Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blank white screen after logging in. (Windows 7)


  • Please log in to reply
26 replies to this topic

#1 restricted

restricted

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Los Angeles, CA
  • Local time:08:36 PM

Posted 28 March 2014 - 06:02 AM

Hello! Thanks so much for taking the time to read my thread.  :)

 

I've run into a bit of trouble with my HP pavillion dm4-1065dx laptop (Windows 7 x64) in the past few days. I have a variety of symptoms that lead me to believe I could be infected with something, possibly failed ransomware. My main issue of concern is that, when I log in, I get a blank white screen with pointer only following the "welcome" screen

 

Including this, here's a breakdown of some of the problems I've been facing:

 

- blank white screen with pointer only, after logging in / following the "welcome" screen (however, if I wait over 2 minutes or so, the desktop WILL eventually load and be usable)

- inconsistency with being able to boot windows normally (sometimes it works, but sometimes it never makes it to the login screen at all - working for now)

- inability to boot into safe mode (hangs at classpnp.sys - note: I usually CAN boot into safe mode with command prompt)

- general slowness, especially upon startup

- "could not reconnect all network drives" bubble pops up often

 

As for tests I've run and things I've tried thus far:

 

- malwarebytes (most notable discoveries were hijack.startmenu, conduit)

- hitmanpro (just chrome tracking cookies)

- tdsskiller (OK)

- roguekiller (various PUM HJ DESKs found in registry)

- adwcleaner (didn't help)

- farbar recovery scan tool (I've only run it in recovery mode, and while I did get the log, it caused computer to show "windows failed at startup" message upon restart)

- system restore (problem still remains)

- Kaspersky 2011 antivirus (shows no threats detected)

- **3/28/2014 11:16PM - ESET online scan (scan only, with 20+ items detected - feel free to ask for my log if needed)

 

- clean boot through msconfig (same white screen and still as slow)

- memory test & hard-drive test through HP boot menu (all OK)

- system file check (OK)

- chkdsk (OK in read-only, but never successfully starts when trying to run during startup)

 

Other potentially relevant information:

- I tried to update many of my drivers early on without success, and was forced to system restore.

- I recently performed many Windows updates, most of which were successful.

- I currently use an external monitor and USB keyboard due to my laptop screen being unusable (cracked from way back).

- I run my computer plugged in at all times, because my battery doesn't charge anymore...

- I don't have a Windows 7 CD/DVD on hand, nor a second usable PC - just a macbook pro, which I'm typing on now.

 

I apologize for the long and in-depth description, but I hope it serves to be informative somehow. Following this is my Farbar Recovery Scan Tool Log (ran it in recovery mode because I couldn't enter Windows normally at the time) for your use:

 

------------------------------------------------------------------------------------------------------------------

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by SYSTEM on MININT-GUHDF25 on 28-03-2014 02:48:52
Running from H:\
Windows 7 Ultimate (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet004
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-03-07] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2009-12-16] (Hewlett-Packard)
HKLM\...\Run: [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-18] (Hewlett-Packard Company)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2011-02-20] (Alcor Micro Corp.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [352976 2010-09-16] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [VitaKeyTSR] - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe [379248 2010-02-04] (Egis Technology Inc. )
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-27] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-08] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-08] (Egis Technology Inc.)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-25] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\Default User\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default User\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\Owner\...\Run: [RocketDock] - C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\Owner\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\Owner\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\sbhook64.dll [72376 2010-07-01] (Kaspersky Lab ZAO)
AppInit_DLLs: , C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\kloehk.dll [16568 2010-07-01] (Kaspersky Lab ZAO)
AppInit_DLLs-x32: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\mzvkbd3.dll [109240 2010-07-01] (Kaspersky Lab ZAO)
AppInit_DLLs-x32: , C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\sbhook.dll [76472 2010-07-01] (Kaspersky Lab ZAO)
Lsa: [Notification Packages] EgisPwdFilter EgisDSPwdFilter
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Services (Whitelisted) =================

S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [352976 2010-09-16] (Kaspersky Lab ZAO)
S2 DvmMDES; C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [338168 2010-03-31] (DeviceVM, Inc.)
S2 EgisTec Service; C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe [689008 2010-02-04] (Egis Technology Inc. )
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-03-06] (Hewlett-Packard Company)
S2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] ()
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation)
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] ()
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)
S3 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation)
S2 UCManSvc; C:\Program Files (x86)\SoftDenchi\UCManSvc.exe [186512 2012-11-01] (Paltiosoft Inc.)

