0568 0x0ce8 [ 8CEBD9D0A0A879CDE9F36F4383B7CAEA, 7AA73B8E7D4D700C164D0410DCF84EA1CCCB0F7DD513E47A2EF0DAE5F16CAE45 ] C:\Windows\System32\winlogon.exe05:23:26.0568 0x0ce8 C:\Windows\System32\winlogon.exe - ok05:23:26.0584 0x0ce8 [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll05:23:26.0584 0x0ce8 C:\Windows\System32\wmsgapi.dll - ok05:23:26.0600 0x0ce8 [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll05:23:26.0600 0x0ce8 C:\Windows\System32\cryptdll.dll - ok05:23:26.0600 0x0ce8 [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll05:23:26.0600 0x0ce8 C:\Windows\System32\wevtapi.dll - ok05:23:26.0631 0x0ce8 [ C23B6D9D16FD86F446BE607CA18389D9, 331FA37B5A059FE85C5D1368A42293A7BAE2581F3F1F15B48364644136066C14 ] C:\Windows\System32\winsta.dll05:23:26.0631 0x0ce8 C:\Windows\System32\winsta.dll - ok05:23:26.0631 0x0ce8 [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll05:23:26.0631 0x0ce8 C:\Windows\System32\authz.dll - ok05:23:26.0646 0x0ce8 [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll05:23:26.0646 0x0ce8 C:\Windows\System32\cngaudit.dll - ok05:23:26.0662 0x0ce8 [ E23BA7A7BD97FC6B8AB5EA32A46D05CD, 593564F84B36451A5CDCA9B04DCFC7886DB124F7CA95464B67B1E65E041A1EC6 ] C:\Windows\System32\ncrypt.dll05:23:26.0662 0x0ce8 C:\Windows\System32\ncrypt.dll - ok05:23:26.0662 0x0ce8 [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll05:23:26.0662 0x0ce8 C:\Windows\System32\bcrypt.dll - ok05:23:26.0678 0x0ce8 [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll05:23:26.0678 0x0ce8 C:\Windows\System32\msprivs.dll - ok05:23:26.0694 0x0ce8 [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll05:23:26.0694 0x0ce8 C:\Windows\System32\netjoin.dll - ok05:23:26.0710 0x0ce8 [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll05:23:26.0710 0x0ce8 C:\Windows\System32\negoexts.dll - ok05:23:26.0710 0x0ce8 [ 33EF550DCCC58C93F5B65FD75BAD9832, 904DA99D4CBE5904E8D2580077FBB8909A44147F95492929D9A7A581C06645A8 ] C:\Windows\System32\kerberos.dll05:23:26.0710 0x0ce8 C:\Windows\System32\kerberos.dll - ok05:23:26.0725 0x0ce8 [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll05:23:26.0725 0x0ce8 C:\Windows\System32\cryptsp.dll - ok05:23:26.0741 0x0ce8 [ 9A9F9F1A77D6A80EE28B57664F00013E, 0D441638E086EF1342FCDC43E826BF9E9CC6B2E8AE100D89BFC70163F987DE91 ] C:\Windows\System32\mswsock.dll05:23:26.0741 0x0ce8 C:\Windows\System32\mswsock.dll - ok05:23:26.0757 0x0ce8 [ 7D1017ED11B7C3B162628069742B5E58, 0553ABF5C84469370748CA2496BA82655039E5048980C675742A88B761DED967 ] C:\Windows\System32\msv1_0.dll05:23:26.0757 0x0ce8 C:\Windows\System32\msv1_0.dll - ok05:23:26.0757 0x0ce8 [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll05:23:26.0757 0x0ce8 C:\Windows\System32\wship6.dll - ok05:23:26.0772 0x0ce8 [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll05:23:26.0772 0x0ce8 C:\Windows\System32\netlogon.dll - ok05:23:26.0788 0x0ce8 [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll05:23:26.0788 0x0ce8 C:\Windows\System32\dnsapi.dll - ok05:23:26.0803 0x0ce8 [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll05:23:26.0803 0x0ce8 C:\Windows\System32\logoncli.dll - ok05:23:26.0803 0x0ce8 [ E8E98B3B7A6E1250F4AA7AF8FA17D5BB, 36EA8779A04E40B93961C8F4B1B6FF7E26254D38B30EA9B1031066B3FC02A776 ] C:\Windows\System32\schannel.dll05:23:26.0803 0x0ce8 C:\Windows\System32\schannel.dll - ok05:23:26.0819 0x0ce8 [ BFC98590EAB40C785D6134B1FA818A62, 3A0136DE59815C36ADD2E960D610371733B119635D2EBA15588DB62A05B928C8 ] C:\Windows\System32\wdigest.dll05:23:26.0819 0x0ce8 C:\Windows\System32\wdigest.dll - ok05:23:26.0835 0x0ce8 [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll05:23:26.0835 0x0ce8 C:\Windows\System32\rsaenh.dll - ok05:23:26.0850 0x0ce8 [ 85E03B6E05939845BC924C91AEDE0E24, 54CF5BD26870F89AEA72734CAC5A5A7DFEB67A01DBEF4CAC12DFD26DDCC72FBC ] C:\Windows\System32\TSpkg.dll05:23:26.0850 0x0ce8 C:\Windows\System32\TSpkg.dll - ok05:23:26.0850 0x0ce8 [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll05:23:26.0866 0x0ce8 C:\Windows\System32\pku2u.dll - ok05:23:26.0866 0x0ce8 [ 55C892560C1B42BC57FB61AEFCED2F22, 9A15D6559B4FD2FE3A5C5CE13F3C1AD01D9576F6023BDBD12336A1654D33EC63 ] C:\Windows\System32\LIVESSP.DLL05:23:26.0866 0x0ce8 C:\Windows\System32\LIVESSP.DLL - ok05:23:26.0881 0x0ce8 [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll05:23:26.0881 0x0ce8 C:\Windows\System32\bcryptprimitives.dll - ok05:23:26.0897 0x0ce8 [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll05:23:26.0897 0x0ce8 C:\Windows\System32\efslsaext.dll - ok05:23:26.0913 0x0ce8 [ 560CF90C026C0FE51CC6820302FF94FE, 847F8176DAC4683765530B31FCD5A876591F8ED8B7852B84D08BBBA9B6C0A4FC ] C:\Windows\System32\credssp.dll05:23:26.0913 0x0ce8 C:\Windows\System32\credssp.dll - ok05:23:26.0913 0x0ce8 [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll05:23:26.0913 0x0ce8 C:\Windows\System32\ubpm.dll - ok05:23:26.0928 0x0ce8 [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll05:23:26.0928 0x0ce8 C:\Windows\System32\scecli.dll - ok05:23:26.0944 0x0ce8 [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe05:23:26.0944 0x0ce8 C:\Windows\System32\svchost.exe - ok05:23:26.0959 0x0ce8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll05:23:26.0959 0x0ce8 C:\Windows\System32\umpnpmgr.dll - ok05:23:26.0975 0x0ce8 [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll05:23:26.0975 0x0ce8 C:\Windows\System32\SPInf.dll - ok05:23:26.0975 0x0ce8 [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll05:23:26.0975 0x0ce8 C:\Windows\System32\devrtl.dll - ok05:23:26.0991 0x0ce8 [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll05:23:26.0991 0x0ce8 C:\Windows\System32\gpapi.dll - ok05:23:27.0006 0x0ce8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll05:23:27.0006 0x0ce8 C:\Windows\System32\umpo.dll - ok05:23:27.0006 0x0ce8 [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll05:23:27.0022 0x0ce8 C:\Windows\System32\pcwum.dll - ok05:23:27.0022 0x0ce8 [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll05:23:27.0022 0x0ce8 C:\Windows\System32\powrprof.dll - ok05:23:27.0037 0x0ce8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys05:23:27.0037 0x0ce8 C:\Windows\System32\drivers\luafv.sys - ok05:23:27.0053 0x0ce8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll05:23:27.0053 0x0ce8 C:\Windows\System32\rpcss.dll - ok05:23:27.0053 0x0ce8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll05:23:27.0053 0x0ce8 C:\Windows\System32\RpcEpMap.dll - ok05:23:27.0069 0x0ce8 [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL05:23:27.0069 0x0ce8 C:\Windows\System32\WSHTCPIP.DLL - ok05:23:27.0084 0x0ce8 [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll05:23:27.0084 0x0ce8 C:\Windows\System32\wshqos.dll - ok05:23:27.0100 0x0ce8 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe05:23:27.0100 0x0ce8 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok05:23:27.0100 0x0ce8 [ 19A47185AE12414F918A074048CB9EBC, DFEA9E3F74CDF4216E08C3C72A04F8217B0025E6026E9098645F6C2659906015 ] C:\Program Files\Microsoft Security Client\MpSvc.dll05:23:27.0100 0x0ce8 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok05:23:27.0115 0x0ce8 [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe05:23:27.0115 0x0ce8 C:\Windows\System32\LogonUI.exe - ok05:23:27.0131 0x0ce8 [ 5DFFC12BF7DB53BDB401804A3C3A475E, DEACB4BFF904AD77389A8326BFCF12A490E1A7A10B68049D253552F1FC630FA3 ] C:\Windows\System32\authui.dll05:23:27.0131 0x0ce8 C:\Windows\System32\authui.dll - ok05:23:27.0147 0x0ce8 [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll05:23:27.0147 0x0ce8 C:\Windows\System32\wtsapi32.dll - ok05:23:27.0162 0x0ce8 [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll05:23:27.0162 0x0ce8 C:\Windows\System32\FirewallAPI.dll - ok05:23:27.0162 0x0ce8 [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll05:23:27.0162 0x0ce8 C:\Windows\System32\version.dll - ok05:23:27.0178 0x0ce8 [ 685D87C61FEA48ADDAE4C5352B30E27D, 7CDEB3D277EAECBCE436C06BA9813ECE2223ABEFF8B61D53D5272339B57851D4 ] C:\Program Files\Microsoft Security Client\MpClient.dll05:23:27.0178 0x0ce8 C:\Program Files\Microsoft Security Client\MpClient.dll - ok05:23:27.0193 0x0ce8 [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll05:23:27.0193 0x0ce8 C:\Windows\System32\ntmarta.dll - ok05:23:27.0193 0x0ce8 [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll05:23:27.0209 0x0ce8 C:\Windows\System32\cryptui.dll - ok05:23:27.0209 0x0ce8 [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll05:23:27.0209 0x0ce8 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok05:23:27.0225 0x0ce8 [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll05:23:27.0225 0x0ce8 C:\Windows\System32\samlib.dll - ok05:23:27.0240 0x0ce8 [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll05:23:27.0240 0x0ce8 C:\Windows\System32\shacct.dll - ok05:23:27.0256 0x0ce8 [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll05:23:27.0256 0x0ce8 C:\Windows\System32\propsys.dll - ok05:23:27.0256 0x0ce8 [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll05:23:27.0256 0x0ce8 C:\Windows\System32\uxtheme.dll - ok05:23:27.0271 0x0ce8 [ A9A87481B1A6589898C1DAB37C03E4AB, 803DB46E9FEE4E45B63A13A8CE3E589D7498532B8A7D8C3424E210E6A9AAC61F ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_2b283fd671e9bf4d\GdiPlus.dll05:23:27.0271 0x0ce8 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_2b283fd671e9bf4d\GdiPlus.dll - ok05:23:27.0287 0x0ce8 [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll05:23:27.0287 0x0ce8 C:\Windows\System32\dui70.dll - ok05:23:27.0303 0x0ce8 [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll05:23:27.0303 0x0ce8 C:\Windows\System32\duser.dll - ok05:23:27.0318 0x0ce8 [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll05:23:27.0318 0x0ce8 C:\Windows\System32\SndVolSSO.dll - ok05:23:27.0318 0x0ce8 [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll05:23:27.0318 0x0ce8 C:\Windows\System32\hid.dll - ok05:23:27.0334 0x0ce8 [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll05:23:27.0334 0x0ce8 C:\Windows\System32\MMDevAPI.dll - ok05:23:27.0349 0x0ce8 [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll05:23:27.0349 0x0ce8 C:\Windows\System32\dwmapi.dll - ok05:23:27.0365 0x0ce8 [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll05:23:27.0365 0x0ce8 C:\Windows\System32\xmllite.dll - ok05:23:27.0365 0x0ce8 [ AFCA5C1ECEAF948FC815178BC077680E, D052C18EF455E1A272332F2E11FD4F36DA071FAB3B81CA312FB75BF8702ED72D ] C:\Windows\System32\WindowsCodecs.dll05:23:27.0365 0x0ce8 C:\Windows\System32\WindowsCodecs.dll - ok05:23:27.0396 0x0ce8 [ E6737687B7587339D1A6473117159F40, 9F2FAA2A729F98C8633C147ABD333B8EECB5A37A45E5D5ED469140222CB189D6 ] C:\Program Files\Microsoft Security Client\EppManifest.dll05:23:27.0396 0x0ce8 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok05:23:27.0396 0x0ce8 [ 310F88A93C3B02E3D1F906FB57B9E01E, C12CF7005F681305FA4A945C77E0C6C6AD674037187030FA506EA85DB37CA68C ] C:\Windows\System32\atiesrxx.exe05:23:27.0396 0x0ce8 C:\Windows\System32\atiesrxx.exe - ok05:23:27.0412 0x0ce8 [ 79B27F0DB10D1FF517F02F792830E538, 703025147FFBA95B865993F0AA7A1EFD769535FEDEFD305005ADFCCFAFDB61BC ] C:\Program Files\Microsoft Security Client\MpCommu.dll05:23:27.0412 0x0ce8 C:\Program Files\Microsoft Security Client\MpCommu.dll - ok05:23:27.0427 0x0ce8 [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll05:23:27.0427 0x0ce8 C:\Windows\System32\winhttp.dll - ok05:23:27.0443 0x0ce8 [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll05:23:27.0443 0x0ce8 C:\Windows\System32\webio.dll - ok05:23:27.0459 0x0ce8 [ 1AAA3704C352767FA96FBCB2F44420FA, C492CA0D7CCEE0D0A69CC9632C67EEABD08A77FB1E1522DFA3F7303E09983FE0 ] C:\Program Files\Microsoft Security Client\MpRTP.dll05:23:27.0459 0x0ce8 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok05:23:27.0474 0x0ce8 [ F3D202F53A222D5F6944D459B73CF967, E9F1D48EB333D32331BCFD0348FE07BEE7D5352292E6020571DA395F596AFFE7 ] C:\Windows\System32\fltLib.dll05:23:27.0474 0x0ce8 C:\Windows\System32\fltLib.dll - ok05:23:27.0474 0x0ce8 [ 5DD8C3863757690D38BA3A487559CA5A, 062AF2721E1847FD000E1D8AD71A1F0EF4B830506E4680D3BF79FFE4BB3C0ACA ] C:\Program Files\Microsoft Security Client\MsMpLics.dll05:23:27.0474 0x0ce8 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok05:23:27.0490 0x0ce8 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] C:\Windows\System32\drivers\MpFilter.sys05:23:27.0490 0x0ce8 C:\Windows\System32\drivers\MpFilter.sys - ok05:23:27.0505 0x0ce8 [ 5E0DB1BF6B64CC9B58A387F2FC1166EF, 704152F9468352C6EE471BD9D8ADF064916E0165E6F7BF8F991E39CF810EA2DF ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A12E2C5-7379-474D-B993-42CDFE9B1DAC}\mpengine.dll05:23:27.0505 0x0ce8 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A12E2C5-7379-474D-B993-42CDFE9B1DAC}\mpengine.dll - ok05:23:27.0521 0x0ce8 [ 6556819CD55CE306D7FF546E1DF680D6, 2B7068963E59C1FDF2ABB60F3FF8A133028E2F1484D1F7B9482F52C799487A0C ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A12E2C5-7379-474D-B993-42CDFE9B1DAC}\mpasbase.vdm05:23:27.0521 0x0ce8 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A12E2C5-7379-474D-B993-42CDFE9B1DAC}\mpasbase.vdm - ok05:23:27.0521 0x0ce8 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll05:23:27.0521 0x0ce8 C:\Windows\System32\winbrand.dll - ok05:23:27.0537 0x0ce8 [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll05:23:27.0537 0x0ce8 C:\Windows\System32\VaultCredProvider.dll - ok05:23:27.0552 0x0ce8 [ 72BD8BBECBFE09EEA5458C65AA01D394, F6A390A56976091ADFB9C641B0244AB1848E22833DC6DF333756EE0FC6BB2740 ] C:\Windows\System32\imagereog.dll05:23:27.0552 0x0ce8 C:\Windows\System32\imagereog.dll - ok05:23:27.0568 0x0ce8 [ 2748C45C8FE32ED2DAAAC82D47BF8229, 50130A5B6BB8591E016DD3F37777EBAE0E225C9050D311606D9D1B30186FCF7C ] C:\Windows\System32\Apblend64.dll05:23:27.0568 0x0ce8 C:\Windows\System32\Apblend64.dll - ok05:23:27.0568 0x0ce8 [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll05:23:27.0568 0x0ce8 C:\Windows\System32\wevtsvc.dll - ok05:23:27.0583 0x0ce8 [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A30B720A04C7A18 ] C:\Windows\System32\oleacc.dll05:23:27.0583 0x0ce8 C:\Windows\System32\oleacc.dll - ok05:23:27.0599 0x0ce8 [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll05:23:27.0599 0x0ce8 C:\Windows\System32\netapi32.dll - ok05:23:27.0615 0x0ce8 [ DC11DA8EE60A8ACABAB8FB452EC35190, D3F738FDFAEFB0755C32B4FC4BD9B6C52A50E5FFF557E9DC2F6C5E6F9C6D61B9 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A12E2C5-7379-474D-B993-42CDFE9B1DAC}\mpasdlta.vdm05:23:27.0615 0x0ce8 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A12E2C5-7379-474D-B993-42CDFE9B1DAC}\mpasdlta.vdm - ok Link to post Share on other sites More sharing options...