==================== Drivers (Whitelisted) ====================

S1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2009-11-11] (DeviceVM, Inc.)
S0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2010-06-09] (Kaspersky Lab ZAO)
S1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2010-06-09] (Kaspersky Lab ZAO)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [556120 2010-09-16] (Kaspersky Lab)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [27736 2010-04-22] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-11-27] (Duplex Secure Ltd.)
S5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () <===== ATTENTION Necurs Rootkit?
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-28 02:01 - 2014-03-28 02:48 - 00000000 ____D () C:\FRST
2014-03-28 01:43 - 2014-03-28 01:02 - 00047758 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-03-28 00:21 - 2014-03-28 00:21 - 00001696 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_03282014_012103.txt
2014-03-28 00:18 - 2014-03-28 00:18 - 00002285 _____ () C:\Users\Owner\Desktop\RKreport[0]_D_03282014_011827.txt
2014-03-28 00:17 - 2014-03-28 00:17 - 00002208 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_03282014_011724.txt
2014-03-28 00:00 - 2014-03-28 00:00 - 00000000 ____D () C:\Users\Owner\AppData\Local\SearchProtect
2014-03-27 23:57 - 2014-03-27 23:57 - 00001593 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_03282014_005730.txt
2014-03-27 23:55 - 2014-03-27 23:55 - 00002876 _____ () C:\Users\Owner\Desktop\RKreport[0]_D_03282014_005544.txt
2014-03-27 23:55 - 2014-03-27 23:55 - 00002784 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_03282014_005509.txt
2014-03-27 23:52 - 2014-03-28 02:09 - 00000000 ____D () C:\Users\Owner\Desktop\RK_Quarantine
2014-03-27 23:44 - 2014-03-28 01:35 - 00000012 ____H () C:\dvmexp.idx
2014-03-27 23:44 - 2014-03-27 23:44 - 00000000 ___HD () C:\dvmexp
2014-03-27 23:35 - 2014-03-27 23:41 - 00000000 ____D () C:\AdwCleaner
2014-03-27 23:34 - 2014-03-27 23:34 - 04134240 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Desktop\tdsskiller.exe
2014-03-27 23:34 - 2014-03-27 23:34 - 03972608 _____ () C:\Users\Owner\Desktop\RogueKiller.exe
2014-03-27 23:33 - 2014-03-27 23:33 - 00930952 _____ (CNET Download.com) C:\Users\Owner\Desktop\cbsidlm-cbsi183-AdwCleaner-SEO-75851221.exe
2014-03-27 23:10 - 2014-03-27 23:24 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-27 23:10 - 2014-03-27 23:10 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Malwarebytes
2014-03-27 23:10 - 2014-03-27 23:10 - 00000000 ____D () C:\Program Files\HitmanPro
2014-03-27 23:09 - 2014-03-27 23:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-27 22:13 - 2014-03-27 22:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\48230029.sys
2014-03-27 21:06 - 2014-03-28 02:08 - 00000000 ____D () C:\ProgramData\Sophos
2014-03-27 21:03 - 2014-03-28 02:09 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-03-27 21:01 - 2014-03-27 21:02 - 26437344 _____ (Microsoft Corporation) C:\Users\Owner\Desktop\Windows-KB890830-x64-V5.10.exe
2014-03-27 20:31 - 2014-03-27 20:31 - 00000450 __RSH () C:\ProgramData\ntuser.pol
2014-03-27 20:09 - 2014-03-27 20:09 - 00003955 _____ () C:\Windows\IE11_main.log
2014-03-27 19:58 - 2014-03-28 01:39 - 00001821 _____ () C:\Windows\setupact.log
2014-03-27 19:58 - 2014-03-27 19:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-27 19:34 - 2014-03-27 19:34 - 00081496 _____ () C:\Users\Owner\Downloads\REPAIR.reg
2014-03-27 16:38 - 2014-01-08 18:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-27 16:38 - 2014-01-03 14:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-03-27 16:09 - 2013-09-20 09:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\System32\sdnclean64.exe
2014-03-27 16:04 - 2014-03-27 16:05 - 00000085 _____ () C:\Windows\wininit.ini
2014-03-27 15:57 - 2014-03-27 15:57 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-03-27 15:56 - 2014-03-27 19:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-27 15:56 - 2014-03-27 16:09 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-27 15:26 - 2014-03-27 23:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 15:26 - 2014-03-27 15:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-27 15:26 - 2014-03-05 08:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-03-27 15:26 - 2014-03-05 08:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2014-03-27 15:26 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2014-03-27 05:08 - 2014-03-27 05:08 - 00003664 _____ () C:\bootsqm.dat
2014-03-27 01:27 - 2014-03-27 18:30 - 00000000 ____D () C:\Windows\pss
2014-03-26 17:58 - 2014-03-26 17:58 - 00000000 ____D () C:\Users\Owner\AppData\Local\TuneUp Software
2014-03-26 17:50 - 2014-03-26 17:50 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\TuneUp Software
2014-03-26 17:46 - 2014-03-27 03:07 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-26 17:27 - 2014-03-26 18:04 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-26 16:58 - 2014-03-26 16:58 - 00000017 _____ () C:\Users\Owner\AppData\Local\resmon.resmoncfg
2014-03-26 15:36 - 2014-03-26 15:36 - 00000000 ____D () C:\Program Files\Intel
2014-03-26 15:33 - 2014-03-26 15:33 - 00000000 ____D () C:\Users\Owner\Intel
2014-03-26 15:06 - 2011-03-07 00:52 - 01499136 _____ (IDT, Inc.) C:\Windows\System32\stapo64.dll
2014-03-26 15:01 - 2014-03-27 11:40 - 00000000 ____D () C:\Windows\System32\Tasks\Owner-PC
2014-03-26 14:36 - 2014-03-26 14:36 - 00000000 ____D () C:\Program Files\ATI
2014-03-26 14:35 - 2014-03-26 14:35 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-26 14:11 - 2014-03-26 14:11 - 00000000 ____D () C:\Users\Owner\AppData\Local\SlimWare Utilities Inc
2014-03-26 14:10 - 2014-03-27 11:41 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-03-26 13:48 - 2014-03-26 13:48 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\SystemRequirementsLab
2014-03-26 13:48 - 2014-03-26 13:48 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-03-26 13:41 - 2014-03-26 13:41 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-26 13:40 - 2014-03-26 13:40 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-26 13:40 - 2014-03-26 13:40 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-26 12:31 - 2013-05-09 21:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2014-03-26 12:31 - 2013-05-09 21:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2014-03-26 12:31 - 2013-05-09 20:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-03-26 12:31 - 2013-05-09 20:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-03-26 11:29 - 2013-10-01 18:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2014-03-26 11:29 - 2013-10-01 18:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2014-03-26 11:29 - 2013-10-01 18:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2014-03-26 11:29 - 2013-10-01 17:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll
2014-03-26 11:29 - 2013-10-01 17:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll
2014-03-26 11:29 - 2013-10-01 17:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2014-03-26 11:29 - 2013-10-01 17:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2014-03-26 11:29 - 2013-10-01 16:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\System32\rdvidcrl.dll
2014-03-26 11:29 - 2013-10-01 16:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-03-26 11:29 - 2013-10-01 16:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-03-26 11:29 - 2013-10-01 16:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2014-03-26 11:29 - 2013-10-01 16:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2014-03-26 11:29 - 2013-10-01 15:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-26 11:29 - 2013-10-01 15:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2014-03-26 11:29 - 2013-10-01 15:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-26 11:29 - 2013-10-01 14:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-03-26 11:10 - 2012-08-23 06:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2014-03-26 11:10 - 2012-08-23 06:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2014-03-26 11:10 - 2012-08-23 05:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-03-26 11:10 - 2012-08-23 03:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-03-26 11:10 - 2012-08-23 02:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\System32\rdpendp_winip.dll
2014-03-26 11:10 - 2012-08-23 01:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2014-03-26 11:03 - 2013-12-21 01:39 - 00600064 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-03-26 11:03 - 2013-12-20 23:56 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-26 10:36 - 2014-02-23 00:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-03-26 10:36 - 2014-02-23 00:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-03-26 10:36 - 2014-02-23 00:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-03-26 10:36 - 2014-02-23 00:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-03-26 10:36 - 2014-02-23 00:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-03-26 10:36 - 2014-02-23 00:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2014-03-26 10:36 - 2014-02-23 00:11 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-03-26 10:36 - 2014-02-23 00:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2014-03-26 10:36 - 2014-02-23 00:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-03-26 10:36 - 2014-02-23 00:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-03-26 10:36 - 2014-02-22 22:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-26 10:36 - 2014-02-22 22:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-26 10:36 - 2014-02-22 22:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-26 10:36 - 2014-02-22 22:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-26 10:36 - 2014-02-22 22:53 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-26 10:36 - 2014-02-22 22:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-26 10:36 - 2014-02-22 22:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-26 10:36 - 2014-02-22 22:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-26 10:36 - 2014-02-22 22:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-26 10:36 - 2014-02-22 22:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-03-26 10:36 - 2014-02-22 22:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-26 10:36 - 2014-02-22 21:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2014-03-26 10:36 - 2014-02-22 21:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-26 10:35 - 2014-02-23 00:13 - 02241536 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-03-26 10:35 - 2014-02-23 00:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-03-26 10:35 - 2014-02-23 00:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-03-26 10:35 - 2014-02-23 00:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-03-26 10:35 - 2014-02-23 00:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-03-26 10:35 - 2014-02-22 22:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-26 10:35 - 2014-02-22 22:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-26 10:35 - 2014-02-22 22:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-26 10:35 - 2014-02-22 22:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-26 10:35 - 2014-02-22 22:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-26 01:55 - 2014-03-26 01:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-26 01:55 - 2014-03-26 01:55 - 00000000 ____D () C:\Program Files\iTunes
2014-03-26 01:55 - 2014-03-26 01:55 - 00000000 ____D () C:\Program Files\iPod
2014-03-26 01:55 - 2014-03-26 01:55 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-26 01:20 - 2014-03-26 01:20 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-26 00:19 - 2013-12-03 18:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\System32\secproc.dll