DanielOverInPennsylvania Posted October 27, 2014 Author ID:896987 Share Posted October 27, 2014 05:23:27.0630 0x0ce8 [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll05:23:27.0630 0x0ce8 C:\Windows\System32\netutils.dll - ok05:23:27.0646 0x0ce8 [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll05:23:27.0646 0x0ce8 C:\Windows\System32\samcli.dll - ok05:23:27.0646 0x0ce8 [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll05:23:27.0646 0x0ce8 C:\Windows\System32\wkscli.dll - ok05:23:27.0661 0x0ce8 [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv05:23:27.0661 0x0ce8 C:\Windows\System32\winspool.drv - ok05:23:27.0677 0x0ce8 [ 00000000000000000000000000000000, 0000000000000000000000000000000000000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A12E2C5-7379-474D-B993-42CDFE9B1DAC}\mpavbase.vdm05:23:27.0677 0x0ce8 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A12E2C5-7379-474D-B993-42CDFE9B1DAC}\mpavbase.vdm - ok05:23:27.0693 0x0ce8 [ 51D50B5BDB0190668862C9E0DB1376AE, 54DD27E7E7AA50C2961A430264271B05EEA122326D51762085DA60D0C2B41B5A ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A12E2C5-7379-474D-B993-42CDFE9B1DAC}\mpavdlta.vdm05:23:27.0693 0x0ce8 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A12E2C5-7379-474D-B993-42CDFE9B1DAC}\mpavdlta.vdm - ok05:23:27.0693 0x0ce8 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll05:23:27.0693 0x0ce8 C:\Windows\System32\adtschema.dll - ok05:23:27.0709 0x0ce8 [ 8563BA40DF4F1E93A61B70E2C8B60CF8, E5CAA520CBE61FAF3EAA784A51ED30E0CB2FD78EFD8AE1D5C6B0FE43A1009F39 ] C:\Windows\System32\SmartcardCredentialProvider.dll05:23:27.0709 0x0ce8 C:\Windows\System32\SmartcardCredentialProvider.dll - ok05:23:27.0709 0x0ce8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] C:\Windows\System32\FntCache.dll05:23:27.0709 0x0ce8 C:\Windows\System32\FntCache.dll - ok05:23:27.0725 0x0ce8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll05:23:27.0725 0x0ce8 C:\Windows\System32\mmcss.dll - ok05:23:27.0740 0x0ce8 [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll05:23:27.0740 0x0ce8 C:\Windows\System32\avrt.dll - ok05:23:27.0740 0x0ce8 [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll05:23:27.0740 0x0ce8 C:\Windows\System32\BioCredProv.dll - ok05:23:27.0756 0x0ce8 [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll05:23:27.0756 0x0ce8 C:\Windows\System32\winbio.dll - ok05:23:27.0772 0x0ce8 [ 4403D5ECE7D8323CAF1207D1AA38FA01, BD0B34DCF658D3CB91C1B55E9E730C5F7C571AFC2BFA09270C377B72B6830D48 ] C:\Windows\System32\credui.dll05:23:27.0772 0x0ce8 C:\Windows\System32\credui.dll - ok05:23:27.0787 0x0ce8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll05:23:27.0787 0x0ce8 C:\Windows\System32\wlansvc.dll - ok05:23:27.0803 0x0ce8 [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll05:23:27.0803 0x0ce8 C:\Windows\System32\vaultcli.dll - ok05:23:27.0818 0x0ce8 [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll05:23:27.0818 0x0ce8 C:\Windows\System32\certCredProvider.dll - ok05:23:27.0818 0x0ce8 [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll05:23:27.0818 0x0ce8 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok05:23:27.0834 0x0ce8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys05:23:27.0834 0x0ce8 C:\Windows\System32\drivers\fltMgr.sys - ok05:23:27.0850 0x0ce8 [ 7097425051CE67B450EBF2B1390AE492, 45354BA04E383B65D13A073F63EA5EA185D8B0C1E208B6671ED8EBC64711D109 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL05:23:27.0850 0x0ce8 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok05:23:27.0865 0x0ce8 [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL05:23:27.0865 0x0ce8 C:\Windows\System32\PSHED.DLL - ok05:23:27.0881 0x0ce8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll05:23:27.0881 0x0ce8 C:\Windows\System32\profsvc.dll - ok05:23:27.0896 0x0ce8 [ D0AE6250A4340832B95DD23826137F03, 5E842D9CDFA0991FB35F46345715F8EAFB7F80AE073440D8485965972290F190 ] C:\Program Files (x86)\EgisTec BioExcess\x64\EgisCredentialProvider.dll05:23:27.0896 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\x64\EgisCredentialProvider.dll - ok05:23:27.0912 0x0ce8 [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll05:23:27.0912 0x0ce8 C:\Windows\System32\atl.dll - ok05:23:27.0928 0x0ce8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll05:23:27.0928 0x0ce8 C:\Windows\System32\gpsvc.dll - ok05:23:27.0928 0x0ce8 [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll05:23:27.0928 0x0ce8 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok05:23:27.0943 0x0ce8 [ EF275DE4B4451D803FE61E6AC388A3F8, A477D610E991C529AD539C5AD7784EB71BA872A5F0DFB3D6055D10AD491B4C1C ] C:\Program Files (x86)\EgisTec BioExcess\x64\EgisUtility.dll05:23:27.0943 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\x64\EgisUtility.dll - ok05:23:27.0959 0x0ce8 [ 46BB91A169B9B31FF44EB04C48EC1D41, 8115B533D3A5BE07633FA54FA8847E3DEC00C5BEB193CF2FBE88428D23E2B3D6 ] C:\Windows\System32\nlaapi.dll05:23:27.0959 0x0ce8 C:\Windows\System32\nlaapi.dll - ok05:23:27.0974 0x0ce8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll05:23:27.0974 0x0ce8 C:\Windows\System32\themeservice.dll - ok05:23:27.0990 0x0ce8 [ 77CD46DAF1751F03803CE2578DD12913, A0CD790B0B8192FB2694B6970AD696B6DBD5150469CAA165D9959FD70315AC02 ] C:\Program Files (x86)\EgisTec BioExcess\x64\CryptoAPI.dll05:23:27.0990 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\x64\CryptoAPI.dll - ok05:23:28.0006 0x0ce8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll05:23:28.0006 0x0ce8 C:\Windows\System32\es.dll - ok05:23:28.0021 0x0ce8 [ A82AA035D0348A353F3108EF5DC59FFB, 789994DBE1D9EF7BD2A2C4FCA00BF05962BB5ADB740382EA4894FFA0E426FC81 ] C:\Program Files (x86)\EgisTec BioExcess\x64\libeay32.dll05:23:28.0021 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\x64\libeay32.dll - ok05:23:28.0021 0x0ce8 [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll05:23:28.0021 0x0ce8 C:\Windows\System32\dsrole.dll - ok05:23:28.0037 0x0ce8 [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll05:23:28.0037 0x0ce8 C:\Windows\System32\slc.dll - ok05:23:28.0052 0x0ce8 [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll05:23:28.0052 0x0ce8 C:\Windows\System32\comres.dll - ok05:23:28.0068 0x0ce8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll05:23:28.0068 0x0ce8 C:\Windows\System32\Sens.dll - ok05:23:28.0084 0x0ce8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll05:23:28.0084 0x0ce8 C:\Windows\System32\uxsms.dll - ok05:23:28.0099 0x0ce8 [ E36112A8A6C7F840169A7E92C12F4203, 52795B2E6ECCE751EEF5074AF52FDE376A382D0A1C43B90DD4F77A397C00FBC5 ] C:\Windows\System32\wsock32.dll05:23:28.0099 0x0ce8 C:\Windows\System32\wsock32.dll - ok05:23:28.0099 0x0ce8 [ 241AF87821FDA0F5792037B779F49BE0, B3F4FDA27430ACC6D6BC1C3CBD518B9CAE5BA0F22AB8917578A7F16270F94C8B ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll05:23:28.0099 0x0ce8 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok05:23:28.0115 0x0ce8 [ 0AC3BAA7DF250C76DD9BCFC51565CB5F, 018F0DABF6B948E39423CE899BEFC864240402D5F31B86BEAD655ABEF4AFAFC3 ] C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe05:23:28.0115 0x0ce8 C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe - ok05:23:28.0130 0x0ce8 [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll05:23:28.0130 0x0ce8 C:\Windows\SysWOW64\ntdll.dll - ok05:23:28.0146 0x0ce8 [ D233C7FEAE3FAA25F93A9E6B46815ADC, 5330682AE9C08E5F2E30C5E256B91028389BBBDDAA8C38950DF76616FCA854FF ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll05:23:28.0146 0x0ce8 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok05:23:28.0162 0x0ce8 [ C40E195E32EE6057A8C07746F053DAA5, 676F74C1B52602575ADADF2A05A3B2D6A41C5D1239A219A4FA5CE9EEAD9DA5DB ] C:\Program Files (x86)\EgisTec BioExcess\x64\EgisTicketProxy.dll05:23:28.0162 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\x64\EgisTicketProxy.dll - ok05:23:28.0177 0x0ce8 [ 2A107B611C91CD256466C58C0D776E9D, 58EA4F6E0FE7EFB8D3024AE71EE16848C2A00BA5224C8054C80134F99D9A72AB ] C:\Windows\System32\wow64.dll05:23:28.0177 0x0ce8 C:\Windows\System32\wow64.dll - ok05:23:28.0193 0x0ce8 [ 7434E01FBCA3CB86539C39412A31D5E1, E40D5AEBB3A5D8F53C76E3FBF0C07B9C0227914C869F57622EA44A212383EE6D ] C:\Windows\System32\wow64win.dll05:23:28.0193 0x0ce8 C:\Windows\System32\wow64win.dll - ok05:23:28.0193 0x0ce8 [ CE902D64D451620F8DC5D2CAF49BDB09, 57FD871554C63A46275A87537458A0DFF3D8D882873C501DCC32EAA97E276CED ] C:\Program Files (x86)\EgisTec BioExcess\x64\LoggerUtility.dll05:23:28.0193 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\x64\LoggerUtility.dll - ok05:23:28.0208 0x0ce8 [ 0F090A77E664CB0F70AB8D3B230B760C, A08EA0409B3BF88AB12792F721FA3A692BBE640DF2A06641E142843A7044EC5E ] C:\Windows\System32\wow64cpu.dll05:23:28.0208 0x0ce8 C:\Windows\System32\wow64cpu.dll - ok05:23:28.0224 0x0ce8 [ 76161B9D78A275F8F28DD67436013110, E4AE9648BDED9035D39DF20C3A6F453F67D49D7899038B21D88FFD4EFFCC4C08 ] C:\Windows\SysWOW64\kernel32.dll05:23:28.0224 0x0ce8 C:\Windows\SysWOW64\kernel32.dll - ok05:23:28.0240 0x0ce8 [ 165A5FE3CDE46243B367989DF5C5A52A, D292D60E0142A71895712BB174AEDD820F33C13ECC7386308AD29A02F3FC00E7 ] C:\Program Files (x86)\EgisTec BioExcess\x64\EgisBiometricProxy.dll05:23:28.0240 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\x64\EgisBiometricProxy.dll - ok05:23:28.0240 0x0ce8 [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll05:23:28.0240 0x0ce8 C:\Windows\System32\winmm.dll - ok05:23:28.0255 0x0ce8 [ 64641DCA115DACD37CDD9F4E0F66A874, F295396C9C5BF09CF0F173323C246F9C1DB0F8403B72F1E7322667804221BC98 ] C:\Program Files (x86)\EgisTec Port Locker\EgisPLUtility.dll05:23:28.0255 0x0ce8 C:\Program Files (x86)\EgisTec Port Locker\EgisPLUtility.dll - ok05:23:28.0271 0x0ce8 [ 461B713DE7F353C6447B744F1A049930, 3551C57128DAFA009C9DB3EE0D798D94B269D1605F74897566D7E79E5FDD437B ] C:\Windows\SysWOW64\KernelBase.dll05:23:28.0271 0x0ce8 C:\Windows\SysWOW64\KernelBase.dll - ok05:23:28.0286 0x0ce8 [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll05:23:28.0286 0x0ce8 C:\Windows\System32\rasplap.dll - ok05:23:28.0302 0x0ce8 [ 386BF6FD9FC562B1A5558C49E1C3A6FB, 6ED5A61C911845027D0A67B2473603D87E79DB88F0C0C699CBB2D1639C1DFDA5 ] C:\Windows\SysWOW64\shell32.dll05:23:28.0302 0x0ce8 C:\Windows\SysWOW64\shell32.dll - ok05:23:28.0318 0x0ce8 [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll05:23:28.0318 0x0ce8 C:\Windows\System32\rasapi32.dll - ok05:23:28.0333 0x0ce8 [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll05:23:28.0333 0x0ce8 C:\Windows\System32\rasman.dll - ok05:23:28.0333 0x0ce8 [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll05:23:28.0333 0x0ce8 C:\Windows\System32\rtutils.dll - ok05:23:28.0349 0x0ce8 [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll05:23:28.0349 0x0ce8 C:\Windows\System32\UXInit.dll - ok05:23:28.0364 0x0ce8 [ 28265C7E01589943C8AF55235A151914, 8E460D3CEBF0C76D2730E750C61E5E5F954ABB46B625133DC185A62850111BED ] C:\Windows\System32\atieclxx.exe05:23:28.0364 0x0ce8 C:\Windows\System32\atieclxx.exe - ok05:23:28.0380 0x0ce8 [ 157A1452DBE538F547547E752CE26741, 364AF8067EF714E20EDC9EC7256E83C4334C7E85BA3341E8D94B43C0FAD22D9B ] C:\Windows\System32\atiadlxx.dll05:23:28.0380 0x0ce8 C:\Windows\System32\atiadlxx.dll - ok05:23:28.0396 0x0ce8 [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll05:23:28.0396 0x0ce8 C:\Windows\SysWOW64\msvcrt.dll - ok05:23:28.0411 0x0ce8 [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll05:23:28.0411 0x0ce8 C:\Windows\System32\imageres.dll - ok05:23:28.0427 0x0ce8 [ ACAEC7447292A0E2C9D101E18FA2D679, E33C455EF95807FBBEB25DA53DFE0AD1E43A3D20CF335F0CAF88EC2ADF78776C ] C:\Windows\System32\atimuixx.dll05:23:28.0427 0x0ce8 C:\Windows\System32\atimuixx.dll - ok05:23:28.0427 0x0ce8 [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll05:23:28.0427 0x0ce8 C:\Windows\SysWOW64\shlwapi.dll - ok05:23:28.0442 0x0ce8 [ 980305AC3AF53C1964A11190451ABB32, D0FE0845F9FB51B1F556E3A1D327F30603033A1FAFC17DFA3D5047B93C7D4D82 ] C:\Windows\SysWOW64\gdi32.dll05:23:28.0442 0x0ce8 C:\Windows\SysWOW64\gdi32.dll - ok05:23:28.0458 0x0ce8 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll05:23:28.0458 0x0ce8 C:\Windows\SysWOW64\user32.dll - ok05:23:28.0474 0x0ce8 [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll05:23:28.0474 0x0ce8 C:\Windows\SysWOW64\advapi32.dll - ok05:23:28.0489 0x0ce8 [ D8BED6BA298DBAAF6F3D746739FCD333, 83A40845EC448943F4737B730F95860983919677D84922E44EED4BECDFA71A31 ] C:\Windows\SysWOW64\rpcrt4.dll05:23:28.0489 0x0ce8 C:\Windows\SysWOW64\rpcrt4.dll - ok05:23:28.0505 0x0ce8 [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll05:23:28.0505 0x0ce8 C:\Windows\SysWOW64\sechost.dll - ok05:23:28.0520 0x0ce8 [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll05:23:28.0520 0x0ce8 C:\Windows\SysWOW64\cryptbase.dll - ok05:23:28.0536 0x0ce8 [ 10826DA2FC073702AEAB93AF3D73B066, 1B55FE13B52109F1E427FCE6F64A02CF37AB6732BE4C968479BD871DE1D38A06 ] C:\Windows\SysWOW64\sspicli.dll05:23:28.0536 0x0ce8 C:\Windows\SysWOW64\sspicli.dll - ok05:23:28.0536 0x0ce8 [ CC23295DA8F7B5C53F93804D2F5D30EB, B290D96C40FBA934DE6CFF82D9BBA6780922CC5012C61599BD5006DAEDC82DDB ] C:\Windows\SysWOW64\lpk.dll05:23:28.0552 0x0ce8 C:\Windows\SysWOW64\lpk.dll - ok05:23:28.0552 0x0ce8 [ A5F833506BF6A1B5D693E1499DEE2444, 045874B7D37F49216E37D551076FF440E29DB5196564E714207DF753DF7FDDEE ] C:\Windows\SysWOW64\usp10.dll05:23:28.0552 0x0ce8 C:\Windows\SysWOW64\usp10.dll - ok05:23:28.0567 0x0ce8 [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll05:23:28.0567 0x0ce8 C:\Windows\SysWOW64\userenv.dll - ok05:23:28.0583 0x0ce8 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll05:23:28.0583 0x0ce8 C:\Windows\SysWOW64\dbghelp.dll - ok05:23:28.0598 0x0ce8 [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll05:23:28.0598 0x0ce8 C:\Windows\SysWOW64\profapi.dll - ok05:23:28.0614 0x0ce8 [ F883631AE310D55F0FCC6298B38FC2B9, 045495F14F3930C840118979660990E2436DD0176A823F294E0C0FDA8CFC562C ] C:\Program Files (x86)\EgisTec Port Locker\CryptoAPI.dll05:23:28.0614 0x0ce8 C:\Program Files (x86)\EgisTec Port Locker\CryptoAPI.dll - ok05:23:28.0630 0x0ce8 [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll05:23:28.0630 0x0ce8 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok05:23:28.0645 0x0ce8 [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll05:23:28.0645 0x0ce8 C:\Windows\SysWOW64\ole32.dll - ok05:23:28.0661 0x0ce8 [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll05:23:28.0661 0x0ce8 C:\Windows\SysWOW64\oleaut32.dll - ok05:23:28.0661 0x0ce8 [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll05:23:28.0661 0x0ce8 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok05:23:28.0676 0x0ce8 [ 6FF6E370DB6D67AD1C51BB17C129F8A5, 72F2533D1613677DBD3B41E0B42E5755372626C1EDD26E0E2B4C5C42E73F57B8 ] C:\Program Files (x86)\EgisTec Port Locker\EgisPLFeature.dll05:23:28.0676 0x0ce8 C:\Program Files (x86)\EgisTec Port Locker\EgisPLFeature.dll - ok05:23:28.0692 0x0ce8 [ 8465C27745A2E5A5AC5443988C107558, 4F45A19D68FF9C75F5F1DF199A5F8CCF1A668587C14160B0540564E4DBCD1F51 ] C:\Program Files (x86)\EgisTec Port Locker\PLLoggerUtility.dll05:23:28.0692 0x0ce8 C:\Program Files (x86)\EgisTec Port Locker\PLLoggerUtility.dll - ok05:23:28.0708 0x0ce8 [ F9EDD3504BFBFC1BC5BC2F889E082E9D, 40F892271CFBDEFAE72D59DAF78909949FDB277D9D2C6C2DE76A5C674F01BFC8 ] C:\Program Files (x86)\EgisTec Port Locker\FrameUtility.dll05:23:28.0708 0x0ce8 C:\Program Files (x86)\EgisTec Port Locker\FrameUtility.dll - ok05:23:28.0723 0x0ce8 [ 410B7FB48FCB4BD1438AA295D38BEF64, 0CB6B5AA5F2B3A5A06514D55D1CCBB4E5BC28536392098DECA6796DDE1D791A4 ] C:\Program Files (x86)\EgisTec Port Locker\LibFrame.dll05:23:28.0723 0x0ce8 C:\Program Files (x86)\EgisTec Port Locker\LibFrame.dll - ok05:23:28.0739 0x0ce8 [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll05:23:28.0739 0x0ce8 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok05:23:28.0754 0x0ce8 [ BFB2D1F0C59D9EE07A5908C84BF10530, 604A58F0CE603A85F1BCECF8207B0BEECF5D6A5B6FDE4665DF02C6460DCFCC12 ] C:\Program Files (x86)\EgisTec Port Locker\EgisPLAuthShell.dll05:23:28.0754 0x0ce8 C:\Program Files (x86)\EgisTec Port Locker\EgisPLAuthShell.dll - ok05:23:28.0770 0x0ce8 [ B2C7BCE7A26B2EE591B60F34182DF9C2, D239A299E840BF54533043D0CC8FAF759C0611075A94FB1DB219B6F09C5581D0 ] C:\Windows\SysWOW64\egistecff.dll05:23:28.0770 0x0ce8 C:\Windows\SysWOW64\egistecff.dll - ok05:23:28.0786 0x0ce8 [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll05:23:28.0786 0x0ce8 C:\Windows\SysWOW64\wtsapi32.dll - ok05:23:28.0801 0x0ce8 [ B55BF09BD59C13D4753E6E2445654BD0, 323838645509FAC7B4EA918EEBEA5701EA33C96C342E9B6AD7D1C1AD40348281 ] C:\Windows\SysWOW64\drvcrypt.dll05:23:28.0801 0x0ce8 C:\Windows\SysWOW64\drvcrypt.dll - ok05:23:28.0817 0x0ce8 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC, 78AF098E270EDE62466557091F14B2D37BDAB488F02E7CC769251FD17C02BA4A ] C:\Windows\SysWOW64\fltLib.dll05:23:28.0817 0x0ce8 C:\Windows\SysWOW64\fltLib.dll - ok05:23:28.0817 0x0ce8 [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll05:23:28.0817 0x0ce8 C:\Windows\SysWOW64\imm32.dll - ok05:23:28.0832 0x0ce8 [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll05:23:28.0832 0x0ce8 C:\Windows\SysWOW64\msctf.dll - ok05:23:28.0848 0x0ce8 [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL05:23:28.0848 0x0ce8 C:\Windows\System32\IPHLPAPI.DLL - ok05:23:28.0864 0x0ce8 [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll05:23:28.0864 0x0ce8 C:\Windows\System32\winnsi.dll - ok05:23:28.0879 0x0ce8 [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll05:23:28.0879 0x0ce8 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok05:23:28.0895 0x0ce8 [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll05:23:28.0895 0x0ce8 C:\Windows\System32\sfc.dll - ok05:23:28.0910 0x0ce8 [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll05:23:28.0910 0x0ce8 C:\Windows\System32\sfc_os.dll - ok05:23:28.0910 0x0ce8 [ 7745AAFFB61438C28C75E18CE98D4E64, 236FFA327A6EC1DB952B23ECAAA4969241F15376D374CDFD39916E1C0882B216 ] C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe05:23:28.0910 0x0ce8 C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe - ok05:23:28.0926 0x0ce8 [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll05:23:28.0926 0x0ce8 C:\Windows\SysWOW64\setupapi.dll - ok05:23:28.0942 0x0ce8 [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll05:23:28.0942 0x0ce8 C:\Windows\SysWOW64\cfgmgr32.dll - ok05:23:28.0957 0x0ce8 [ 0CFB383AB3D932D75574043F3E2D2E33, E870718C12557130B55F6A137D882932335AA7DEE43294D8AE89A41B3FDAECD6 ] C:\Program Files (x86)\EgisTec BioExcess\EgisUtility.dll05:23:28.0957 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\EgisUtility.dll - ok05:23:28.0973 0x0ce8 [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll05:23:28.0973 0x0ce8 C:\Windows\SysWOW64\devobj.dll - ok05:23:28.0988 0x0ce8 [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll05:23:28.0988 0x0ce8 C:\Windows\SysWOW64\netapi32.dll - ok05:23:29.0004 0x0ce8 [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll05:23:29.0004 0x0ce8 C:\Windows\SysWOW64\netutils.dll - ok05:23:29.0004 0x0ce8 [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll05:23:29.0004 0x0ce8 C:\Windows\SysWOW64\srvcli.dll - ok05:23:29.0020 0x0ce8 [ 