2014-03-26 00:19 - 2013-12-03 18:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\System32\secproc_isv.dll
2014-03-26 00:19 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\System32\secproc_ssp_isv.dll
2014-03-26 00:19 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\System32\secproc_ssp.dll
2014-03-26 00:19 - 2013-12-03 18:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\System32\msdrm.dll
2014-03-26 00:19 - 2013-12-03 18:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate_isv.exe
2014-03-26 00:19 - 2013-12-03 18:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate.exe
2014-03-26 00:19 - 2013-12-03 18:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp.exe
2014-03-26 00:19 - 2013-12-03 18:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp_isv.exe
2014-03-26 00:19 - 2013-12-03 18:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-03-26 00:19 - 2013-12-03 18:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-03-26 00:19 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-03-26 00:19 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-03-26 00:19 - 2013-12-03 18:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-03-26 00:19 - 2013-12-03 17:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-03-26 00:19 - 2013-12-03 17:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-03-26 00:19 - 2013-12-03 17:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-03-26 00:19 - 2013-12-03 17:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-03-26 00:06 - 2013-12-24 15:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-03-26 00:06 - 2013-12-24 14:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-03-26 00:06 - 2013-11-26 00:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-03-26 00:06 - 2013-11-22 14:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2014-03-26 00:03 - 2013-09-24 18:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll
2014-03-26 00:03 - 2013-09-24 17:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-03-26 00:01 - 2013-11-23 10:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-03-26 00:01 - 2013-11-23 09:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2014-03-26 00:00 - 2013-12-31 15:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-03-26 00:00 - 2013-12-31 15:04 - 00420008 _____ () C:\Windows\System32\locale.nls
2014-03-26 00:00 - 2013-11-11 18:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-03-26 00:00 - 2013-11-11 18:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-03-25 23:59 - 2013-12-05 18:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2014-03-25 23:59 - 2013-12-05 18:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2014-03-25 23:59 - 2013-12-05 18:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-25 23:59 - 2013-12-05 18:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-03-25 23:59 - 2012-05-04 03:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2014-03-25 23:59 - 2012-05-04 01:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-03-25 23:58 - 2014-02-06 17:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-03-25 23:58 - 2014-01-28 18:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\System32\wer.dll
2014-03-25 23:58 - 2014-01-28 18:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-25 23:58 - 2013-11-26 17:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2014-03-25 23:58 - 2013-11-26 17:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2014-03-25 23:58 - 2013-11-26 17:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2014-03-25 23:58 - 2013-11-26 17:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2014-03-25 23:58 - 2013-11-26 17:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2014-03-25 23:58 - 2013-11-26 17:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2014-03-25 23:58 - 2013-11-26 17:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2014-03-25 23:58 - 2013-10-18 18:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2014-03-25 23:58 - 2013-10-18 17:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-03-25 23:57 - 2013-11-26 03:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2014-03-25 23:56 - 2014-01-27 18:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2014-03-25 23:56 - 2013-10-29 18:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\System32\msieftp.dll
2014-03-25 23:56 - 2013-10-29 18:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-03-25 23:56 - 2013-10-03 18:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2014-03-25 23:56 - 2013-10-03 17:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2014-03-25 23:54 - 2014-02-03 18:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-03-25 23:54 - 2014-02-03 18:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2014-03-25 23:54 - 2014-02-03 18:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-25 23:54 - 2014-02-03 18:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-25 23:54 - 2013-10-11 18:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\System32\wshom.ocx
2014-03-25 23:54 - 2013-10-11 18:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2014-03-25 23:54 - 2013-10-11 18:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-03-25 23:54 - 2013-10-11 18:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-03-25 23:54 - 2013-10-11 17:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\System32\wscript.exe
2014-03-25 23:54 - 2013-10-11 17:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\System32\cscript.exe
2014-03-25 23:54 - 2013-10-11 17:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-03-25 23:54 - 2013-10-11 17:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-03-25 23:52 - 2014-03-25 23:52 - 00083664 _____ () C:\Users\Owner\Downloads\cc_20140326_005252.reg