3A4BE2D3DD585C81E8299BA22C4BE006, 638292E9BE4C9043999D6754B36724C9EBDBF2E55D9BB0FB94823A1D9BE33BAB ] C:\Program Files (x86)\EgisTec BioExcess\CryptoAPI.dll05:23:29.0020 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\CryptoAPI.dll - ok05:23:29.0051 0x0ce8 [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll05:23:29.0051 0x0ce8 C:\Windows\SysWOW64\wkscli.dll - ok05:23:29.0051 0x0ce8 [ CC09E0C9A2D89C6E71D093DC8BD121B7, 5F92457E27D817541EBA92FED984D2E6C1E35AD4E4E4CAE0F0778B795C260FAA ] C:\Windows\SysWOW64\crypt32.dll05:23:29.0051 0x0ce8 C:\Windows\SysWOW64\crypt32.dll - ok05:23:29.0082 0x0ce8 [ 3FAD263CE1E2A6FFF40D00043B2275E3, 0063D7DAD57CA78C3DCE6A2E7D4FF7A47DBBBBAA33F92AEF747D8102E055D1AA ] C:\Windows\SysWOW64\winbio.dll05:23:29.0082 0x0ce8 C:\Windows\SysWOW64\winbio.dll - ok05:23:29.0098 0x0ce8 [ E9BB0CD09DA17C71FD1B9954D75AEEF7, FF5E2F04F1FD56FDD19368150B5750275F0A44E9EA9820C8087E84ECBBF45286 ] C:\Windows\SysWOW64\credui.dll05:23:29.0098 0x0ce8 C:\Windows\SysWOW64\credui.dll - ok05:23:29.0113 0x0ce8 [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll05:23:29.0113 0x0ce8 C:\Windows\SysWOW64\msasn1.dll - ok05:23:29.0129 0x0ce8 [ 1C2C15793DF978A09FA1E1B973B8DBE7, 249EF0DEDC56EC2513B59F05F508421235EBDD984E2964B46E8983C0D55B1E05 ] C:\Windows\SysWOW64\NBMatS1SDK.dll05:23:29.0129 0x0ce8 C:\Windows\SysWOW64\NBMatS1SDK.dll - ok05:23:29.0129 0x0ce8 [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll05:23:29.0129 0x0ce8 C:\Windows\SysWOW64\comdlg32.dll - ok05:23:29.0144 0x0ce8 [ 75F5E1FE8D55CF8E577E0EC5F2290D3F, F4E2C81F0834018052A481AE8D7DF4780302A6844160CCDC09F7D82D3B992BDE ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll05:23:29.0144 0x0ce8 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok05:23:29.0160 0x0ce8 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv05:23:29.0160 0x0ce8 C:\Windows\SysWOW64\winspool.drv - ok05:23:29.0176 0x0ce8 [ 68EAAEDF0365168B804E8728368FA946, 1FA25087E8B247B099B729F780DBF24F77FD34F58186A1C94329261CF3D18B8E ] C:\Windows\SysWOW64\wintrust.dll05:23:29.0176 0x0ce8 C:\Windows\SysWOW64\wintrust.dll - ok05:23:29.0191 0x0ce8 [ 3D7E226A62DA60B6035F6FDC16F30979, 4A0C484EA6243CE848723A76D332698DF0387C1D713DB3452CBE9C3F0BED9E70 ] C:\Program Files (x86)\EgisTec BioExcess\x64\PSDUtil.dll05:23:29.0191 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\x64\PSDUtil.dll - ok05:23:29.0207 0x0ce8 [ 805CF8B9C2AB26F4065F3A1B7F88B6D6, BC1CD96934429572E10FDCF011F2FB0837CDF0FB4E0F2EECCDBCABE504570B7E ] C:\Program Files (x86)\EgisTec BioExcess\PSDUtil.dll05:23:29.0207 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\PSDUtil.dll - ok05:23:29.0222 0x0ce8 [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll05:23:29.0222 0x0ce8 C:\Windows\SysWOW64\mpr.dll - ok05:23:29.0222 0x0ce8 [ 844E3817DAD30FD9AF06E3325838FAE4, D874AD7AA20F416431812728612E3E634844C9D5D7D4C39F4C446892BACD8660 ] C:\Program Files (x86)\EgisTec BioExcess\x64\sysenv.dll05:23:29.0222 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\x64\sysenv.dll - ok05:23:29.0238 0x0ce8 [ 7AC530B80743ECCD826F6E49E1E618F8, CBE28CDCE095BD36251AB26970587CE5B82C2698B08E7F10758DB6818173B421 ] C:\Program Files (x86)\EgisTec BioExcess\sysenv.dll05:23:29.0238 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\sysenv.dll - ok05:23:29.0254 0x0ce8 [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll05:23:29.0254 0x0ce8 C:\Windows\SysWOW64\version.dll - ok05:23:29.0269 0x0ce8 [ 2C1A297638E4319179A1112D4D6522B8, A5A9A82245D631EE50C9F5BF22C85B18E4BAABAB1C559E1833164578C2EC618F ] C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe05:23:29.0269 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe - ok05:23:29.0285 0x0ce8 [ 3C52C520F7EB8E6D720244057EFA8E2F, D3E67415A949B9DBBDFA1D42A75926D1CA01B9DF17127D2701BD1FD2136493F4 ] C:\Program Files (x86)\EgisTec BioExcess\LoggerUtility.dll05:23:29.0285 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\LoggerUtility.dll - ok05:23:29.0300 0x0ce8 [ DE25717D7AD3493452A72A135D31CD11, BA5E5900CEA5D17E12755D4DD625C59364B1FC9EA1D333D4F1DCECB0BE25B97C ] C:\Program Files (x86)\EgisTec BioExcess\EgisFinger.dll05:23:29.0300 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\EgisFinger.dll - ok05:23:29.0316 0x0ce8 [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll05:23:29.0316 0x0ce8 C:\Windows\SysWOW64\powrprof.dll - ok05:23:29.0332 0x0ce8 [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll05:23:29.0332 0x0ce8 C:\Windows\System32\mpr.dll - ok05:23:29.0347 0x0ce8 [ 3542507C3A593397964F8EEAEF1F4983, 14FF865BBB4E2533778C33F2B0F98092BFAD1366522715FCD678984603DDF6FE ] C:\Program Files (x86)\Lenovo\VeriFace\VerifyHost.exe05:23:29.0347 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\VerifyHost.exe - ok05:23:29.0347 0x0ce8 [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe05:23:29.0347 0x0ce8 C:\Windows\System32\dllhost.exe - ok05:23:29.0363 0x0ce8 [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll05:23:29.0363 0x0ce8 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok05:23:29.0378 0x0ce8 [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll05:23:29.0378 0x0ce8 C:\Windows\System32\IDStore.dll - ok05:23:29.0394 0x0ce8 [ FD67683FBA9B2C4BB551780BD8846F64, 4BB7C956EA8D2CE63F5BF80FAE652F98416A7635202AEE04FC8D81000E6363DF ] C:\Windows\SysWOW64\winsta.dll05:23:29.0394 0x0ce8 C:\Windows\SysWOW64\winsta.dll - ok05:23:29.0394 0x0ce8 [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\SysWOW64\oledlg.dll05:23:29.0394 0x0ce8 C:\Windows\SysWOW64\oledlg.dll - ok05:23:29.0410 0x0ce8 [ 614A44B094643B69C6168CE9E61C65E3, 15FC3D2B71E4D7F00FAB000FC5CA8F36711E2E6BBCD9C44248E0E86AFE14EA5D ] C:\Program Files (x86)\Lenovo\VeriFace\FaceVerify2.dll05:23:29.0410 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\FaceVerify2.dll - ok05:23:29.0425 0x0ce8 [ 23566F9723771108D2E6CD768AC27407, FAC0293DD1061B151E779BF4B245E6652C951FEDEBC602A166156DFBD38B5D67 ] C:\Windows\System32\AtBroker.exe05:23:29.0425 0x0ce8 C:\Windows\System32\AtBroker.exe - ok05:23:29.0441 0x0ce8 [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe05:23:29.0441 0x0ce8 C:\Windows\System32\userinit.exe - ok05:23:29.0456 0x0ce8 [ EE19C85CA685A275BE346EC41F1870F9, F071D88C38C62E9D88DDE29F451B2B581499758A7E60BDA6DED3376280C5A635 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dll05:23:29.0456 0x0ce8 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dll - ok05:23:29.0456 0x0ce8 [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe05:23:29.0456 0x0ce8 C:\Windows\System32\dwm.exe - ok05:23:29.0472 0x0ce8 [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll05:23:29.0472 0x0ce8 C:\Windows\SysWOW64\samcli.dll - ok05:23:29.0488 0x0ce8 [ B094390B6B2D0456821384771020870B, 137FEDD0EFBF1CEDA4930D8CE0A012A250CFF4020931846646090BB2C99EE7CE ] C:\Windows\SysWOW64\secur32.dll05:23:29.0488 0x0ce8 C:\Windows\SysWOW64\secur32.dll - ok05:23:29.0503 0x0ce8 [ 0AF3823D4642DE3D708C6F9DA2134999, EB410F1715624EAEA6AD2FD3D409A17A3F38024C148BF5CBFD5C80486D74B8BF ] C:\Program Files (x86)\Lenovo\VeriFace\Apblend.dll05:23:29.0503 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\Apblend.dll - ok05:23:29.0519 0x0ce8 [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll05:23:29.0519 0x0ce8 C:\Windows\System32\dwmredir.dll - ok05:23:29.0519 0x0ce8 [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll05:23:29.0519 0x0ce8 C:\Windows\System32\dwmcore.dll - ok05:23:29.0534 0x0ce8 [ 5B0860BAAFF9BAD748F78F920B6AAE7F, C1A4955D3F5ED7CE4B178B085A3CD9FE227A2C16E1B312BC7E53C13890AB6563 ] C:\Program Files (x86)\Lenovo\VeriFace\MainOp.dll05:23:29.0534 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\MainOp.dll - ok05:23:29.0550 0x0ce8 [ 9AE80F6A66B30E3ED8CDF858CF28B11B, A93E470DC54E3C74C10979D49CABB9A34893F9E847F88491F935DB44EEC3541A ] C:\Windows\System32\d3d10_1.dll05:23:29.0550 0x0ce8 C:\Windows\System32\d3d10_1.dll - ok05:23:29.0566 0x0ce8 [ C335EC1182AC10B188705554E0BC1186, 963CD11CEF7A79559361134FDF9C07B8EA829A40D3996D77E95C291DD17AAD2B ] C:\Windows\SysWOW64\msvfw32.dll05:23:29.0566 0x0ce8 C:\Windows\SysWOW64\msvfw32.dll - ok05:23:29.0566 0x0ce8 [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll05:23:29.0566 0x0ce8 C:\Windows\SysWOW64\winmm.dll - ok05:23:29.0581 0x0ce8 [ E012289420A61AE54F21591A54323B74, FAF85343C955734D012E66FC840B3470997E77C8D320FDD0D2175D5D1FFAF076 ] C:\Program Files (x86)\Lenovo\VeriFace\msvcp80d.dll05:23:29.0581 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\msvcp80d.dll - ok05:23:29.0597 0x0ce8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys05:23:29.0597 0x0ce8 C:\Windows\System32\drivers\lltdio.sys - ok05:23:29.0612 0x0ce8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys05:23:29.0612 0x0ce8 C:\Windows\System32\drivers\nwifi.sys - ok05:23:29.0628 0x0ce8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] C:\Windows\System32\drivers\ndisuio.sys05:23:29.0628 0x0ce8 C:\Windows\System32\drivers\ndisuio.sys - ok05:23:29.0628 0x0ce8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys05:23:29.0628 0x0ce8 C:\Windows\System32\drivers\rspndr.sys - ok05:23:29.0644 0x0ce8 [ A200575E5415B2D87691EDB3CA40688F, 3C70AC7293A33F65138EBAF7F95281ABEA187DB310873518DE58A89C71CCA363 ] C:\Program Files (x86)\Lenovo\VeriFace\msvcr80d.dll05:23:29.0644 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\msvcr80d.dll - ok05:23:29.0659 0x0ce8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll05:23:29.0659 0x0ce8 C:\Windows\System32\lmhsvc.dll - ok05:23:29.0675 0x0ce8 [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll05:23:29.0675 0x0ce8 C:\Windows\System32\nrpsrv.dll - ok05:23:29.0675 0x0ce8 [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll05:23:29.0675 0x0ce8 C:\Windows\System32\keyiso.dll - ok05:23:29.0690 0x0ce8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll05:23:29.0690 0x0ce8 C:\Windows\System32\nsisvc.dll - ok05:23:29.0706 0x0ce8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll05:23:29.0706 0x0ce8 C:\Windows\System32\eapsvc.dll - ok05:23:29.0722 0x0ce8 [ 87356377F31DA5F20A833811CD59499C, 4FEC1FD3AC4E4E34DCBC0109B248952604F438C84B1604EB9E2359FA721E23C4 ] C:\Windows\System32\eapphost.dll05:23:29.0722 0x0ce8 C:\Windows\System32\eapphost.dll - ok05:23:29.0722 0x0ce8 [ B406FF2D245269704BF160E8CC3116F3, FA409711F294C2B08198F408D67C576E6A4533842DE9A0F2071840424ACC0E64 ] C:\Program Files (x86)\Lenovo\VeriFace\Momo.dll05:23:29.0722 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\Momo.dll - ok05:23:29.0737 0x0ce8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll05:23:29.0737 0x0ce8 C:\Windows\System32\dhcpcore.dll - ok05:23:29.0753 0x0ce8 [ 65B1B7A1E37C9838EEB898F0BD060613, 14DA394B5553C31CF30C5F523D5DAB2869206713D4B4E1CA5C36BD70B1A75E50 ] C:\Program Files (x86)\Lenovo\VeriFace\SetDev.dll05:23:29.0753 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\SetDev.dll - ok05:23:29.0768 0x0ce8 [ E24FE90E9DE8D8AE70E59F7B01675DEF, DDB0691488DB424CC203505E27364B24E4410E599A972CF2C1AFF4E2F3E3C04F ] C:\Windows\SysWOW64\avicap32.dll05:23:29.0768 0x0ce8 C:\Windows\SysWOW64\avicap32.dll - ok05:23:29.0784 0x0ce8 [ 3CC16A849E6092E43909F48EF0E60306, 610B576654A69415E4F2FEDB6BA384C77715944E4F89BD2821B311968CA8D810 ] C:\Windows\System32\dhcpcore6.dll05:23:29.0784 0x0ce8 C:\Windows\System32\dhcpcore6.dll - ok05:23:29.0784 0x0ce8 [ 0E85C11F8850D524B02181C6E02BA9AE, 8703566931067CCF949E9779E4D328DD21210329DD687459300C83DDD06390A8 ] C:\Windows\SysWOW64\dsound.dll05:23:29.0784 0x0ce8 C:\Windows\SysWOW64\dsound.dll - ok05:23:29.0800 0x0ce8 [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll05:23:29.0800 0x0ce8 C:\Windows\System32\umb.dll - ok05:23:29.0816 0x0ce8 [ C12F618E0E0B9F3024CE22D6B1DCA571, 3EBB4A149EA24FE8109317290EE76400B1EA87DC3AD380517639E073CDC023B1 ] C:\Program Files (x86)\Lenovo\VeriFace\FunFrm.dll05:23:29.0816 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\FunFrm.dll - ok05:23:29.0832 0x0ce8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll05:23:29.0832 0x0ce8 C:\Windows\System32\dnsrslvr.dll - ok05:23:29.0832 0x0ce8 [ 096B2B6458DC3FD9C82C4B95F8EF07F8, 1310BD6816AAC924C83706D9C094FBD80BF21E091BA4125D7409D39FF251F6B0 ] C:\Program Files (x86)\Lenovo\VeriFace\LangHlpr.dll05:23:29.0832 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\LangHlpr.dll - ok05:23:29.0847 0x0ce8 [ 1939C3F72AE0AEA96131D7FBEB887C53, BA2A3E2A92A94865B85E1C3A6F88EF46FC9ACBF406436CC67AC2CD1677F350A2 ] C:\Program Files (x86)\Lenovo\VeriFace\RICPlayerInterface.dll05:23:29.0847 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\RICPlayerInterface.dll - ok05:23:29.0863 0x0ce8 [ A648C4A06DE367065B24056D067B4460, 2412487D65A833DDD9AB17D039515CC08DA22D006259EC4B03E42475FAFFD2AD ] C:\Windows\System32\wlanmsm.dll05:23:29.0863 0x0ce8 C:\Windows\System32\wlanmsm.dll - ok05:23:29.0879 0x0ce8 [ D07EB640618F96490DB88C3CE58DB608, 0C553971259632031E6856A94EEB937D571627FC7CF061CCFC040F4BF0CFF259 ] C:\Windows\System32\FWPUCLNT.DLL05:23:29.0879 0x0ce8 C:\Windows\System32\FWPUCLNT.DLL - ok05:23:29.0879 0x0ce8 [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll05:23:29.0879 0x0ce8 C:\Windows\System32\wlansec.dll - ok05:23:29.0894 0x0ce8 [ B49D60F50D7892E233BC998E1C60DE08, D8F6FBCD8030A1B7E4796C87CA1A0D5AA990F0EAE4252C8BCFE817D2B8E383A6 ] C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll05:23:29.0894 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll - ok05:23:29.0910 0x0ce8 [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll05:23:29.0910 0x0ce8 C:\Windows\System32\onex.dll - ok05:23:29.0925 0x0ce8 [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll05:23:29.0925 0x0ce8 C:\Windows\System32\dhcpcsvc.dll - ok05:23:29.0925 0x0ce8 [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll05:23:29.0925 0x0ce8 C:\Windows\System32\eappprxy.dll - ok05:23:29.0941 0x0ce8 [ 63F72417CA38D8FC8F53709649B589E3, 39AE8AFFCFB8A9E345FC4C6F11926F25552C464380F88CDECD299FD27AF7866B ] C:\Windows\System32\d3d10_1core.dll05:23:29.0941 0x0ce8 C:\Windows\System32\d3d10_1core.dll - ok05:23:29.0957 0x0ce8 [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll05:23:29.0957 0x0ce8 C:\Windows\System32\dnsext.dll - ok05:23:29.0972 0x0ce8 [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll05:23:29.0972 0x0ce8 C:\Windows\System32\eappcfg.dll - ok05:23:29.0988 0x0ce8 [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll05:23:29.0988 0x0ce8 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok05:23:29.0988 0x0ce8 [ 3C06D5A929B798D0B13F6481242A0FD2, CE6127A31AB09E21A912CA16E4BDF663E9D05C254CCF9090A8B5A9A2E055EFF3 ] C:\Windows\System32\dhcpcsvc6.dll05:23:29.0988 0x0ce8 C:\Windows\System32\dhcpcsvc6.dll - ok05:23:30.0003 0x0ce8 [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll05:23:30.0003 0x0ce8 C:\Windows\System32\wlgpclnt.dll - ok05:23:30.0019 0x0ce8 [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll05:23:30.0019 0x0ce8 C:\Windows\System32\dxgi.dll - ok05:23:30.0035 0x0ce8 [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll05:23:30.0035 0x0ce8 C:\Windows\System32\l2gpstore.dll - ok05:23:30.0035 0x0ce8 [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll05:23:30.0035 0x0ce8 C:\Windows\System32\WinSCard.dll - ok05:23:30.0050 0x0ce8 [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll05:23:30.0050 0x0ce8 C:\Windows\System32\wlanutil.dll - ok05:23:30.0066 0x0ce8 [ 0E3A7EC2B9590EA7767BBB1823630DEA, 6858B7050465DB8505CF9E932868B123B925376C05363EA5A9198B2AE15CF728 ] C:\Windows\System32\msxml6.dll05:23:30.0066 0x0ce8 C:\Windows\System32\msxml6.dll - ok05:23:30.0081 0x0ce8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll05:23:30.0081 0x0ce8 C:\Windows\System32\shsvcs.dll - ok05:23:30.0097 0x0ce8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll05:23:30.0097 0x0ce8 C:\Windows\System32\schedsvc.dll - ok05:23:30.0097 0x0ce8 [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll05:23:30.0097 0x0ce8 C:\Windows\System32\ktmw32.dll - ok05:23:30.0113 0x0ce8 [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll05:23:30.0113 0x0ce8 C:\Windows\System32\fveapi.dll - ok05:23:30.0128 0x0ce8 [ CCE3B423254296E4E1C3C52AB504108F, 045EE134F1A1A6C00628F964DDB882A6E3893017025ECA291B01C2870579EDA9 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll05:23:30.0128 0x0ce8 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok05:23:30.0144 0x0ce8 [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll05:23:30.0144 0x0ce8 C:\Windows\System32\fvecerts.dll - ok05:23:30.0144 0x0ce8 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll05:23:30.0144 0x0ce8 C:\Windows\System32\taskcomp.dll - ok05:23:30.0159 0x0ce8 [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll05:23:30.0159 0x0ce8 C:\Windows\System32\tbs.dll - ok05:23:30.0175 0x0ce8 [ 218A400108F280428FA22282D3268BBC, 7712687ABAEF6616E90AE5A321044C102E79EC23F4A1EAFB4278C93724873CB3 ] C:\Windows\System32\wscapi.dll05:23:30.0175 0x0ce8 C:\Windows\System32\wscapi.dll - ok05:23:30.0191 0x0ce8 [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll05:23:30.0191 0x0ce8 C:\Windows\System32\wiarpc.dll - ok05:23:30.0191 0x0ce8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys05:23:30.0191 0x0ce8 C:\Windows\System32\drivers\http.sys - ok05:23:30.0206 0x0ce8 [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll05:23:30.0206 0x0ce8 C:\Windows\SysWOW64\uxtheme.dll - ok05:23:30.0222 0x0ce8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] C:\Windows\System32\spoolsv.exe05:23:30.0222 0x0ce8 C:\Windows\System32\spoolsv.exe - ok05:23:30.0237 0x0ce8 [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe05:23:30.0237 0x0ce8 C:\Windows\System32\taskhost.exe - ok05:23:30.0237 0x0ce8 [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll05:23:30.0237 0x0ce8 C:\Windows\System32\PlaySndSrv.dll - ok05:23:30.0253 0x0ce8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL05:23:30.0253 0x0ce8 C:\Windows\System32\BFE.DLL - ok05:23:30.0269 0x0ce8 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll05:23:30.0269 0x0ce8 C:\Windows\System32\MsCtfMonitor.dll - ok05:23:30.0284 0x0ce8 [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll05:23:30.0284 0x0ce8 C:\Windows\System32\msutb.dll - ok05:23:30.0300 0x0ce8 [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll05:23:30.0300 0x0ce8 C:\Windows\System32\HotStartUserAgent.dll - ok05:23:30.0300 0x0ce8 [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll05:23:30.0300 0x0ce8 C:\Windows\System32\netcfgx.dll - ok05:23:30.0315 0x0ce8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys05:23:30.0315 0x0ce8 C:\Windows\System32\drivers\bowser.sys - ok05:23:30.0331 0x0ce8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys05:23:30.0331 0x0ce8 C:\Windows\System32\drivers\mpsdrv.sys - ok05:23:30.0347 0x0ce8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys05:23:30.0347 0x0ce8 C:\Windows\System32\drivers\mrxsmb.sys - ok05:23:30.0362 0x0ce8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys05:23:30.0362 0x0ce8 C:\Windows\System32\drivers\mrxsmb10.sys - ok05:23:30.0362 0x0ce8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys05:23:30.0362 0x0ce8 C:\Windows\System32\drivers\mrxsmb20.sys - ok05:23:30.0378 0x0ce8 [ 4C92EB7535CAA1681A77D928FBF9771F, 7D02B2357CA02393CA711C3C499AAD86B792EEFFDC67F2CE52F7F7BB8A28DE79 ] C:\Windows\System32\d3d11.dll05:23:30.0378 0x0ce8 C:\Windows\System32\d3d11.dll - ok05:23:30.0393 0x0ce8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll05:23:30.0393 0x0ce8 C:\Windows\System32\MPSSVC.dll - ok05:23:30.0409 0x0ce8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll05:23:30.0409 0x0ce8 C:\Windows\System32\wkssvc.dll - ok05:23:30.0409 0x0ce8 [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll05:23:30.0409 0x0ce8 C:\Windows\System32\wfapigp.dll - ok05:23:30.0425 0x0ce8 [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll05:23:30.0425 0x0ce8 C:\Windows\System32\mscms.dll - ok05:23:30.0440 0x0ce8 [ E2D3363D2298F8B4DEF484AB40E66C49, 2BC5AB307837DDD63B68385B032EF8D9B76507851545BB51EC218D164C62C42C ] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe05:23:30.0440 0x0ce8 C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe - ok05:23:30.0456 0x0ce8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll05:23:30.0456 0x0ce8 C:\Windows\System32\pcasvc.dll - ok05:23:30.0456 0x0ce8 [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll05:23:30.0456 0x0ce8 C:\Windows\SysWOW64\winhttp.dll - ok05:23:30.0471 0x0ce8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe05:23:30.0471 0x0ce8 C:\Windows\System32\snmptrap.exe - ok05:23:30.0487 0x0ce8 [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll05:23:30.0487 0x0ce8 C:\Windows\SysWOW64\webio.dll - ok05:23:30.0503 0x0ce8 [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe05:23:30.0503 0x0ce8 C:\Windows\System32\taskeng.exe - ok05:23:30.0518 0x0ce8 [ 3888D02CE6413C2A06D903DE1C778BF5, 4158B80F3F481C8275DBA1361B49C34025F4B6DC154DB8237AB69665727516F7 ] C:\Windows\SysWOW64\msi.dll05:23:30.0518 0x0ce8 C:\Windows\SysWOW64\msi.dll - ok05:23:30.0518 0x0ce8 [ 10EAB90C1AE8271B5FE5A8930987EE5C, 53E72964AA75526B161F859A509CB046809AE47C65DC998F0E49AC8AED9066EA ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll05:23:30.0518 0x0ce8 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok05:23:30.0534 0x0ce8 [ 4004299B7AF4CBFF6540F1798899A11F, 5DD3AE149B7228A769F2FE95355795AC98ACD8CDFB78954A423A357F717203C3 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll05:23:30.0534 0x0ce8 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok05:23:30.0549 0x0ce8 [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll05:23:30.0549 0x0ce8 C:\Windows\System32\TSChannel.dll - ok05:23:30.0565 0x0ce8 [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe05:23:30.0565 0x0ce8 C:\Windows\explorer.exe - ok05:23:30.0565 0x0ce8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll05:23:30.0565 0x0ce8 C:\Windows\System32\sstpsvc.dll - ok05:23:30.0581 0x0ce8 [ CA699C57CDCEFD764A197F4A1A46B113, FA51CB5091B402F03F3B6DA175FFA1AF268F609EF91B60877F3D21D5E0BE7800 ] C:\Program Files (x86)\Lenovo\VeriFace\English\Facev.dll05:23:30.0581 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\English\Facev.dll - ok05:23:30.0596 0x0ce8 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe05:23:30.0596 0x0ce8 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok05:23:30.0612 0x0ce8 [ 59BCE9F07985F8A4204F4D6554CFF708, CA24AEF558647274D019DFB4D7FD1506D84EC278795C30BA53B81BB36130DC57 ] C:\Windows\System32\regsvr32.exe05:23:30.0612 0x0ce8 C:\Windows\System32\regsvr32.exe - ok05:23:30.0612 0x0ce8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll05:23:30.0612 0x0ce8 C:\Windows\System32\provsvc.dll - ok05:23:30.0627 0x0ce8 [ B6A17555D2CB159A47E910670DE6F7AF, DA548471F6FF5CD4FEC8E592C5C94AF7041AE79ED6ACBF07E9E818E24EB383D1 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll05:23:30.0627 0x0ce8 C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok05:23:30.0643 0x0ce8 [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe05:23:30.0643 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok05:23:30.0659 0x0ce8 [ E3C817F7FE44CC870ECDBCBC3EA36132, D769FAFA2B3232DE9FA7153212BA287F68E745257F1C00FAFB511E7A02DE7ADF ] C:\Windows\SysWOW64\msvcp100.dll05:23:30.0659 0x0ce8 C:\Windows\SysWOW64\msvcp100.dll - ok05:23:30.0674 0x0ce8 [ E243FE74E2ADE67A1BD3F79E6D8D9245, 247832F36259907A7EFC4F4DD718EDE788B3A979D734165AE5133417E6EA25F7 ] C:\Program Files (x86)\Google\Update\1.3.25.5\goopdate.dll05:23:30.0674 0x0ce8 C:\Program Files (x86)\Google\Update\1.3.25.5\goopdate.dll - ok05:23:30.0690 0x0ce8 [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL05:23:30.0690 0x0ce8 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok05:23:30.0690 0x0ce8 [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll05:23:30.0690 0x0ce8 C:\Windows\SysWOW64\nsi.dll - ok05:23:30.0705 0x0ce8 [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll05:23:30.0705 0x0ce8 C:\Windows\SysWOW64\winnsi.dll - ok05:23:30.0721 0x0ce8 [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll05:23:30.0721 0x0ce8 C:\Windows\SysWOW64\msimg32.dll - ok05:23:30.0721 0x0ce8 [ 7AE80F921027CF88CB9D0433088A3E55, 7B495ADBA2DCBD873C918F5F6FF588BAFAB5AF29BE4E8BEF12A520947457B738 ] C:\Windows\SysWOW64\wininet.dll05:23:30.0721 0x0ce8 C:\Windows\SysWOW64\wininet.dll - ok05:23:30.0737 0x0ce8 [ 2E33DFD10F28F86C3FC40EE123CC3904, 57C65671A04EFCA437A69E8E97B2FCA17897EE4608C7DB69F77D44FBD3490B50 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll05:23:30.0737 0x0ce8 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok05:23:30.0752 0x0ce8 [ 6951562DC4625EEFC6EACD52AD165866, 44A0B3EA0232D613A5B4115492DF2A7CEF25B35300E6A3E3E50C9544C5D1049E ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll05:23:30.0752 0x0ce8 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok05:23:30.0768 0x0ce8 [ 589CBC4989F750E1DA35625AB481CF43, B93E1B8C3775F9C995FD5451C685A06DEFD24AE1DF0DD99D19D5E4B9AC0010F9 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll05:23:30.0768 0x0ce8 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok05:23:30.0783 0x0ce8 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7, 603EEC55D6F646150FC3F0F2C939CFE434C02FC7A7AB23B1FEC8B5C77E4C8381 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll05:23:30.0783 0x0ce8 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok05:23:30.0783 0x0ce8 [ 55A400FDB21D157E947A0EE65AEDB1B3, 8790D3A676007F086F6298C5BA65F8FE85FD150248FC9DCAF48BCCEAD1B31764 ] C:\Windows\SysWOW64\iertutil.dll05:23:30.0783 0x0ce8 C:\Windows\SysWOW64\iertutil.dll - ok05:23:30.0799 0x0ce8 [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll05:23:30.0799 0x0ce8 C:\Windows\System32\ExplorerFrame.dll - ok05:23:30.0815 0x0ce8 [ 6A13B4F3B3F575F1E24B877B9359AABA, 676AD5F8F709D4A9DCE9938D82DEEE329C9A385A6969C169B3DF37AA75F1E4C7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll05:23:30.0815 0x0ce8 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok05:23:30.0830 0x0ce8 [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll05:23:30.0830 0x0ce8 C:\Windows\SysWOW64\cscapi.dll - ok05:23:30.0846 0x0ce8 [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll05:23:30.0846 0x0ce8 C:\Windows\SysWOW64\ntmarta.dll - ok05:23:30.0846 0x0ce8 [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll05:23:30.0846 0x0ce8 C:\Windows\SysWOW64\Wldap32.dll - ok05:23:30.0861 0x0ce8 [ D6417C90885BC6589974F60C0DF4BFA5, 0DB07D028E64E8EF22F6C42A804DD2EE2EEE9CC674CB1D8ED9D65019BECC2DE4 ] C:\Windows\System32\CbFsMntNtf3.dll05:23:30.0861 0x0ce8 C:\Windows\System32\CbFsMntNtf3.dll - ok05:23:30.0877 0x0ce8 [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll05:23:30.0877 0x0ce8 C:\Windows\System32\EhStorShell.dll - ok05:23:30.0877 0x0ce8 [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll05:23:30.0877 0x0ce8 C:\Windows\SysWOW64\apphelp.dll - ok05:23:30.0893 0x0ce8 [ 976D5F35A058340DA2C160CEC4063C4B, 156210FFE32821DBC0BEE39FE1CD7CD30ECFC02B80EF02DC2A990DA06B87A925 ] C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe05:23:30.0893 0x0ce8 C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe - ok05:23:30.0908 0x0ce8 [ 047556104954A72A2222FFF169166EEE, B9DED78A089FDCBF557D99546107E384D077D617655D14990E14FDA9A3B609ED ] C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe05:23:30.0908 0x0ce8 C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe - ok05:23:30.0924 0x0ce8 [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll05:23:30.0924 0x0ce8 C:\Windows\SysWOW64\clbcatq.dll - ok05:23:30.0939 0x0ce8 [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll05:23:30.0939 0x0ce8 C:\Windows\System32\cscapi.dll - ok05:23:30.0939 0x0ce8 [ C5A99A4C0DC9F0F5A95BA0C83D30A549, F99CCCE303F0FC07D82D3BBA223E8CCE41FB7FA8FB5C2A9214C161826537C7C9 ] C:\Windows\SysWOW64\mstask.dll05:23:30.0939 0x0ce8 C:\Windows\SysWOW64\mstask.dll - ok05:23:30.0955 0x0ce8 [ A7A8CA53D9C9FD90C07AB0EB38E5316B, B98722E76601A98F038F40703C4B8BD21B5EC3B65DC1B07B7C367C06448F8A0E ] C:\Windows\System32\dbghelp.dll05:23:30.0955 0x0ce8 C:\Windows\System32\dbghelp.dll - ok05:23:30.0971 0x0ce8 [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll05:23:30.0971 0x0ce8 C:\Windows\System32\ntshrui.dll - ok05:23:30.0971 0x0ce8 [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\Windows\SysWOW64\msvcr100.dll05:23:30.0971 0x0ce8 C:\Windows\SysWOW64\msvcr100.dll - ok05:23:30.0986 0x0ce8 [ 29158B1DC3F86D4B0D6A127FE586ADFF, 03C17FA518200CE5C53AED55C5AF22D0A2D483110FB1E7EA6F990C56936570E6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll05:23:30.0986 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok05:23:31.0002 0x0ce8 [ ACEF41504E13FCDB2A75209D032A708C, D167DFF5AF4F70250AE22CA0D8190CDC64B255C6ADC15B2D07C7B80A96D3D1D9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll05:23:31.0002 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok05:23:31.0017 0x0ce8 [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll05:23:31.0017 0x0ce8 C:\Windows\System32\esent.dll - ok05:23:31.0017 0x0ce8 [ 587EBA464CF51574F9BDC3C8AADA9D38, 5A9048744630A3E3CB6B14EA657FC40553CE8A1677143031F1884A9F1BB2A4DB ] C:\Windows\System32\IcnOvrly.dll05:23:31.0017 0x0ce8 C:\Windows\System32\IcnOvrly.dll - ok05:23:31.0033 0x0ce8 [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll05:23:31.0033 0x0ce8 C:\Windows\System32\IconCodecService.dll - ok05:23:31.0049 0x0ce8 [ FCB03B57E6DEAE7F83758BF8C03AD0DE, AC6F39B60932BB8679240551287B6A42AA943993FA9C1FFB68192FDC5A104AEC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll05:23:31.0049 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok05:23:31.0064 0x0ce8 [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll05:23:31.0064 0x0ce8 C:\Windows\SysWOW64\ws2_32.dll - ok05:23:31.0080 0x0ce8 [ A15D5424D20AAAB9189CCA44E67C4F2B, 83D42EE57971677E851E54E56345F1F148515AFC954C43DA416F53695A8B93A9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll05:23:31.0080 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok05:23:31.0080 0x0ce8 [ 8EAEB0ED23A98DE0F0C812D756E47CE9, D49AB526C0B0356AB1F778E3B6AFC4D148742942F8561C9C4C2183A649661A86 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll05:23:31.0080 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok05:23:31.0095 0x0ce8 [ 5760B2B5BAA3449C045B6FA222205F60, AC566245868530F6A8F80BEA9C6AB532DB2280F280CA4889C09BCCA9D057C1D4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll05:23:31.0095 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok05:23:31.0111 0x0ce8 [ BCE7DD8098CE6DD28EE2B0D5D5028B47, C48E1E455A0C6FC351CA2A8938C78D6D278B753FA7A621628B4E843C3A8F02FE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll05:23:31.0111 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok05:23:31.0127 0x0ce8 [ 922563953E405AA9762F90778B711F77, 3DD35372DFC79F309BF419E9BF0043D1B1E00EDC47DCFF4D669416BDD5B094C5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll05:23:31.0127 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok05:23:31.0142 0x0ce8 [ 54023DF1A9A7D481B4762B09ECCA330F, 271B46804B2E944B7ABF707939CB498AE78B0EE6DDCE318E26BE0C7BA826DFA3 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt49.dll05:23:31.0142 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt49.dll - ok05:23:31.0142 0x0ce8 [ D86B959B6B9093A56FF423F24E0885D5, 30C751A5B5B73A59E9CC57925F0465D21CBD9637B3252E323323C936FC58F0A1 ] C:\Windows\System32\aticfx64.dll05:23:31.0142 0x0ce8 C:\Windows\System32\aticfx64.dll - ok05:23:31.0158 0x0ce8 [ 0C7000247E010C77D93560E7D5CCE482, 5646E5FF5A1A08E4C2084B1874EB36680233F050CBD047BC5B6B68129006F900 ] C:\Windows\System32\atidxx64.dll05:23:31.0158 0x0ce8 C:\Windows\System32\atidxx64.dll - ok05:23:31.0158 0x0ce8 [ DC814074668BC00F0494A0C64479246D, 74B5FE13FC8DFA98DE25EC2143DF36EDAB19521C7A1B981B009224B5404F4AD8 ] C:\Windows\System32\atiuxp64.dll05:23:31.0158 0x0ce8 C:\Windows\System32\atiuxp64.dll - ok05:23:31.0173 0x0ce8 [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll05:23:31.0173 0x0ce8 C:\Windows\System32\uDWM.dll - ok05:23:31.0189 0x0ce8 [ 61515190FE0F3FDD31357C29150554D7, 6B378887F3430C264F83EEF218794E8786B1EA1210D2439FEA2152B1C05415F7 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll05:23:31.0189 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok05:23:31.0205 0x0ce8 [ 2EC5693E2EE393F3A97BBB6C46D67779, 68CCECB20B55247B0DC2EF720FA8905CD039D91002D7450293BE585DF926462B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll05:23:31.0205 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok05:23:31.0205 0x0ce8 [ 062373995EAE5F0EAC9EAA9192136BFB, 0392D5656BD677C4C5CB74C96E7B85B0867F2535A37950AEC7F5C4A1A70D19AE ] C:\Windows\SysWOW64\dnssd.dll05:23:31.0205 0x0ce8 C:\Windows\SysWOW64\dnssd.dll - ok05:23:31.0220 0x0ce8 [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll05:23:31.0220 0x0ce8 C:\Windows\SysWOW64\wsock32.dll - ok05:23:31.0236 0x0ce8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] C:\Program Files\Bonjour\mDNSResponder.exe05:23:31.0236 0x0ce8 C:\Program Files\Bonjour\mDNSResponder.exe - ok05:23:31.0251 0x0ce8 [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\SysWOW64\mswsock.dll05:23:31.0251 0x0ce8 C:\Windows\SysWOW64\mswsock.dll - ok05:23:31.0251 0x0ce8 [ AD4524BF57249027759A426A450E085D, 3662D41C1B881F50232684388A60C91C3AB7A74D43F5881E4514F9A8A97970F8 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll05:23:31.0251 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok05:23:31.0267 0x0ce8 [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL05:23:31.0267 0x0ce8 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok05:23:31.0283 0x0ce8 [ 0C043B0ABBB5E14E68906AB80365395B, A57A6FAF713EA4F46566A941DE7C2273ED4EB50F9E30B70276E810873AF6900B ] C:\Windows\System32\efssvc.dll05:23:31.0283 0x0ce8 C:\Windows\System32\efssvc.dll - ok05:23:31.0283 0x0ce8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] C:\Windows\System32\cryptsvc.dll05:23:31.0283 0x0ce8 C:\Windows\System32\cryptsvc.dll - ok05:23:31.0298 0x0ce8 [ 7F8E83B9466A0A002D4AB15C104062A7, D2D64B95079243F04479A7950AFB9DD086C43BF0236E72E74FC45C6945A765E4 ] C:\Windows\System32\efscore.dll05:23:31.0298 0x0ce8 C:\Windows\System32\efscore.dll - ok Link to post Share on other sites More sharing options...
DanielOverInPennsylvania Posted October 27, 2014 Author ID:896990 Share Posted October 27, 2014 05:23:31.0314 0x0ce8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] C:\Windows\System32\IKEEXT.DLL05:23:31.0314 0x0ce8 C:\Windows\System32\IKEEXT.DLL - ok05:23:31.0314 0x0ce8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll05:23:31.0314 0x0ce8 C:\Windows\System32\netman.dll - ok05:23:31.0329 0x0ce8 [ 58283053C781AD3A579C95D7765C1FA0, 9F7641C9B5E64797E14A2E307D94E31D6F51A721964BD5CE8CEFF6B523A69DB8 ] C:\Windows\System32\efsutil.dll05:23:31.0329 0x0ce8 C:\Windows\System32\efsutil.dll - ok05:23:31.0345 0x0ce8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys05:23:31.0345 0x0ce8 C:\Windows\System32\drivers\PEAuth.sys - ok05:23:31.0345 0x0ce8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys05:23:31.0345 0x0ce8 C:\Windows\System32\drivers\secdrv.sys - ok05:23:31.0361 0x0ce8 [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll05:23:31.0361 0x0ce8 C:\Windows\System32\vpnikeapi.dll - ok05:23:31.0376 0x0ce8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] C:\Windows\System32\seclogon.dll05:23:31.0376 0x0ce8 C:\Windows\System32\seclogon.dll - ok05:23:31.0392 0x0ce8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll05:23:31.0392 0x0ce8 C:\Windows\System32\dps.dll - ok05:23:31.0392 0x0ce8 [ A6B726DCA228F7878E38368A1BDC68BE, 30E8300B09B876E3D4B2A9215C9CC070EADF915E1268F425B6F8E0596A0D3539 ] C:\Windows\System32\cryptnet.dll05:23:31.0392 0x0ce8 C:\Windows\System32\cryptnet.dll - ok05:23:31.0407 0x0ce8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] C:\Windows\System32\nlasvc.dll05:23:31.0407 0x0ce8 C:\Windows\System32\nlasvc.dll - ok05:23:31.0407 0x0ce8 [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll05:23:31.0407 0x0ce8 C:\Windows\System32\aepic.dll - ok05:23:31.0423 0x0ce8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys05:23:31.0423 0x0ce8 C:\Windows\System32\drivers\srvnet.sys - ok05:23:31.0439 0x0ce8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] C:\Windows\System32\drivers\tcpipreg.sys05:23:31.0439 0x0ce8 C:\Windows\System32\drivers\tcpipreg.sys - ok05:23:31.0439 0x0ce8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll05:23:31.0439 0x0ce8 C:\Windows\System32\sysmain.dll - ok05:23:31.0454 0x0ce8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] C:\Windows\System32\wiaservc.dll05:23:31.0454 0x0ce8 C:\Windows\System32\wiaservc.dll - ok05:23:31.0470 0x0ce8 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5, BDA403E6CACC249C467671FB1FAF7B77FB019326BC18F9F6CF377104520E2654 ] C:\Windows\System32\wiatrace.dll05:23:31.0470 0x0ce8 C:\Windows\System32\wiatrace.dll - ok05:23:31.0485 0x0ce8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll05:23:31.0485 0x0ce8 C:\Windows\System32\trkwks.dll - ok05:23:31.0485 0x0ce8 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll05:23:31.0485 0x0ce8 C:\Windows\System32\taskschd.dll - ok05:23:31.0501 0x0ce8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys05:23:31.0501 0x0ce8 C:\Windows\System32\drivers\srv2.sys - ok05:23:31.0517 0x0ce8 [ 7CBB1D4D13DC62D7F529D87151FD3CD3, DA75C5E64777F6ACE6F77A72D3362A40F8BE59DF3E6BC83550A81D9E20730401 ] C:\Program Files\Windows Defender\MpSvc.dll05:23:31.0517 0x0ce8 C:\Program Files\Windows Defender\MpSvc.dll - ok05:23:31.0517 0x0ce8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys05:23:31.0517 0x0ce8 C:\Windows\System32\drivers\srv.sys - ok05:23:31.0532 0x0ce8 [ 662BA98309818AF2C17D4E48BF4021C4, 57B3FFAECE3DF5E22B6764A95D2B8523AA02CCCB4BD0779025C11D02EEBF4B1E ] C:\Program Files\Windows Defender\MpClient.dll05:23:31.0548 0x0ce8 C:\Program Files\Windows Defender\MpClient.dll - ok05:23:31.0548 0x0ce8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll05:23:31.0548 0x0ce8 C:\Windows\System32\wbem\WMIsvc.dll - ok05:23:31.0563 0x0ce8 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll05:23:31.0563 0x0ce8 C:\Windows\System32\wbemcomn.dll - ok05:23:31.0563 0x0ce8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll05:23:31.0563 0x0ce8 C:\Windows\System32\srvsvc.dll - ok05:23:31.0579 0x0ce8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] C:\Windows\System32\browser.dll05:23:31.0579 0x0ce8 C:\Windows\System32\browser.dll - ok05:23:31.0595 0x0ce8 [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll05:23:31.0595 0x0ce8 C:\Windows\System32\netmsg.dll - ok05:23:31.0610 0x0ce8 [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll05:23:31.0610 0x0ce8 C:\Windows\System32\wbem\fastprox.dll - ok05:23:31.0626 0x0ce8 [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll05:23:31.0626 0x0ce8 C:\Windows\System32\wbem\WinMgmtR.dll - ok05:23:31.0626 0x0ce8 [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll05:23:31.0626 0x0ce8 C:\Windows\System32\wbem\WmiDcPrv.dll - ok05:23:31.0641 0x0ce8 [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll05:23:31.0641 0x0ce8 C:\Windows\System32\clusapi.dll - ok05:23:31.0657 0x0ce8 [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll05:23:31.0657 0x0ce8 C:\Windows\System32\sscore.dll - ok05:23:31.0657 0x0ce8 [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll05:23:31.0657 0x0ce8 C:\Windows\System32\resutils.dll - ok05:23:31.0673 0x0ce8 [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll05:23:31.0673 0x0ce8 C:\Windows\System32\ntdsapi.dll - ok05:23:31.0688 0x0ce8 [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll05:23:31.0688 0x0ce8 C:\Windows\System32\wbem\wbemprox.dll - ok05:23:31.0688 0x0ce8 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll05:23:31.0688 0x0ce8 C:\Windows\System32\vssapi.dll - ok05:23:31.0704 0x0ce8 [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll05:23:31.0704 0x0ce8 C:\Windows\System32\aeevts.dll - ok05:23:31.0704 0x0ce8 [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll05:23:31.0704 0x0ce8 C:\Windows\System32\vsstrace.dll - ok05:23:31.0719 0x0ce8 [ 28AD5E311996A34025CFB07E131058DD, 89C8B29105DE5917A33A7682C8A62CB543609F1227A4890D7130646A0F54D946 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL05:23:31.0719 0x0ce8 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok05:23:31.0735 0x0ce8 [ F9D908DE6B166DAC9B89BF62FA291CE8, D0A918AD60221623BB0278EA94CD6938744617FDBB2054968AFAFC2940648F02 ] C:\Program Files\Bonjour\mdnsNSP.dll05:23:31.0735 0x0ce8 C:\Program Files\Bonjour\mdnsNSP.dll - ok05:23:31.0751 0x0ce8 [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll05:23:31.0751 0x0ce8 C:\Windows\System32\rasadhlp.dll - ok05:23:31.0766 0x0ce8 [ D4FAC263861BAE06971C7F7D0A8EBF15, D494DEF0024288B9CC56EC6B500FF5828144BE9B8E7033340509EC5E68F8DED0 ] C:\Windows\System32\ncsi.dll05:23:31.0766 0x0ce8 C:\Windows\System32\ncsi.dll - ok05:23:31.0766 0x0ce8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] C:\Windows\System32\tapisrv.dll05:23:31.0766 0x0ce8 C:\Windows\System32\tapisrv.dll - ok05:23:31.0782 0x0ce8 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll05:23:31.0782 0x0ce8 C:\Windows\System32\ssdpapi.dll - ok05:23:31.0797 0x0ce8 [ 725AB72D5DD462F2EDAF1A6C59C8CFB5, 2420B0D7D132444E79B646787B1B6D89F45C6188E03FC1A4467B154D4774EFC3 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll05:23:31.0797 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok05:23:31.0813 0x0ce8 [ CDF56764B26A7B88587FAB271F827B13, 637E34CFC0AEE209E712B677E940271051D54C3425B1B756B1AB0ED36482FCB8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll05:23:31.0813 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok05:23:31.0813 0x0ce8 [ E2A1222B19177DE79F4679DB1E3BE575, DABAFE9D102975FDC5DDCF639EDBC8144318D2574BCF7C416F55D952B77D8850 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll05:23:31.0813 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok05:23:31.0829 0x0ce8 [ 57A6362D71B5003C48EE21F2DBB624B1, E6480D1F219BF3F8E7AC8347A8C50E48632B7BBC9618EEB36DAEA1079AA770B5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll05:23:31.0829 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok05:23:31.0844 0x0ce8 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll05:23:31.0844 0x0ce8 C:\Windows\System32\httpapi.dll - ok05:23:31.0844 0x0ce8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] C:\Windows\System32\rasmans.dll05:23:31.0844 0x0ce8 C:\Windows\System32\rasmans.dll - ok05:23:31.0860 0x0ce8 [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll05:23:31.0860 0x0ce8 C:\Windows\System32\wbem\wbemcore.dll - ok05:23:31.0875 0x0ce8 [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll05:23:31.0875 0x0ce8 C:\Windows\System32\wbem\esscli.dll - ok05:23:31.0875 0x0ce8 [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll05:23:31.0875 0x0ce8 C:\Windows\System32\wbem\wbemsvc.dll - ok05:23:31.0891 0x0ce8 [ 44C96B48112EB24AE7764EBF1C527000, 6691D008C834686906B4841EF27604B0F0E70E668C09CEE19369426BF168AF44 ] C:\Windows\System32\rastapi.dll05:23:31.0891 0x0ce8 C:\Windows\System32\rastapi.dll - ok05:23:31.0907 0x0ce8 [ FAFAE01E889DC9C05A6CA2138CFC220B, 192CFDE3593ED0A9B397461D912074C0F062015C23E6F6658571C7C2864D9A51 ] C:\Windows\System32\tapi32.dll05:23:31.0907 0x0ce8 C:\Windows\System32\tapi32.dll - ok05:23:31.0907 0x0ce8 [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll05:23:31.0907 0x0ce8 C:\Windows\System32\wbem\wmiutils.dll - ok05:23:31.0922 0x0ce8 [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll05:23:31.0922 0x0ce8 C:\Windows\System32\wbem\repdrvfs.dll - ok05:23:31.0938 0x0ce8 [ D2A0FFA75AB181B19B5EB93BB29C7686, AC282D5EFFB191492F14638EB80F18E53C4A3D26C94A00A949366B3564D6C3E2 ] C:\Windows\System32\unimdm.tsp05:23:31.0938 0x0ce8 C:\Windows\System32\unimdm.tsp - ok05:23:31.0938 0x0ce8 [ 94B7DF336815B47236724019FAB24B7C, 43549F1FB89D0585A0E0333BB8E1DDED2EBD0F3C0EC3EA93B238EA037188AA41 ] C:\Windows\System32\uniplat.dll05:23:31.0938 0x0ce8 C:\Windows\System32\uniplat.dll - ok05:23:31.0953 0x0ce8 [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll05:23:31.0953 0x0ce8 C:\Windows\System32\wbem\WmiPrvSD.dll - ok05:23:31.0969 0x0ce8 [ 41326DD08ACC0CDC5F8177AF96C066E8, 9C21BB553EEDD28272E865396C9EF94655EC1CF216290A56581AEF7908B7AFDD ] C:\Windows\System32\kmddsp.tsp05:23:31.0969 0x0ce8 C:\Windows\System32\kmddsp.tsp - ok05:23:31.0969 0x0ce8 [ 1D6BC2769DA66C1145F4DA5A65F52E61, B38EFF16652E751BF3B3BD85DA6EA33AB9B7F4228C59F741074E33085DB66ED0 ] C:\Windows\System32\ndptsp.tsp05:23:31.0969 0x0ce8 C:\Windows\System32\ndptsp.tsp - ok05:23:31.0985 0x0ce8 [ 7C1BAE7D23D4874FEE256A2B9C00E019, 4EE87C2F0CACE557AA159349133474A5857B6667DDB976BA5A18489A3333F798 ] C:\Windows\System32\hidphone.tsp05:23:31.0985 0x0ce8 C:\Windows\System32\hidphone.tsp - ok05:23:32.0000 0x0ce8 [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll05:23:32.0000 0x0ce8 C:\Windows\System32\ncobjapi.dll - ok05:23:32.0000 0x0ce8 [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll05:23:32.0000 0x0ce8 C:\Windows\System32\wbem\wbemess.dll - ok05:23:32.0016 0x0ce8 [ A717A35120DBAB5AB707AB40662AF9DD, DE117E70D0AC7FC26BBCEAAB45A0270A1065B36CC8B062B4128B561F2AAA9E04 ] C:\Windows\System32\rasppp.dll05:23:32.0016 0x0ce8 C:\Windows\System32\rasppp.dll - ok05:23:32.0031 0x0ce8 [ 0FE5CD5F9C9248F42D1EF56E495B182E, 1EBD40C119A3D3251A19A8D15669D9DCB5D3CFBC3AFCF1CD00101C31320243E1 ] C:\Windows\System32\vpnike.dll05:23:32.0031 0x0ce8 C:\Windows\System32\vpnike.dll - ok05:23:32.0031 0x0ce8 [ 6A84E68B538B8B04608BF2F0D426CE6F, 59CE1C06364D1BBEE853DA4AEC1E8B678D6E181723ACCF6DB9F9776CAD47BBDA ] C:\Windows\System32\raschap.dll05:23:32.0031 0x0ce8 C:\Windows\System32\raschap.dll - ok05:23:32.0047 0x0ce8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] C:\Windows\System32\ipnathlp.dll05:23:32.0047 0x0ce8 C:\Windows\System32\ipnathlp.dll - ok05:23:32.0063 0x0ce8 [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll05:23:32.0063 0x0ce8 C:\Windows\System32\mprapi.dll - ok05:23:32.0063 0x0ce8 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll05:23:32.0063 0x0ce8 C:\Windows\System32\netshell.dll - ok05:23:32.0078 0x0ce8 [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll05:23:32.0078 0x0ce8 C:\Windows\System32\hnetcfg.dll - ok05:23:32.0094 0x0ce8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] C:\Windows\System32\drivers\WUDFPf.sys05:23:32.0094 0x0ce8 C:\Windows\System32\drivers\WUDFPf.sys - ok05:23:32.0094 0x0ce8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll05:23:32.0094 0x0ce8 C:\Windows\System32\wdi.dll - ok05:23:32.0109 0x0ce8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] C:\Windows\System32\WUDFSvc.dll05:23:32.0109 0x0ce8 C:\Windows\System32\WUDFSvc.dll - ok05:23:32.0125 0x0ce8 [ B1DF2D87DC8BF6072699AC8301B37796, D5A6FD1EDB627324DFA1A0555F1777A3313EF29DDE29982C3CE59DAF1ED0D105 ] C:\Windows\System32\WUDFPlatform.dll05:23:32.0125 0x0ce8 C:\Windows\System32\WUDFPlatform.dll - ok05:23:32.0125 0x0ce8 [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll05:23:32.0125 0x0ce8 C:\Windows\System32\perftrack.dll - ok05:23:32.0141 0x0ce8 [ 567BC1309E05FCFA680ADB6E02260736, 50F57C5D0B9C8096F615C2335F2F252A074014CBBDC7FFF56C0501A8CFB3FB81 ] C:\Windows\System32\vaultsvc.dll05:23:32.0141 0x0ce8 C:\Windows\System32\vaultsvc.dll - ok05:23:32.0156 0x0ce8 [ 1075AB2C077B415760C0E948856B5126, D67804B4A038FC06BD84CBF9C047DD4C13073622027F825371DB98867EF4E9B9 ] C:\Windows\System32\wer.dll05:23:32.0156 0x0ce8 C:\Windows\System32\wer.dll - ok05:23:32.0172 0x0ce8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] C:\Windows\System32\appinfo.dll05:23:32.0172 0x0ce8 C:\Windows\System32\appinfo.dll - ok05:23:32.0187 0x0ce8 [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll05:23:32.0187 0x0ce8 C:\Windows\System32\diagperf.dll - ok05:23:32.0187 0x0ce8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] C:\Windows\System32\wbiosrvc.dll05:23:32.0187 0x0ce8 C:\Windows\System32\wbiosrvc.dll - ok05:23:32.0203 0x0ce8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll05:23:32.0203 0x0ce8 C:\Windows\System32\wpdbusenum.dll - ok05:23:32.0203 0x0ce8 [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll05:23:32.0203 0x0ce8 C:\Windows\System32\PortableDeviceApi.dll - ok05:23:32.0219 0x0ce8 [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll05:23:32.0219 0x0ce8 C:\Windows\System32\PortableDeviceConnectApi.dll - ok05:23:32.0234 0x0ce8 [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll05:23:32.0234 0x0ce8 C:\Windows\System32\Apphlpdm.dll - ok05:23:32.0250 0x0ce8 [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll05:23:32.0250 0x0ce8 C:\Windows\System32\pnpts.dll - ok05:23:32.0250 0x0ce8 [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll05:23:32.0250 0x0ce8 C:\Windows\System32\radardt.dll - ok05:23:32.0265 0x0ce8 [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll05:23:32.0265 0x0ce8 C:\Windows\System32\wdiasqmmodule.dll - ok05:23:32.0281 0x0ce8 [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe05:23:32.0281 0x0ce8 C:\Windows\System32\runonce.exe - ok05:23:32.0297 0x0ce8 [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe05:23:32.0297 0x0ce8 C:\Windows\SysWOW64\runonce.exe - ok05:23:32.0297 0x0ce8 [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll05:23:32.0297 0x0ce8 C:\Windows\SysWOW64\propsys.dll - ok05:23:32.0312 0x0ce8 [ 3065FF6794A7FDC882F0DA8B6230AB6E, F93F8B3E1B7CCD51C202E7F9327D50EEAC1DF2C85F4AF0314D5165A7F3342182 ] C:\Windows\SysWOW64\urlmon.dll05:23:32.0312 0x0ce8 C:\Windows\SysWOW64\urlmon.dll - ok05:23:32.0328 0x0ce8 [ 1C60E09CA1C3A045BC4D367F67C915B7, DF1ED88CB57DA1AB1A4245AE0D5B42AFA3396EBF67B99411FFFB0DD06DE1AEAF ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll05:23:32.0328 0x0ce8 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok05:23:32.0343 0x0ce8 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe05:23:32.0343 0x0ce8 C:\Windows\SysWOW64\cmd.exe - ok05:23:32.0343 0x0ce8 [ BF95EA5809E3BBF55370F7CB309FEBD0, 62ADBA6E1A7DDDEFA971580161F30896DFFC27EB4EB82E3CC72062D57DA66500 ] C:\Windows\System32\conhost.exe05:23:32.0343 0x0ce8 C:\Windows\System32\conhost.exe - ok05:23:32.0359 0x0ce8 [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll05:23:32.0359 0x0ce8 C:\Windows\SysWOW64\winbrand.dll - ok05:23:32.0375 0x0ce8 [ EF94FA1F3D90520CCA4AE65D639A9E62, 2F9DD6D8AC0A02009D9F162BE317436FE78D5973518F5997B78867D852DF617F ] C:\Windows\SysWOW64\ieframe.dll05:23:32.0375 0x0ce8 C:\Windows\SysWOW64\ieframe.dll - ok05:23:32.0390 0x0ce8 [ 60F4AEFA103D421EA4A40E31409B4756, 037A8605CA504A4FF43E9D4DE9017CEA1E26D3556C975872C747E24D8B0835EF ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll05:23:32.0390 0x0ce8 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok05:23:32.0390 0x0ce8 [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503, DA59CE662E98E56D89E2894D2AC8B9F324C16DA23C860640EDC2C82E0AD06097 ] C:\Windows\SysWOW64\shdocvw.dll05:23:32.0390 0x0ce8 C:\Windows\SysWOW64\shdocvw.dll - ok05:23:32.0406 0x0ce8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll05:23:32.0406 0x0ce8 