==================== One Month Modified Files and Folders =======

2014-03-28 02:48 - 2014-03-28 02:01 - 00000000 ____D () C:\FRST
2014-03-28 02:28 - 2010-11-25 08:36 - 00000000 ____D () C:\ProgramData\Recovery
2014-03-28 02:09 - 2014-03-27 23:52 - 00000000 ____D () C:\Users\Owner\Desktop\RK_Quarantine
2014-03-28 02:09 - 2014-03-27 21:03 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-03-28 02:09 - 2012-04-03 16:37 - 00000000 ____D () C:\ProgramData\paltiosoft
2014-03-28 02:09 - 2011-07-18 15:47 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Rainmeter
2014-03-28 02:09 - 2010-08-19 15:57 - 00000000 ____D () C:\ProgramData\CinemaNow
2014-03-28 02:09 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-03-28 02:08 - 2014-03-27 21:06 - 00000000 ____D () C:\ProgramData\Sophos
2014-03-28 01:44 - 2012-04-03 16:15 - 01970348 _____ () C:\Windows\WindowsUpdate.log
2014-03-28 01:43 - 2010-09-13 12:18 - 00634130 _____ () C:\Windows\System32\perfh012.dat
2014-03-28 01:43 - 2010-09-13 12:18 - 00324922 _____ () C:\Windows\System32\perfc012.dat
2014-03-28 01:43 - 2010-09-13 12:11 - 01022678 _____ () C:\Windows\System32\perfh011.dat
2014-03-28 01:43 - 2010-09-13 12:11 - 00333180 _____ () C:\Windows\System32\perfc011.dat
2014-03-28 01:43 - 2009-07-13 21:13 - 00006306 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-03-28 01:39 - 2014-03-27 19:58 - 00001821 _____ () C:\Windows\setupact.log
2014-03-28 01:38 - 2010-09-13 05:56 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-28 01:35 - 2014-03-27 23:44 - 00000012 ____H () C:\dvmexp.idx
2014-03-28 01:35 - 2010-09-13 04:37 - 00000000 ____D () C:\users\Owner
2014-03-28 01:35 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-28 01:02 - 2014-03-28 01:43 - 00047758 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-03-28 00:21 - 2014-03-28 00:21 - 00001696 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_03282014_012103.txt
2014-03-28 00:18 - 2014-03-28 00:18 - 00002285 _____ () C:\Users\Owner\Desktop\RKreport[0]_D_03282014_011827.txt
2014-03-28 00:17 - 2014-03-28 00:17 - 00002208 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_03282014_011724.txt
2014-03-28 00:00 - 2014-03-28 00:00 - 00000000 ____D () C:\Users\Owner\AppData\Local\SearchProtect
2014-03-27 23:57 - 2014-03-27 23:57 - 00001593 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_03282014_005730.txt
2014-03-27 23:55 - 2014-03-27 23:55 - 00002876 _____ () C:\Users\Owner\Desktop\RKreport[0]_D_03282014_005544.txt
2014-03-27 23:55 - 2014-03-27 23:55 - 00002784 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_03282014_005509.txt
2014-03-27 23:49 - 2010-09-13 11:47 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1808490395-2128479097-1392372626-1000UA.job
2014-03-27 23:44 - 2014-03-27 23:44 - 00000000 ___HD () C:\dvmexp
2014-03-27 23:41 - 2014-03-27 23:35 - 00000000 ____D () C:\AdwCleaner
2014-03-27 23:34 - 2014-03-27 23:34 - 04134240 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Desktop\tdsskiller.exe
2014-03-27 23:34 - 2014-03-27 23:34 - 03972608 _____ () C:\Users\Owner\Desktop\RogueKiller.exe
2014-03-27 23:33 - 2014-03-27 23:33 - 00930952 _____ (CNET Download.com) C:\Users\Owner\Desktop\cbsidlm-cbsi183-AdwCleaner-SEO-75851221.exe