C:\Windows\System32\aelupsvc.dll - ok05:23:32.0421 0x0ce8 [ 49ACA548B2423F1C67898E6AC719A9A6, 23D84137EAB9AFDD31CBB6776B6B25AD135A120AF7F7885EB5BBF9E0A2CCC4C1 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll05:23:32.0421 0x0ce8 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok05:23:32.0437 0x0ce8 [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\Users\dan2012\AppData\Local\Temp\{0EF67E41-EABB-4BD0-896C-4E6A06BB5CEA}.exe05:23:32.0437 0x0ce8 C:\Users\dan2012\AppData\Local\Temp\{0EF67E41-EABB-4BD0-896C-4E6A06BB5CEA}.exe - ok05:23:32.0437 0x0ce8 [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll05:23:32.0437 0x0ce8 C:\Windows\SysWOW64\cryptsp.dll - ok05:23:32.0453 0x0ce8 [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll05:23:32.0453 0x0ce8 C:\Windows\SysWOW64\rsaenh.dll - ok05:23:32.0468 0x0ce8 [ E7B9D5FF20FFDD4AAE2EF1D1B8C27A37, 689D126B1B42140D5049015E3E324268E6542D4BC6CC14E31D8B89A25B94BAA5 ] C:\Windows\SysWOW64\imagehlp.dll05:23:32.0468 0x0ce8 C:\Windows\SysWOW64\imagehlp.dll - ok05:23:32.0468 0x0ce8 [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll05:23:32.0468 0x0ce8 C:\Windows\SysWOW64\bcrypt.dll - ok05:23:32.0484 0x0ce8 [ C61DDFE40204F3BE3DF111981D91560E, 450D5E608D344B2186A73F5421CAF1792902BFB428182D6C5A971C5E0686842F ] C:\Windows\SysWOW64\ncrypt.dll05:23:32.0484 0x0ce8 C:\Windows\SysWOW64\ncrypt.dll - ok05:23:32.0499 0x0ce8 [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll05:23:32.0499 0x0ce8 C:\Windows\SysWOW64\bcryptprimitives.dll - ok05:23:32.0499 0x0ce8 [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll05:23:32.0499 0x0ce8 C:\Windows\SysWOW64\gpapi.dll - ok05:23:32.0515 0x0ce8 [ 7B851A8018B1EA00A69707A390004884, DAE654713EF1DC66C8C2D27752B659081794063A7D522D1F680AA9A6E7FBA9FD ] C:\Windows\SysWOW64\cryptnet.dll05:23:32.0515 0x0ce8 C:\Windows\SysWOW64\cryptnet.dll - ok05:23:32.0531 0x0ce8 [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll05:23:32.0531 0x0ce8 C:\Windows\SysWOW64\SensApi.dll - ok05:23:32.0546 0x0ce8 [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll05:23:32.0546 0x0ce8 C:\Windows\SysWOW64\dwmapi.dll - ok05:23:32.0546 0x0ce8 [ A054EA8FBE16D4D34F06D81A4F0088E2, 1CD4EECFDA374C8A7B8AD4E664DC057B9C75813AF776A616DC6D845905567CBD ] C:\Windows\SysWOW64\WindowsCodecs.dll05:23:32.0546 0x0ce8 C:\Windows\SysWOW64\WindowsCodecs.dll - ok05:23:32.0562 0x0ce8 [ D0AADBCF6F9A77471B46156058DDC2A1, 00BDA35F425DEC48ECC30ABA09239A0CCED4567C9C8046FCCB7508F761892533 ] C:\Windows\SysWOW64\CbFsMntNtf3.dll05:23:32.0562 0x0ce8 C:\Windows\SysWOW64\CbFsMntNtf3.dll - ok05:23:32.0577 0x0ce8 [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\SysWOW64\EhStorShell.dll05:23:32.0577 0x0ce8 C:\Windows\SysWOW64\EhStorShell.dll - ok05:23:32.0577 0x0ce8 [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\SysWOW64\ntshrui.dll05:23:32.0577 0x0ce8 C:\Windows\SysWOW64\ntshrui.dll - ok05:23:32.0593 0x0ce8 [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll05:23:32.0593 0x0ce8 C:\Windows\SysWOW64\slc.dll - ok05:23:32.0609 0x0ce8 [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\SysWOW64\imageres.dll05:23:32.0609 0x0ce8 C:\Windows\SysWOW64\imageres.dll - ok05:23:32.0609 0x0ce8 [ B00F98FF6FE8682FF941BEB2559BF191, EB443E294C5609F426BF6EE388F3A4B71EFE2C6A8216C0F6DE7AE6DB382BF620 ] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe05:23:32.0609 0x0ce8 C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe - ok05:23:32.0624 0x0ce8 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25, 019E9274DE2F5BAB16B4632B8A2E93DFC8DF0C08EC4EEA947B337FD29EB2E0CC ] C:\Windows\SysWOW64\devenum.dll05:23:32.0624 0x0ce8 C:\Windows\SysWOW64\devenum.dll - ok05:23:32.0640 0x0ce8 [ 7069AAB8536F29ED7323140973A2894B, 04B7FB6C64BFA3B80549F35CEF36D5DAE5D19A40E42444B3665B6BEFDF98EB5F ] C:\Windows\SysWOW64\msdmo.dll05:23:32.0640 0x0ce8 C:\Windows\SysWOW64\msdmo.dll - ok05:23:32.0655 0x0ce8 [ 24498D084FAA7A459C91066EC241E1CE, 5214A26D8B441F7A55414DC2935AF6C76DB8C8D55F8677DA97D19943C69D765E ] C:\Windows\SysWOW64\vfwwdm32.dll05:23:32.0655 0x0ce8 C:\Windows\SysWOW64\vfwwdm32.dll - ok05:23:32.0655 0x0ce8 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll05:23:32.0655 0x0ce8 C:\Windows\SysWOW64\sfc.dll - ok05:23:32.0671 0x0ce8 [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll05:23:32.0671 0x0ce8 C:\Windows\SysWOW64\sfc_os.dll - ok05:23:32.0671 0x0ce8 [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll05:23:32.0671 0x0ce8 C:\Windows\SysWOW64\devrtl.dll - ok05:23:32.0687 0x0ce8 [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl05:23:32.0687 0x0ce8 C:\Windows\System32\timedate.cpl - ok05:23:32.0702 0x0ce8 [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll05:23:32.0702 0x0ce8 C:\Windows\System32\actxprxy.dll - ok05:23:32.0702 0x0ce8 [ 23B001185B7C3CB1F4BDEB143E6B45B7, AB3A5AB346F6353B43B06FBE20B7785DA988975E2C8B73A6588F107FFAAACC47 ] C:\Windows\System32\shdocvw.dll05:23:32.0702 0x0ce8 C:\Windows\System32\shdocvw.dll - ok05:23:32.0718 0x0ce8 [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll05:23:32.0718 0x0ce8 C:\Windows\System32\linkinfo.dll - ok05:23:32.0733 0x0ce8 [ 7E60EE8A68F7270D1E1662CBA275D4FA, 0CD0DCE4C732EE597A866B9918BC7C1CEF955CD938667E9D94629D1CA2AE4CB2 ] C:\Windows\System32\ieframe.dll05:23:32.0733 0x0ce8 C:\Windows\System32\ieframe.dll - ok05:23:32.0733 0x0ce8 [ 9108540E866F75C7AF2B91DD921A8091, 7208C8E05E818781D7F2703B86848FC90651E0D8BE10362863250F2283CEC511 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll05:23:32.0733 0x0ce8 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok05:23:32.0749 0x0ce8 [ FB4045578F5180BDB1963AB352B78548, 8E645A63436EE6CDDB78E6064AEB04ECE39208F760A3EF13A3F49FDF41505E21 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll05:23:32.0749 0x0ce8 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok05:23:32.0765 0x0ce8 [ FA752544EE1EE59E8AD938CBB43CAC93, EA633416EF79F5FC1C841D46F3AAEC6A56BD09D2FD8B9CD8584E4AF65B890974 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll05:23:32.0765 0x0ce8 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok05:23:32.0780 0x0ce8 [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll05:23:32.0780 0x0ce8 C:\Windows\System32\gameux.dll - ok05:23:32.0780 0x0ce8 [ DB1D6751689B4A7EE2439C64F2ADF1C9, C352B00DA59F80CD55338C27D6DD314B37401952863B70915501C6391EAEF2E7 ] C:\Windows\SysWOW64\credssp.dll05:23:32.0780 0x0ce8 C:\Windows\SysWOW64\credssp.dll - ok05:23:32.0796 0x0ce8 [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll05:23:32.0796 0x0ce8 C:\Windows\SysWOW64\dnsapi.dll - ok05:23:32.0811 0x0ce8 [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll05:23:32.0811 0x0ce8 C:\Windows\SysWOW64\wship6.dll - ok05:23:32.0811 0x0ce8 [ 9D4A1690AF93F233E15380398BEC7431, 8CC99491880DBC444651EB7D245EEE46FE77F4FA74FECFCD29E734AA21AF9D75 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL05:23:32.0811 0x0ce8 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok05:23:32.0827 0x0ce8 [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll05:23:32.0827 0x0ce8 C:\Windows\SysWOW64\psapi.dll - ok05:23:32.0843 0x0ce8 [ 40947436A70E0034E41123DF5A0A7702, 5D40FD92DA5CA59C1BADB58AD509DB6A6D613F18660A9A270A53ECA85D34C3A9 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll05:23:32.0843 0x0ce8 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok05:23:32.0843 0x0ce8 [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll05:23:32.0843 0x0ce8 C:\Windows\SysWOW64\rasadhlp.dll - ok05:23:32.0858 0x0ce8 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll05:23:32.0858 0x0ce8 C:\Windows\System32\msftedit.dll - ok05:23:32.0874 0x0ce8 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{6C40F2F9-7421-4A86-90C5-040090E65B93}.tmp05:23:32.0874 0x0ce8 C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{6C40F2F9-7421-4A86-90C5-040090E65B93}.tmp - ok05:23:32.0874 0x0ce8 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{67359087-1613-48F2-98D4-D623002EDC90}.tmp05:23:32.0874 0x0ce8 C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{67359087-1613-48F2-98D4-D623002EDC90}.tmp - ok05:23:32.0889 0x0ce8 [ 2EBD0C5B090125AECF017C57344C45AB, 4FF8F2460115C60AD164EE0DC2079E1601B8AA21A1BA8033B7B731FAF85411B6 ] C:\Windows\System32\msls31.dll05:23:32.0889 0x0ce8 C:\Windows\System32\msls31.dll - ok05:23:32.0905 0x0ce8 [ 80041798F2F049259241393A2017DB02, 59B8913A129EC26FB111C2C614C0C7440D521F65BAF32E57CA48E34337C0DDEE ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll05:23:32.0905 0x0ce8 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok05:23:32.0905 0x0ce8 [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{1676A052-81F7-4867-88BE-E831BFB418F3}.tmp05:23:32.0905 0x0ce8 C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{1676A052-81F7-4867-88BE-E831BFB418F3}.tmp - ok05:23:32.0921 0x0ce8 [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll05:23:32.0921 0x0ce8 C:\Windows\System32\DeviceCenter.dll - ok05:23:32.0936 0x0ce8 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{C63293F2-9773-46DF-9A4B-4A9E01135BB4}.tmp05:23:32.0936 0x0ce8 C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{C63293F2-9773-46DF-9A4B-4A9E01135BB4}.tmp - ok05:23:32.0952 0x0ce8 [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll05:23:32.0952 0x0ce8 C:\Windows\System32\msiltcfg.dll - ok05:23:32.0952 0x0ce8 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{39AB8283-C96D-4D34-A42D-4C8C6D2DBBE4}.tmp05:23:32.0952 0x0ce8 C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{39AB8283-C96D-4D34-A42D-4C8C6D2DBBE4}.tmp - ok05:23:32.0967 0x0ce8 [ ADD3F2C3E6B89BD16D4BFC61B3658DD9, 0C8C5EB0BB2CE588AA749245ECDD5576882AEA537D316043A8193C2A740FF148 ] C:\Windows\System32\msi.dll05:23:32.0967 0x0ce8 C:\Windows\System32\msi.dll - ok05:23:32.0983 0x0ce8 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{D6A3BA82-3D4A-4E81-B7E4-4E8E263630D6}.tmp05:23:32.0983 0x0ce8 C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{D6A3BA82-3D4A-4E81-B7E4-4E8E263630D6}.tmp - ok05:23:32.0983 0x0ce8 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{068E3038-2458-41D1-92AF-01FD8E568ECD}.tmp05:23:32.0983 0x0ce8 C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{068E3038-2458-41D1-92AF-01FD8E568ECD}.tmp - ok05:23:32.0999 0x0ce8 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{A377F1BA-FE7C-4A36-8DE0-89AF47E5B3D5}.tmp05:23:32.0999 0x0ce8 C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{A377F1BA-FE7C-4A36-8DE0-89AF47E5B3D5}.tmp - ok05:23:33.0014 0x0ce8 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{7885947C-F7D5-4404-9524-7B2EFCE2B9DA}.tmp05:23:33.0014 0x0ce8 C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{7885947C-F7D5-4404-9524-7B2EFCE2B9DA}.tmp - ok05:23:33.0014 0x0ce8 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{4927F975-9961-47AA-9C68-6E60C5480732}.tmp05:23:33.0014 0x0ce8 C:\Users\dan2012\AppData\Local\Temp\{1D5330B0-7E02-4DF9-A6A6-C92D1FE26B81}\{4927F975-9961-47AA-9C68-6E60C5480732}.tmp - ok05:23:33.0030 0x0ce8 [ 06E4F688ECABF110AE74909D1D7A171B, 29C170B89CC0CB3007053C973EA49513C080B73602671DF085D28D3AEAFEFEE9 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe05:23:33.0030 0x0ce8 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok05:23:33.0045 0x0ce8 [ 39F53D30AAF0427A02D6F1223C18DC5B, 0916F1A2F53BD2D65538A3E215A80BA7EA87D52D8B9C1885E0FB2D365A68BEDB ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe05:23:33.0045 0x0ce8 C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe - ok05:23:33.0045 0x0ce8 [ 9CD39CE09D15BDB339933EEE397BF584, 250C20F9A987A776EF07BF03ED0801E58E46567C5B3280D9F6EEB990187656BF ] C:\Windows\System32\SynCOM.dll05:23:33.0045 0x0ce8 C:\Windows\System32\SynCOM.dll - ok05:23:33.0061 0x0ce8 [ 5FA1BB78F45439A369A2CE7DFA2CD7E6, FEBCDE5F31751B655D5EF9BB1FEC155BE07E1B9DF346EB0DC3CE21B0E88E50E3 ] C:\Windows\System32\SynTPAPI.dll05:23:33.0061 0x0ce8 C:\Windows\System32\SynTPAPI.dll - ok05:23:33.0077 0x0ce8 [ 931889531BAB7D3FE2D0AE6692BF3655, D99D8ED4C52FE92AD4D52AD386930410539B04101017C95D783BC9A50B70CA28 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe05:23:33.0077 0x0ce8 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok05:23:33.0077 0x0ce8 [ B0F8CCA08DBC392442E27377B98DD0CD, D76D5897EFE57BD3897F3ACD44A85003BD412E9C0CAF1C78D18137C32327A399 ] C:\Windows\System32\consent.exe05:23:33.0077 0x0ce8 C:\Windows\System32\consent.exe - ok05:23:33.0092 0x0ce8 [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll05:23:33.0092 0x0ce8 C:\Windows\SysWOW64\riched20.dll - ok05:23:33.0108 0x0ce8 [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll05:23:33.0108 0x0ce8 C:\Windows\System32\msimg32.dll - ok05:23:33.0108 0x0ce8 [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll05:23:33.0108 0x0ce8 C:\Windows\SysWOW64\ExplorerFrame.dll - ok05:23:33.0123 0x0ce8 [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll05:23:33.0123 0x0ce8 C:\Windows\SysWOW64\duser.dll - ok05:23:33.0139 0x0ce8 [ CF6850A72BEB4845A3BFFB3F5E8014B2, ABB2907DB16929D4A12E0551C01DD731762B1A4CFEF36B734734F3ECDD630A38 ] C:\Windows\System32\pdh.dll05:23:33.0139 0x0ce8 C:\Windows\System32\pdh.dll - ok05:23:33.0139 0x0ce8 [ F43AB67D41349AD8BB1FE045C5C49832, E79C50F6EA022AA41A502D780CB72232AC094FD008C31EDC51A1F58EF00B1F08 ] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe05:23:33.0139 0x0ce8 C:\Program Files (x86)\Lenovo\Energy Management\utility.exe - ok05:23:33.0155 0x0ce8 [ 706AA831C8C83FC0F7583B109B9CFC7F, 8ACBFBA6EB867B1BA1A473163AF7EFBFF5E3B607793B1DE8399636BBF930410E ] C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll05:23:33.0155 0x0ce8 C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll - ok05:23:33.0170 0x0ce8 [ B837D1528CE2E3CB79F09496BC08DDC6, ACD54CE61CFE94F23DC283537AD8FFBEB3D6041BD30317B60BA7A10FCB240A27 ] C:\Windows\System32\SensApi.dll05:23:33.0170 0x0ce8 C:\Windows\System32\SensApi.dll - ok05:23:33.0170 0x0ce8 [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll05:23:33.0170 0x0ce8 C:\Windows\SysWOW64\dui70.dll - ok05:23:33.0186 0x0ce8 [ 263E9A047D17CD50BAA9D3C02910D18D, F526648358AD121001D2776E0ACC333EC4AC168CA07B40A3D3C06C5CE6A361C3 ] C:\Windows\System32\oledlg.dll05:23:33.0186 0x0ce8 C:\Windows\System32\oledlg.dll - ok05:23:33.0201 0x0ce8 [ B0F69B9DE0AEBFD7E4CEADE6758DF627, 60235E6D0614ED72CDF05E9A62B2B264614CAB29C47246ED408B85BEBE602CCD ] C:\Windows\System32\SearchFolder.dll05:23:33.0201 0x0ce8 C:\Windows\System32\SearchFolder.dll - ok05:23:33.0201 0x0ce8 [ FC70301CC6E493E8F2C8EE5FBEDBD3E2, AC69C25E55393B8480636F3DFA461C3100EACC062CAE90455744A951996D7A29 ] C:\Program Files (x86)\Lenovo\Energy Management\BatteryTestDLL.dll05:23:33.0201 0x0ce8 C:\Program Files (x86)\Lenovo\Energy Management\BatteryTestDLL.dll - ok05:23:33.0217 0x0ce8 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7, 690F12C490BEE2BF17AB7B6804E6E9B96F51C304350CCDE80FE5C7EEFA89720E ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll05:23:33.0217 0x0ce8 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok05:23:33.0233 0x0ce8 [ 3F35AC7163E403C1FA8D34EB2FF36302, 47AE59E315A2BAE7003A18BFDC3859EFBED511822F4BA5F2E02C6D2464A019C1 ] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe05:23:33.0233 0x0ce8 C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe - ok05:23:33.0248 0x0ce8 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] C:\Program Files\Microsoft Security Client\msseces.exe05:23:33.0248 0x0ce8 C:\Program Files\Microsoft Security Client\msseces.exe - ok05:23:33.0264 0x0ce8 [ FE3747DF34A4E5243EFCA2210DD30B11, 8FE9131C5CF80F4DCBE3968DB5331A2E88E4D3D96FE486CC90355014D5F33BAA ] C:\Program Files (x86)\Lenovo\Boot Optimizer\GuiSysd.dll05:23:33.0264 0x0ce8 C:\Program Files (x86)\Lenovo\Boot Optimizer\GuiSysd.dll - ok05:23:33.0279 0x0ce8 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe05:23:33.0279 0x0ce8 C:\Windows\System32\StikyNot.exe - ok05:23:33.0295 0x0ce8 [ 04CB7C8FDC6D9640DD82A527208F72C4, 0F8A327B0234A29EAB1F03D9102A3DF7DB4515BF580163198C5A8C174C98DE4F ] C:\Windows\System32\UIAnimation.dll05:23:33.0295 0x0ce8 C:\Windows\System32\UIAnimation.dll - ok05:23:33.0311 0x0ce8 [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll05:23:33.0311 0x0ce8 C:\Windows\System32\thumbcache.dll - ok05:23:33.0326 0x0ce8 [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll05:23:33.0326 0x0ce8 C:\Windows\System32\networkexplorer.dll - ok05:23:33.0326 0x0ce8 [ 85191D8FC4EEBB4CD7E9D2D72DB7CE89, 8030ACAE92A864D86179CA5C22BEC734DCFBF0D3A95427685BB5382267F0084A ] C:\Program Files (x86)\Lenovo\Boot Optimizer\SimpRes.dll05:23:33.0326 0x0ce8 C:\Program Files (x86)\Lenovo\Boot Optimizer\SimpRes.dll - ok05:23:33.0357 0x0ce8 [ EC2FF50C8AE90F72B74DCAF38BA7706E, B8CA1C04DAE723D2134FAA4A4E511EC176B23D48D07E7D0DD5D4399B39745484 ] C:\Program Files (x86)\Lenovo\Boot Optimizer\LangHlpr.dll05:23:33.0357 0x0ce8 C:\Program Files (x86)\Lenovo\Boot Optimizer\LangHlpr.dll - ok05:23:33.0373 0x0ce8 [ 3D22A5BF5A63BF1B3020BB99AD902EA2, A7A9C7BFC93BB485C14D5D9BF9BA98FFC5F97818D9EECC5C0751DA4FB0531873 ] C:\Program Files (x86)\Lenovo\Boot Optimizer\mfc80ud.dll05:23:33.0373 0x0ce8 C:\Program Files (x86)\Lenovo\Boot Optimizer\mfc80ud.dll - ok05:23:33.0373 0x0ce8 [ ECA6AC33BD9E441F7B47D173D715D268, 5B9017F80BD8C7823CFE1AB4C21D91388E1B31BF0D77058A98791D2FACA11EB6 ] C:\Windows\System32\msxml3.dll05:23:33.0373 0x0ce8 C:\Windows\System32\msxml3.dll - ok05:23:33.0389 0x0ce8 [ 17E03B6C08DE84D8E88F0577A6BC0974, 4174140ACD3FE6E307B9A32184AD5BD4D145773113DAD695FE70F3016C57C878 ] C:\Program Files (x86)\Lenovo\Energy Management\KbdHook.dll05:23:33.0389 0x0ce8 C:\Program Files (x86)\Lenovo\Energy Management\KbdHook.dll - ok05:23:33.0404 0x0ce8 [ 276FFA96DE1921AF0EDFD74515C5265C, 6DF6E9EFFD943EA88716230F0B5A51634AE4EEEEBDB81C5342385A32FE9AC025 ] C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe05:23:33.0404 0x0ce8 C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe - ok05:23:33.0420 0x0ce8 [ A200575E5415B2D87691EDB3CA40688F, 3C70AC7293A33F65138EBAF7F95281ABEA187DB310873518DE58A89C71CCA363 ] C:\Program Files (x86)\Lenovo\Boot Optimizer\msvcr80d.dll05:23:33.0420 0x0ce8 C:\Program Files (x86)\Lenovo\Boot Optimizer\msvcr80d.dll - ok05:23:33.0420 0x0ce8 [ 656248B44E3FE08FD524E7C270E2AAE9, 9A098C83BC05088AF9F19800270C7F62CE2BDE304E1CB007FA7F0CFDADC3DE56 ] C:\Windows\System32\CbFsNetRdr3.dll05:23:33.0420 0x0ce8 C:\Windows\System32\CbFsNetRdr3.dll - ok05:23:33.0435 0x0ce8 [ 4715F8F8CDBFFF2728BA38B789A1D7C7, 70E6F51636CFF04FCB5AD95968AC4771BEFE2D205DB7E34681F02DBE24C9CF39 ] C:\Windows\System32\wpdshext.dll05:23:33.0435 0x0ce8 C:\Windows\System32\wpdshext.dll - ok05:23:33.0451 0x0ce8 [ 5F639198C4137075DA50E61C23963C11, 3D03B3BF62B3469069AD6BE2AAEE152CB6722D36C001B8197FEBC2F3EB9ADBE0 ] C:\Windows\System32\drprov.dll05:23:33.0451 0x0ce8 C:\Windows\System32\drprov.dll - ok05:23:33.0451 0x0ce8 [ BC566D17914B07ABAAB3A5A385CC3300, DCE0A1D26312AA6441FB7122C6EED980AE350D58B2B4B166CB62F983306268E9 ] C:\Windows\System32\ntlanman.dll05:23:33.0451 0x0ce8 C:\Windows\System32\ntlanman.dll - ok05:23:33.0467 0x0ce8 [ FCB1D74BCC52E843747D27ECC44F15BF, A636D2CAE52AB01E02B61A1822D1FBCD82D94DAE557EB82EC81853BEEFEC7339 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe05:23:33.0467 0x0ce8 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok05:23:33.0482 0x0ce8 [ B32AB94A432289AC2DF77A3DCAD32EED, B1021C78F940E6FA7A8992B2733B593B89DA57325A0A0D13D2767F193A78D90F ] C:\Windows\System32\davclnt.dll05:23:33.0482 0x0ce8 C:\Windows\System32\davclnt.dll - ok05:23:33.0482 0x0ce8 [ E012289420A61AE54F21591A54323B74, FAF85343C955734D012E66FC840B3470997E77C8D320FDD0D2175D5D1FFAF076 ] C:\Program Files (x86)\Lenovo\Boot Optimizer\msvcp80d.dll05:23:33.0482 0x0ce8 C:\Program Files (x86)\Lenovo\Boot Optimizer\msvcp80d.dll - ok05:23:33.0498 0x0ce8 [ 61A2DBA2126BA1425CC5AECC8E8AD055, 08F07F52FF5C157F00EFEA74AB621F5E47465CD0A3359C5A513B9A01DDB9FEF0 ] C:\Program Files (x86)\USB Camera\VM331_STI.EXE05:23:33.0498 0x0ce8 C:\Program Files (x86)\USB Camera\VM331_STI.EXE - ok05:23:33.0513 0x0ce8 [ 45B24A357C801CE62052FE0CDC8BD4D2, 00602E41B78473825253F6B2557A5C43FBDDCCF713D806929AE7C039FF8F185C ] C:\Windows\System32\davhlpr.dll05:23:33.0513 0x0ce8 C:\Windows\System32\davhlpr.dll - ok05:23:33.0529 0x0ce8 [ AFAFD74780A0BB4EBE76CDE10C9CCE43, 2496060BC3ACCBB9F469821C78C2AE40617E97CB479CEB14441B7A81C1C250E9 ] C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll05:23:33.0529 0x0ce8 C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll - ok05:23:33.0529 0x0ce8 [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv05:23:33.0529 0x0ce8 C:\Windows\System32\wdmaud.drv - ok05:23:33.0545 0x0ce8 [ 4C7EAC5A2953C24911958269658A2B00, 47F426D89D027BC8F7B486DBD2F970ED17542C5036A260354457CB9163FC14D6 ] C:\Program Files (x86)\Lenovo\Boot Optimizer\fbfmon.dll05:23:33.0545 0x0ce8 C:\Program Files (x86)\Lenovo\Boot Optimizer\fbfmon.dll - ok05:23:33.0560 0x0ce8 [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll05:23:33.0560 0x0ce8 C:\Windows\System32\ksuser.dll - ok05:23:33.0560 0x0ce8 [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll05:23:33.0560 0x0ce8 C:\Windows\SysWOW64\oleacc.dll - ok05:23:33.0576 0x0ce8 [ 0453907E40313F95371CF0CA603E5EE3, 7E62A05070BCF45391AA3C2A06F4197795BB95ABA3737CDC2E979A993C47F2F7 ] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe05:23:33.0576 0x0ce8 C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe - ok05:23:33.0591 0x0ce8 [ B2A4E7F9CEBD75B2D1A2A2E6283AA00C, 86AE267DD7409FCB286AE88F297FAB842384CE2D59A6A6066A8963E2B78A2A23 ] C:\Program Files (x86)\Lenovo\Energy Management\Open EnergyManagement.exe05:23:33.0591 0x0ce8 C:\Program Files (x86)\Lenovo\Energy Management\Open EnergyManagement.exe - ok05:23:33.0607 0x0ce8 [ 297F164DF80D84D8B300CB7BB46F6BAE, 6EC9D640F1F5E59BDC702976E19312CD94B3A78D151E0B88447D4BFFFA869639 ] C:\Program Files\Microsoft Security Client\MsMpRes.dll05:23:33.0607 0x0ce8 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok05:23:33.0623 0x0ce8 [ 31C9128B8DA48D73C96DAE77B0BEA23B, A944916AE750ED87C739CBA0E31DA0BC0EA763F30A2E3311E20A7D3631E93C8C ] C:\ProgramData\McAfee Security Scan\Extensions\RegFireFoxAddon.exe05:23:33.0623 0x0ce8 C:\ProgramData\McAfee Security Scan\Extensions\RegFireFoxAddon.exe - ok05:23:33.0638 0x0ce8 [ 539C49CEBB3C50957AC8A09D95ECD880, 49E75CDB556FBCE72C44648F8930CF2209C1360F9311C5B4CEB19E13B11E6B75 ] C:\Windows\SysWOW64\shfolder.dll05:23:33.0638 0x0ce8 C:\Windows\SysWOW64\shfolder.dll - ok05:23:33.0638 0x0ce8 [ 960A5C48E25CF2BCA332E74E11D825C9, 484F8E9F194ED9016274EF3672B2C52ED5F574FB71D3884EDF3C222B758A75A2 ] C:\Users\dan2012\AppData\Local\Temp\nsk392A.tmp\System.dll05:23:33.0638 0x0ce8 C:\Users\dan2012\AppData\Local\Temp\nsk392A.tmp\System.dll - ok05:23:33.0654 0x0ce8 [ 5963633010616B25503EE126F55E8DE4, A1A6F3E18B097AB046E8771A01F8B727A44348B28B82B5BEB15EE311AD27CDD6 ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll05:23:33.0654 0x0ce8 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll - ok05:23:33.0654 0x0ce8 [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe05:23:33.0654 0x0ce8 C:\Windows\System32\SearchIndexer.exe - ok05:23:33.0669 0x0ce8 [ 12F639E4677756AF38F1B036D6CD78E5, 0E0430DA3A42A35254E92BC419EA8A93D69F3DFC58A0723BAC58A7C90CE9610E ] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe05:23:33.0669 0x0ce8 C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe - ok05:23:33.0685 0x0ce8 [ 28A09777D2D952122567A8A82F1A2C7B, 772260DF36AE85A0619C51402DE416E0C329976B724C8E9C4F8C013CBB7C7289 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll05:23:33.0685 0x0ce8 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok05:23:33.0701 0x0ce8 [ 781F1954E447C3984F59680CE654B005, 5815CD4EA5D16FD625F2B1C9B855633063360420DE53766F33578A83C1397E48 ] C:\Program Files (x86)\EgisTec IPS\KernelController.dll05:23:33.0701 0x0ce8 C:\Program Files (x86)\EgisTec IPS\KernelController.dll - ok05:23:33.0701 0x0ce8 [ 0B0E1595C3546F94013015ECADD79210, 2BBBA4CBFDDDC994F0AAFEC3B835EFB7FCA4677590D58FBA7609EC79F66ABE5C ] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe05:23:33.0701 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe - ok05:23:33.0716 0x0ce8 [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED130DB69D2D16E90A ] C:\Windows\System32\tquery.dll05:23:33.0716 0x0ce8 C:\Windows\System32\tquery.dll - ok05:23:33.0732 0x0ce8 [ 0A7AC2320F5ACB63A44F8BBFC41D930A, 045884D40820128C0B8B6907DFF0E0BCBF0F0EE1421414500DE965ACC4E27DDB ] C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe05:23:33.0732 0x0ce8 C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe - ok05:23:33.0732 0x0ce8 [ 0818E53378111D8CF9195E1FC2B54067, C206AAB850CAEF053380A0F48862945CE983B773EB864C3BC17DDABC98E34363 ] C:\Program Files (x86)\EgisTec BioExcess\LibFrame.dll05:23:33.0732 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\LibFrame.dll - ok05:23:33.0747 0x0ce8 [ D515886454D5C2531E012D6C64E8C933, B0B1D7731EECA44B89F070FEA3FF14C6BC1B3CBFC842070FD83D5303A3223039 ] C:\Program Files (x86)\EgisTec IPS\LiveUpdateUI.dll05:23:33.0747 0x0ce8 C:\Program Files (x86)\EgisTec IPS\LiveUpdateUI.dll - ok05:23:33.0763 0x0ce8 [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll05:23:33.0763 0x0ce8 C:\Windows\System32\stobject.dll - ok05:23:33.0763 0x0ce8 [ BDB70EA0834EEC93927D9ABF95D11CB7, 6B92A96BFD08B4CFBBE3E983019E17029E4E886FDE821D06C94D0D9946B69964 ] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe05:23:33.0763 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe - ok05:23:33.0779 0x0ce8 [ 93812FDC01AA864195816CD814445F95, E5CB2576DA2905177AFD342DBE63E17CF626F93F430DEBC55155C18C60166BEE ] C:\Program Files\Microsoft Security Client\SqmApi.dll05:23:33.0779 0x0ce8 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok05:23:33.0794 0x0ce8 [ C140F86932B5B61F54A4D836E2D34AB2, 94821597EC70F27BF11A747D5EED474C57F389F20A2E0C3F1D0CB3F00974A53B ] C:\Windows\SysWOW64\ksproxy.ax05:23:33.0794 0x0ce8 C:\Windows\SysWOW64\ksproxy.ax - ok05:23:33.0794 0x0ce8 [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll05:23:33.0794 0x0ce8 C:\Windows\System32\batmeter.dll - ok05:23:33.0810 0x0ce8 [ 9C67F6BBDA3881CFD02095160CF91576, 6CE97C6F0AD8BE183DE935A7AAB7D46821E8DE9E55A4BFF54ACB49D056826A94 ] C:\Windows\SysWOW64\ksuser.dll05:23:33.0810 0x0ce8 C:\Windows\SysWOW64\ksuser.dll - ok05:23:33.0825 0x0ce8 [ 6EF5F3F18413C367195F06E503AB86A6, 6F8B87FB4D67F9E76A51EF759B58A95D903C4AAC9C789A65A3FA1FC4F253D978 ] C:\Windows\SysWOW64\d3d9.dll05:23:33.0825 0x0ce8 C:\Windows\SysWOW64\d3d9.dll - ok05:23:33.0825 0x0ce8 [ 3D22A5BF5A63BF1B3020BB99AD902EA2, A7A9C7BFC93BB485C14D5D9BF9BA98FFC5F97818D9EECC5C0751DA4FB0531873 ] C:\Program Files (x86)\Lenovo\VeriFace\mfc80ud.dll05:23:33.0841 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\mfc80ud.dll - ok05:23:33.0841 0x0ce8 [ EEC88D8DACCE02562571D5AB702F7738, 4208E017655BD34EEAFD7EE4611D7CFDB9F621AC1F1865220823B8A5ED500195 ] C:\Program Files (x86)\EgisTec BioExcess\FrameUtility.dll05:23:33.0841 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\FrameUtility.dll - ok05:23:33.0857 0x0ce8 [ 7CD9BF0A5F47F9584E59BDF674FD1C5D, 821F2A5380B1E64B0629D67259BA92A923D5D405526CB6C44BC422294C031C1F ] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe05:23:33.0857 0x0ce8 C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe - ok05:23:33.0872 0x0ce8 [ A01FB0B0C58319FB350A53EDAA947D36, F096607CEA3EB1D569B9767B98C1409F54332A97B78848BC3CBEB92FDFAAB787 ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe05:23:33.0872 0x0ce8 C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe - ok05:23:33.0888 0x0ce8 [ 8B8D1CEF498678CAB9DF17145D34BC64, B833545CC592BBF77F4F3E6BA9961D10673AA3F4E2CF6369F6A3BDAF1BC02026 ] C:\Windows\SysWOW64\msxml3.dll05:23:33.0888 0x0ce8 C:\Windows\SysWOW64\msxml3.dll - ok05:23:33.0903 0x0ce8 [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe05:23:33.0903 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok05:23:33.0919 0x0ce8 [ E66532FD491AD5604C36916715FBA092, 43FA8EF2025E7F1281CA024CB2EB2A433310E1515DCA9359035B3FB4BAE1FA8C ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe05:23:33.0919 0x0ce8 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe - ok05:23:33.0919 0x0ce8 [ 3FB4E7E2069F0FD9E15ABC18D605E427, 2FFC218E575DA9E8C86E468227B302752C73EA3246CC0A599D7BCC41ED404F4D ] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe05:23:33.0919 0x0ce8 C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe - ok05:23:33.0935 0x0ce8 [ 007863E45F25AA47A4C30D0930BBFD85, 60F2ABA40D520FCA2C57FA2DB72E111C14F21821DA17F662837506B80C269634 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll05:23:33.0935 0x0ce8 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok05:23:33.0950 0x0ce8 [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll05:23:33.0950 0x0ce8 C:\Windows\System32\mssrch.dll - ok05:23:33.0950 0x0ce8 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll05:23:33.0950 0x0ce8 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok05:23:33.0966 0x0ce8 [ 3CB07566302BCEEB898DE270A0BEC175, B234D1044D8702A0929BB48F729EB5078B44AA7CD574B6482633B51289E70200 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe05:23:33.0966 0x0ce8 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok05:23:33.0981 0x0ce8 [ FC1784603B745AA278D94F73F2265123, 2CB1178ADC06C3E0E35A3133B262E0DE86F8A36CC7582FBC86FA9C3FB569BB6B ] C:\Program Files (x86)\EgisTec IPS\LicenseCenter.dll05:23:33.0981 0x0ce8 C:\Program Files (x86)\EgisTec IPS\LicenseCenter.dll - ok05:23:33.0997 0x0ce8 [ 0EBA18CFE180301E119DD9258D8A972E, 7ED7692480180009629B596E726DD2C3F33FCF6704F9D93E2191552928BAC348 ] C:\Program Files (x86)\EgisTec Port Locker\EgisPLAbout.dll05:23:33.0997 0x0ce8 C:\Program Files (x86)\EgisTec Port Locker\EgisPLAbout.dll - ok05:23:33.0997 0x0ce8 [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe05:23:33.0997 0x0ce8 C:\Program Files (x86)\QuickTime\QTTask.exe - ok05:23:34.0013 0x0ce8 [ B7D056C361B9BFC070E918970A599539, 3A25CF3AF0C5A452EA882D776DBD9BE78D7FD93649367A555C68E008D760C0EF ] C:\Program Files (x86)\EgisTec IPS\UpdateModel.dll05:23:34.0013 0x0ce8 C:\Program Files (x86)\EgisTec IPS\UpdateModel.dll - ok05:23:34.0028 0x0ce8 [ 77B1471A490B53B24EFE136F09F76550, A650C3A244306F8E605BDA8E74BFE438356BA4403B0CB61E980D3183E3F0A7C7 ] C:\Windows\SysWOW64\d3d8thk.dll05:23:34.0028 0x0ce8 C:\Windows\SysWOW64\d3d8thk.dll - ok05:23:34.0044 0x0ce8 [ E83752042FBD63EA4D0FC27ABE20B162, FB3D1569E7D696946B65ED39AA30665A0EBD6B3ED226568BA85D4566919640CB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll05:23:34.0044 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok05:23:34.0059 0x0ce8 [ 6221D8CD04360CC96334798295130BA5, C4C8F43B06BA51214859247D7980C9BF822988968F98E85EBEE58E36BA34927D ] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe05:23:34.0059 0x0ce8 C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe - ok05:23:34.0075 0x0ce8 [ FBFCA1A574D47EE575448B719CBBF2E4, B7CAB2D0D95679B05EFC8E1303BAA65C9B3B80527C3FD3AECDC0D2E59919D36E ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL05:23:34.0075 0x0ce8 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok05:23:34.0091 0x0ce8 [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe05:23:34.0091 0x0ce8 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok05:23:34.0106 0x0ce8 [ 32ACFE4FA51FF328CB7397BCEB57AD50, 5D8B98DC11A7652CE6E683A3942BB20AE4CF57D61533D8FA34B47648C3FBEA95 ] C:\Program Files (x86)\Lenovo\VeriFace\English\TimeLockRes.dll05:23:34.0106 0x0ce8 C:\Program Files (x86)\Lenovo\VeriFace\English\TimeLockRes.dll - ok05:23:34.0106 0x0ce8 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A, 52D1A8AA992AF2F727DA4B16522D604648D700997B1620CCB67D05838C127674 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll05:23:34.0106 0x0ce8 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok05:23:34.0122 0x0ce8 [ 14D6542607ACD4B2D1DDB1A36E0D8813, 3A270600549E8E7988D5AF3486C0F504269B9573393D87BF87BDB2287BF007B2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe05:23:34.0122 0x0ce8 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok05:23:34.0137 0x0ce8 [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll05:23:34.0137 0x0ce8 C:\Windows\SysWOW64\RpcRtRemote.dll - ok05:23:34.0153 0x0ce8 [ BE2D908BE1EFB785550B1D392930DDA7, A0F257154D00D1454301643FFAF40CDEBBBD45EAECD546833C67D03E7F1ED551 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll05:23:34.0153 0x0ce8 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok05:23:34.0169 0x0ce8 [ C9769FCA3A4BA70ED284BDE9654FD664, 23772EB8499492FFB782CFFC5856B9038926BECDF5BB5BF294BFBD60285E48D6 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll05:23:34.0169 0x0ce8 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok05:23:34.0184 0x0ce8 [ 4423DA4B3443BCD8374D9FE1F0EAB23E, A7BE7817535969B90F533D1B33B61E11C45D4B0A2926A65E485749C33B4085BD ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll05:23:34.0184 0x0ce8 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok05:23:34.0200 0x0ce8 [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll05:23:34.0200 0x0ce8 C:\Windows\System32\msidle.dll - ok05:23:34.0200 0x0ce8 [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui05:23:34.0200 0x0ce8 C:\Windows\System32\en-US\tquery.dll.mui - ok05:23:34.0215 0x0ce8 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll05:23:34.0215 0x0ce8 C:\Windows\System32\prnfldr.dll - ok05:23:34.0231 0x0ce8 [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll05:23:34.0231 0x0ce8 C:\Windows\System32\mssprxy.dll - ok05:23:34.0231 0x0ce8 [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll05:23:34.0231 0x0ce8 C:\Windows\System32\fundisc.dll - ok05:23:34.0247 0x0ce8 [ 2A436796758BF2555A26C770FE8A6FEE, 9E42AF3A3CB05E323CBB7F93FE7C454CD251672C5D9F5E94909131A5D8F9204A ] C:\Windows\System32\fdProxy.dll05:23:34.0247 0x0ce8 C:\Windows\System32\fdProxy.dll - ok05:23:34.0262 0x0ce8 [ B53D59915A356B06C1D7DE5B22B4177C, 98E7DF7D9695E0CB18B2C1B39473E147C6C943828950CB9EBAD71C82241FDBD7 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe05:23:34.0262 0x0ce8 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok05:23:34.0262 0x0ce8 [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll05:23:34.0262 0x0ce8 C:\Windows\System32\DXP.dll - ok05:23:34.0278 0x0ce8 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll05:23:34.0278 0x0ce8 C:\Windows\System32\Syncreg.dll - ok05:23:34.0293 0x0ce8 [ 807EB11BD87CD9026906FB79015414CE, 3FD1C7C9709B1CCDEEBD51832D17C7CDC8FC3589A771EBB61EE61E041A621B9B ] C:\Windows\System32\perfdisk.dll05:23:34.0293 0x0ce8 C:\Windows\System32\perfdisk.dll - ok05:23:34.0309 0x0ce8 [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll05:23:34.0309 0x0ce8 C:\Windows\ehome\ehSSO.dll - ok05:23:34.0309 0x0ce8 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll05:23:34.0309 0x0ce8 C:\Windows\SysWOW64\dhcpcsvc.dll - ok05:23:34.0325 0x0ce8 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll05:23:34.0325 0x0ce8 C:\Windows\System32\AltTab.dll - ok05:23:34.0340 0x0ce8 [ 81F6C1AE23B1C493D9E996C3103915D7, E22408B4D2EDE2F89E686A4FDCD4057BE27B86D050E9CB489F0FFB39C72AEC1D ] C:\Windows\SysWOW64\dhcpcsvc6.dll05:23:34.0340 0x0ce8 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok05:23:34.0340 0x0ce8 [ E2F56CD9FB2D26A9FE495E5FB1544EF3, 19F7D81AD3B357DB78C972F6DEED99CC9A8D1C387A23560131328AABCA0D62D3 ] C:\Program Files\Internet Explorer\sqmapi.dll05:23:34.0356 0x0ce8 C:\Program Files\Internet Explorer\sqmapi.dll - ok05:23:34.0356 0x0ce8 [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll05:23:34.0356 0x0ce8 C:\Windows\System32\WPDShServiceObj.dll - ok05:23:34.0371 0x0ce8 [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll05:23:34.0371 0x0ce8 C:\Windows\System32\PortableDeviceTypes.dll - ok05:23:34.0387 0x0ce8 [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll05:23:34.0387 0x0ce8 C:\Windows\System32\pnidui.dll - ok05:23:34.0387 0x0ce8 [ F1278B3514EA6FA9BC39B20D26139AAC, 7FA1B8CCBB4771F3105EEACE2C13F949FA65C7F53817C783BDF9770F94FF12B5 ] C:\Windows\SysWOW64\msiltcfg.dll05:23:34.0387 0x0ce8 C:\Windows\SysWOW64\msiltcfg.dll - ok05:23:34.0403 0x0ce8 [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL05:23:34.0403 0x0ce8 C:\Windows\System32\QUTIL.DLL - ok05:23:34.0418 0x0ce8 [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll05:23:34.0418 0x0ce8 C:\Windows\SysWOW64\sxs.dll - ok05:23:34.0418 0x0ce8 [ 040C4DD005BE0E280668BCA449208335, A1986656A31052C1DAD00A87CB4167E811FC74B32638650AF03E1B27ED499A2F ] C:\Program Files (x86)\EgisTec IPS\IPS.dll05:23:34.0418 0x0ce8 C:\Program Files (x86)\EgisTec IPS\IPS.dll - ok05:23:34.0434 0x0ce8 [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll05:23:34.0434 0x0ce8 C:\Windows\System32\srchadmin.dll - ok05:23:34.0449 0x0ce8 [ 67318421A419BE892811A83E706FF3BB, 64A49BCD8A7B73888E2C52F6A0C2BA22103EE3B3D91CF9852DA91A4B286AF04A ] C:\Program Files (x86)\EgisTec BioExcess\EgisPBCore.dll05:23:34.0449 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\EgisPBCore.dll - ok05:23:34.0465 0x0ce8 [ A081515D303703DD209BA588646ACAF1, EB26A063CBD158A18A86624880CCFD21069593ACA62407F44415819278C1FC01 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll05:23:34.0465 0x0ce8 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok05:23:34.0465 0x0ce8 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] C:\Windows\SysWOW64\netprofm.dll05:23:34.0465 0x0ce8 C:\Windows\SysWOW64\netprofm.dll - ok05:23:34.0481 0x0ce8 [ 0BA65122FFA7E37564EE86422DBF7AE8, 3A37FC503D3228D021473AECA285427382518CC36C197E4C9912745BDF3AB757 ] C:\Windows\SysWOW64\nlaapi.dll05:23:34.0481 0x0ce8 C:\Windows\SysWOW64\nlaapi.dll - ok05:23:34.0496 0x0ce8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll05:23:34.0496 0x0ce8 C:\Windows\System32\netprofm.dll - ok05:23:34.0496 0x0ce8 [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll05:23:34.0496 0x0ce8 C:\Windows\System32\ActionCenter.dll - ok05:23:34.0512 0x0ce8 [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll05:23:34.0512 0x0ce8 C:\Windows\System32\npmproxy.dll - ok05:23:34.0527 0x0ce8 [ 15E298B5EC5B89C5994A59863969D9FF, 8D38B2E023462D0804F72E907D11FF72CE84540EA3B8D83F411C602C3F6A1177 ] C:\Windows\SysWOW64\npmproxy.dll05:23:34.0527 0x0ce8 C:\Windows\SysWOW64\npmproxy.dll - ok05:23:34.0527 0x0ce8 [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl05:23:34.0527 0x0ce8 C:\Windows\System32\bthprops.cpl - ok05:23:34.0543 0x0ce8 [ D0E353C06318D80AFC61CF226F47263E, 1695E3D060BCC70439B744DD402E9AE579A0D4071A56C1779541845CE8ABF6F4 ] C:\Program Files (x86)\EgisTec BioExcess\EgisAbout.dll05:23:34.0543 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\EgisAbout.dll - ok05:23:34.0559 0x0ce8 [ 448C1671C3EB5F357E0AA7B649F99CF2, 521455AEF9C1C7E27AA76D715678CFDD3D8727692D3438A4A3796DDCB3A6773A ] C:\Program Files (x86)\EgisTec BioExcess\EgisFeature.dll05:23:34.0559 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\EgisFeature.dll - ok05:23:34.0559 0x0ce8 [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll05:23:34.0559 0x0ce8 C:\Windows\System32\FXSST.dll - ok05:23:34.0574 0x0ce8 [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll05:23:34.0574 0x0ce8 C:\Windows\System32\FXSAPI.dll - ok05:23:34.0590 0x0ce8 [ F290F135F174DF1CA20A0AF5D457D943, 740A2096873EA131E286DD657C81A2C8FD37109F12E3E419390B8CD25095F6DF ] C:\Program Files (x86)\EgisTec BioExcess\EgisFactorProxy.dll05:23:34.0590 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\EgisFactorProxy.dll - ok05:23:34.0605 0x0ce8 [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll05:23:34.0605 0x0ce8 C:\Windows\System32\FXSRESM.dll - ok05:23:34.0605 0x0ce8 [ 9FA2CCA323FF8B964E90F1E856285BDE, AE63C59BA92F3DEBC9E0A5D1E27E666E462388EF512E71EC997E58012D36CB2B ] C:\Program Files (x86)\EgisTec BioExcess\EgisTicketProxy.dll05:23:34.0605 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\EgisTicketProxy.dll - ok05:23:34.0621 0x0ce8 [ 358315B14FACC1BB41B558529DA3DAD9, 2C5E2C8F391E7F2BA374819EEA93A9CD8FBA44F5C0369D96AD95F98D918FE266 ] C:\Program Files (x86)\EgisTec BioExcess\EgisBiometricProxy.dll05:23:34.0621 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\EgisBiometricProxy.dll - ok05:23:34.0637 0x0ce8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe05:23:34.0637 0x0ce8 C:\Windows\System32\FXSSVC.exe - ok05:23:34.0652 0x0ce8 [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] C:\Program Files\iPod\bin\iPodService.exe05:23:34.0652 0x0ce8 C:\Program Files\iPod\bin\iPodService.exe - ok05:23:34.0652 0x0ce8 [ F00AE7B953ABEF1B53FBBA187DFC8238, 6FFA160FB6821A725A7D81E1BECE1DE89E3E022B33E56A7468E2E0B4C8B2AE31 ] C:\Windows\System32\webcheck.dll05:23:34.0652 0x0ce8 C:\Windows\System32\webcheck.dll - ok05:23:34.0668 0x0ce8 [ 5983C3104C6D0658667AB2070CBABA90, 32F38046C9AEBA7A2EFE3627FB49E8172BB2804A5DBA56B2DBBF634947143FC5 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll05:23:34.0668 0x0ce8 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok05:23:34.0683 0x0ce8 [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll05:23:34.0683 0x0ce8 C:\Windows\System32\SyncCenter.dll - ok05:23:34.0699 0x0ce8 [ 8D8E48C127B001158D8641DBDEC807FC, 96DC569DCC08C2B150FE65718AE00C444EDEB3802D87B8E1E0B8E3F6F0624BF5 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll05:23:34.0699 0x0ce8 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok05:23:34.0699 0x0ce8 [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll05:23:34.0699 0x0ce8 C:\Windows\System32\rasdlg.dll - ok05:23:34.0715 0x0ce8 [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll05:23:34.0715 0x0ce8 C:\Windows\System32\imapi2.dll - ok05:23:34.0730 0x0ce8 [ 1B23071B050ADED39BBAB3A48D45F8CB, E5CB942BAE0730C19ADAE0FFA236D3AAE77CD297452BE3B6E6591438951E08B8 ] C:\Program Files (x86)\EgisTec BioExcess\EgisLaunch.dll05:23:34.0730 0x0ce8 C:\Program Files (x86)\EgisTec BioExcess\EgisLaunch.dll - ok05:23:34.0730 0x0ce8 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll05:23:34.0730 0x0ce8 C:\Windows\System32\dot3api.dll - ok05:23:34.0746 0x0ce8 [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll05:23:34.0746 0x0ce8 C:\Windows\System32\wlanapi.dll - ok05:23:34.0761 0x0ce8 [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll05:23:34.0761 0x0ce8 C:\Windows\System32\wlanhlp.dll - ok05:23:34.0761 0x0ce8 [ D1BBE227367ED791D5FCF08E132D2956, 34349B7FB46BB89D59CC9CC6CD3F790870AB96642254C0374D97AFAC6121B945 ] C:\Windows\SysWOW64\opengl32.dll05:23:34.0761 0x0ce8 C:\Windows\SysWOW64\opengl32.dll - ok05:23:34.0777 0x0ce8 [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll05:23:34.0777 0x0ce8 C:\Windows\System32\hgcpl.dll - ok05:23:34.0793 0x0ce8 [ DE3897365B04C4DA1CF8FF725577C082, 44703E2D6C7219714C929D8ED096C8E044A3EDCA73198870A5CC4EF5CE16C397 ] C:\Windows\SysWOW64\glu32.dll05:23:34.0793 0x0ce8 C:\Windows\SysWOW64\glu32.dll - ok05:23:34.0793 0x0ce8 [ 198552AEFECA69D646867EC8D792DE95, 6978D5205387391748EE7E9FACF1AE607C37FBFD83B77CB632DD772F8D71A165 ] C:\Windows\SysWOW64\ddraw.dll05:23:34.0793 0x0ce8 C:\Windows\SysWOW64\ddraw.dll - ok05:23:34.0808 0x0ce8 [ 2342EC9254F4C60CA98441BD65C89E12, 7FDCAEB5D021E291A1C9B94DD4D49913CE363BF94D37518E466DB3DD72C41D05 ] C:\Windows\SysWOW64\dciman32.dll05:23:34.0808 0x0ce8 C:\Windows\SysWOW64\dciman32.dll - ok05:23:34.0824 0x0ce8 [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll05:23:34.0824 0x0ce8 C:\Windows\System32\WWanAPI.dll - ok05:23:34.0824 0x0ce8 [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll05:23:34.0824 0x0ce8 C:\Windows\System32\wwapi.dll - ok05:23:34.0839 0x0ce8 [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL05:23:34.0839 0x0ce8 C:\Windows\System32\QAGENT.DLL - ok05:23:34.0839 0x0ce8 [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll05:23:34.0839 0x0ce8 C:\Windows\SysWOW64\NapiNSP.dll - ok05:23:34.0855 0x0ce8 [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll05:23:34.0855 0x0ce8 C:\Windows\SysWOW64\pnrpnsp.dll - ok05:23:34.0871 0x0ce8 [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll05:23:34.0871 0x0ce8 C:\Windows\SysWOW64\winrnr.dll - ok05:23:34.0886 0x0ce8 [ F0D0E883EBBDC7615DC9EDEA0FFB2817, 58F1395445018CB16ED4D3710443FB5B0E087043F6A69F7B10D72D0455958954 ] C:\Windows\SysWOW64\FWPUCLNT.DLL05:23:34.0886 0x0ce8 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok05:23:34.0886 0x0ce8 [ AC122407B29378FF9646F03404AC7C54, 01F03A11C4419665557C3CB7E712B8AD59B13703115CB10C9F39FBE82D177BE6 ] C:\Windows\SysWOW64\wshbth.dll05:23:34.0886 0x0ce8 C:\Windows\SysWOW64\wshbth.dll - ok05:23:34.0902 0x0ce8 ================ Scan generic autorun ======================05:23:34.0902 0x0ce8 SynTPEnh - ok05:23:35.0807 0x0ce8 [ 39F53D30AAF0427A02D6F1223C18DC5B, 0916F1A2F53BD2D65538A3E215A80BA7EA87D52D8B9C1885E0FB2D365A68BEDB ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe05:23:36.0306 0x0ce8 Energy Management - ok05:23:38.0162 0x0ce8 [ F43AB67D41349AD8BB1FE045C5C49832, E79C50F6EA022AA41A502D780CB72232AC094FD008C31EDC51A1F58EF00B1F08 ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe05:23:38.0459 0x0ce8 EnergyUtility - ok05:23:38.0708 0x0ce8 [ 3F35AC7163E403C1FA8D34EB2FF36302, 47AE59E315A2BAE7003A18BFDC3859EFBED511822F4BA5F2E02C6D2464A019C1 ] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe05:23:38.0739 0x0ce8 Lenovo EE Boot Optimizer - ok05:23:39.0426 0x0ce8 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] C:\Program Files\Microsoft Security Client\msseces.exe05:23:39.0519 0x0ce8 MSC - ok05:23:39.0722 0x0ce8 [ FCB1D74BCC52E843747D27ECC44F15BF, A636D2CAE52AB01E02B61A1822D1FBCD82D94DAE557EB82EC81853BEEFEC7339 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe05:23:40.0097 0x0ce8 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )05:23:40.0097 0x0ce8 StartCCC ( UnsignedFile.Multi.Generic ) - warning05:23:40.0097 0x0ce8 Force sending object to P2P due to detect: C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe05:23:40.0097 0x0ce8 Object send P2P result: false05:23:40.0237 0x0ce8 [ 61A2DBA2126BA1425CC5AECC8E8AD055, 08F07F52FF5C157F00EFEA74AB621F5E47465CD0A3359C5A513B9A01DDB9FEF0 ] C:\Program Files (x86)\USB Camera\VM331_STI.EXE05:23:40.0362 0x0ce8 331BigDog - ok05:23:40.0455 0x0ce8 [ 0453907E40313F95371CF0CA603E5EE3, 7E62A05070BCF45391AA3C2A06F4197795BB95ABA3737CDC2E979A993C47F2F7 ] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe05:23:40.0487 0x0ce8 EgisTecPMMUpdate - ok05:23:40.0549 0x0ce8 [ 12F639E4677756AF38F1B036D6CD78E5, 0E0430DA3A42A35254E92BC419EA8A93D69F3DFC58A0723BAC58A7C90CE9610E ] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe05:23:40.0565 0x0ce8 EgisUpdate - ok05:23:40.0799 0x0ce8 [ 0B0E1595C3546F94013015ECADD79210, 2BBBA4CBFDDDC994F0AAFEC3B835EFB7FCA4677590D58FBA7609EC79F66ABE5C ] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe05:23:40.0830 0x0ce8 VitaKeyTSR - ok05:23:40.0892 0x0ce8 [ 0A7AC2320F5ACB63A44F8BBFC41D930A, 045884D40820128C0B8B6907DFF0E0BCBF0F0EE1421414500DE965ACC4E27DDB ] C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe05:23:40.0939 0x0ce8 PLTSR - ok05:23:41.0079 0x0ce8 [ BDB70EA0834EEC93927D9ABF95D11CB7, 6B92A96BFD08B4CFBBE3E983019E17029E4E886FDE821D06C94D0D9946B69964 ] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe05:23:41.0111 0x0ce8 VeriFaceManager - ok05:23:41.0189 0x0ce8 [ B00F98FF6FE8682FF941BEB2559BF191, EB443E294C5609F426BF6EE388F3A4B71EFE2C6A8216C0F6DE7AE6DB382BF620 ] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe05:23:41.0220 0x0ce8 YouCam Mirage - ok05:23:41.0251 0x0ce8 [ 7CD9BF0A5F47F9584E59BDF674FD1C5D, 821F2A5380B1E64B0629D67259BA92A923D5D405526CB6C44BC422294C031C1F ] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe05:23:41.0282 0x0ce8 YouCam Tray - detected UnsignedFile.Multi.Generic ( 1 )05:23:41.0282 0x0ce8 YouCam Tray ( UnsignedFile.Multi.Generic ) - warning05:23:41.0407 0x0ce8 [ A01FB0B0C58319FB350A53EDAA947D36, F096607CEA3EB1D569B9767B98C1409F54332A97B78848BC3CBEB92FDFAAB787 ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe05:23:41.0438 0x0ce8 UpdateP2GShortCut - ok05:23:41.0547 0x0ce8 [ 3FB4E7E2069F0FD9E15ABC18D605E427, 2FFC218E575DA9E8C86E468227B302752C73EA3246CC0A599D7BCC41ED404F4D ] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe05:23:41.0563 0x0ce8 UpdatePRCShortCut - ok05:23:41.0672 0x0ce8 [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe05:23:41.0688 0x0ce8 APSDaemon - ok05:23:41.0828 0x0ce8 [ E66532FD491AD5604C36916715FBA092, 43FA8EF2025E7F1281CA024CB2EB2A433310E1515DCA9359035B3FB4BAE1FA8C ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe05:23:41.0859 0x0ce8 Adobe Reader Speed Launcher - ok05:23:41.0984 0x0ce8 [ 3CB07566302BCEEB898DE270A0BEC175, B234D1044D8702A0929BB48F729EB5078B44AA7CD574B6482633B51289E70200 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe05:23:42.0047 0x0ce8 Adobe ARM - ok05:23:42.0187 0x0ce8 [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe05:23:42.0218 0x0ce8 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )05:23:42.0218 0x0ce8 QuickTime Task ( UnsignedFile.Multi.Generic ) - warning05:23:42.0499 0x0ce8 [ 6221D8CD04360CC96334798295130BA5, C4C8F43B06BA51214859247D7980C9BF822988968F98E85EBEE58E36BA34927D ] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe05:23:42.0608 0x0ce8 ApnTBMon - ok05:23:42.0780 0x0ce8 [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe05:23:42.0795 0x0ce8 iTunesHelper - ok05:23:42.0983 0x0ce8 [ 14D6542607ACD4B2D1DDB1A36E0D8813, 3A270600549E8E7988D5AF3486C0F504269B9573393D87BF87BDB2287BF007B2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe05:23:43.0014 0x0ce8 SunJavaUpdateSched - ok05:23:43.0139 0x0ce8 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe05:23:43.0232 0x0ce8 RESTART_STICKY_NOTES - ok05:23:43.0451 0x0ce8 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x60000 ( disabled : updated )05:23:43.0529 0x0ce8 Win FW state via NFP2: enabled05:23:43.0544 0x0ce8 ============================================================05:23:43.0544 0x0ce8 Scan finished05:23:43.0544 0x0ce8 ============================================================05:23:43.0560 0x0ce0 Detected object count: 605:23:43.0560 0x0ce0 Actual detected object count: 605:24:59.0034 0x0ce0 AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - skipped by user05:24:59.0034 0x0ce0 AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - User select action: Skip05:24:59.0034 0x0ce0 AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user05:24:59.0034 0x0ce0 AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip05:24:59.0034 0x0ce0 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user05:24:59.0034 0x0ce0 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip05:24:59.0034 0x0ce0 StartCCC ( UnsignedFile.Multi.Generic ) - skipped by user05:24:59.0034 0x0ce0 StartCCC ( UnsignedFile.Multi.Generic ) - User select action: Skip05:24:59.0034 0x0ce0 YouCam Tray ( UnsignedFile.Multi.Generic ) - skipped by user05:24:59.0034 0x0ce0 YouCam Tray ( UnsignedFile.Multi.Generic ) - User select action: Skip05:24:59.0050 0x0ce0 QuickTime Task ( UnsignedFile.Multi.Generic ) - skipped by user05:24:59.0050 0x0ce0 QuickTime Task ( UnsignedFile.Multi.Generic ) - User select action: Skip05:25:06.0928 0x0a34 Deinitialize success Link to post Share on other sites
Recommended Posts