2014-03-27 23:29 - 2013-03-12 10:48 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-27 23:24 - 2014-03-27 23:10 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-27 23:10 - 2014-03-27 23:10 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Malwarebytes
2014-03-27 23:10 - 2014-03-27 23:10 - 00000000 ____D () C:\Program Files\HitmanPro
2014-03-27 23:09 - 2014-03-27 23:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-27 23:09 - 2014-03-27 15:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 23:06 - 2009-07-13 20:45 - 00028384 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-27 23:06 - 2009-07-13 20:45 - 00028384 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-27 22:13 - 2014-03-27 22:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\48230029.sys
2014-03-27 21:45 - 2009-07-13 21:08 - 00032582 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-27 21:02 - 2014-03-27 21:01 - 26437344 _____ (Microsoft Corporation) C:\Users\Owner\Desktop\Windows-KB890830-x64-V5.10.exe
2014-03-27 20:31 - 2014-03-27 20:31 - 00000450 __RSH () C:\ProgramData\ntuser.pol
2014-03-27 20:30 - 2009-07-13 19:20 - 00000000 ___HD () C:\Windows\System32\GroupPolicy
2014-03-27 20:09 - 2014-03-27 20:09 - 00003955 _____ () C:\Windows\IE11_main.log
2014-03-27 20:08 - 2010-08-19 15:40 - 00000000 ____D () C:\Intel
2014-03-27 19:58 - 2014-03-27 19:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-27 19:47 - 2014-03-27 15:56 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-27 19:34 - 2014-03-27 19:34 - 00081496 _____ () C:\Users\Owner\Downloads\REPAIR.reg
2014-03-27 18:45 - 2010-09-15 23:31 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-27 18:45 - 2010-09-15 23:31 - 00000000 ____D () C:\ProgramData\Skype
2014-03-27 18:44 - 2010-04-21 11:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-27 18:30 - 2014-03-27 01:27 - 00000000 ____D () C:\Windows\pss
2014-03-27 17:10 - 2009-09-06 17:57 - 00000000 ____D () C:\Windows\Panther
2014-03-27 16:42 - 2013-04-28 19:13 - 00000000 _____ () C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-27 16:42 - 2010-09-24 01:41 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-27 16:39 - 2010-09-13 04:50 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\HpUpdate
2014-03-27 16:38 - 2010-04-21 13:35 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-03-27 16:36 - 2010-08-19 15:40 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-03-27 16:11 - 2010-12-25 18:11 - 00000000 ____D () C:\Program Files (x86)\Logitech
2014-03-27 16:11 - 2010-12-25 18:05 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-03-27 16:09 - 2014-03-27 15:56 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-27 16:05 - 2014-03-27 16:04 - 00000085 _____ () C:\Windows\wininit.ini
2014-03-27 15:57 - 2014-03-27 15:57 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-03-27 15:26 - 2014-03-27 15:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-27 11:49 - 2011-10-06 15:52 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\vlc
2014-03-27 11:42 - 2010-08-19 15:43 - 00000000 ____D () C:\Windows\System32\SRSLabs
2014-03-27 11:42 - 2009-07-13 19:20 - 00000000 __RSD () C:\Windows\Media
2014-03-27 11:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\zh-HK
2014-03-27 11:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\tr-TR
2014-03-27 11:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\th-TH
2014-03-27 11:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sl-SI
2014-03-27 11:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sk-SK
2014-03-27 11:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\ro-RO
2014-03-27 11:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\lv-LV
2014-03-27 11:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\lt-LT
2014-03-27 11:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\hr-HR
2014-03-27 11:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\he-IL
2014-03-27 11:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\et-EE
2014-03-27 11:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\bg-BG
2014-03-27 11:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\ar-SA
2014-03-27 11:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-27 11:41 - 2014-03-26 14:10 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-03-27 11:41 - 2013-04-08 17:36 - 00000000 ____D () C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2014-03-27 11:41 - 2012-08-26 11:57 - 00000000 ____D () C:\Program Files\EpsonNet
2014-03-27 11:41 - 2011-07-18 15:47 - 00000000 ____D () C:\Program Files\Rainmeter
2014-03-27 11:41 - 2011-03-07 00:53 - 00000000 ____D () C:\Program Files\IDT
2014-03-27 11:41 - 2010-09-13 06:32 - 00000000 ____D () C:\Users\Owner\AppData\Local\Microsoft Help
2014-03-27 11:41 - 2010-04-21 10:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-27 11:41 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-27 11:40 - 2014-03-26 15:01 - 00000000 ____D () C:\Windows\System32\Tasks\Owner-PC
2014-03-27 11:36 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Help
2014-03-27 11:34 - 2012-08-26 11:54 - 00000000 ____D () C:\ProgramData\EPSON
2014-03-27 11:34 - 2010-12-25 18:11 - 00000000 ____D () C:\ProgramData\Logitech
2014-03-27 11:34 - 2010-12-18 01:59 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-03-27 11:34 - 2010-12-18 01:59 - 00000000 ____D () C:\ProgramData\Apple
2014-03-27 11:34 - 2009-09-06 16:40 - 00000000 ____D () C:\SwSetup
2014-03-27 11:33 - 2012-08-26 11:59 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-03-27 11:33 - 2010-08-19 15:40 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-27 05:08 - 2014-03-27 05:08 - 00003664 _____ () C:\bootsqm.dat
2014-03-27 03:07 - 2014-03-26 17:46 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-26 18:04 - 2014-03-26 17:27 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-26 18:04 - 2010-12-18 02:01 - 00000000 ____D () C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2014-03-26 18:04 - 2010-09-13 04:44 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\hpqlog
2014-03-26 17:58 - 2014-03-26 17:58 - 00000000 ____D () C:\Users\Owner\AppData\Local\TuneUp Software
2014-03-26 17:50 - 2014-03-26 17:50 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\TuneUp Software
2014-03-26 16:58 - 2014-03-26 16:58 - 00000017 _____ () C:\Users\Owner\AppData\Local\resmon.resmoncfg
2014-03-26 15:36 - 2014-03-26 15:36 - 00000000 ____D () C:\Program Files\Intel
2014-03-26 15:33 - 2014-03-26 15:33 - 00000000 ____D () C:\Users\Owner\Intel
2014-03-26 14:36 - 2014-03-26 14:36 - 00000000 ____D () C:\Program Files\ATI
2014-03-26 14:35 - 2014-03-26 14:35 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-26 14:11 - 2014-03-26 14:11 - 00000000 ____D () C:\Users\Owner\AppData\Local\SlimWare Utilities Inc
2014-03-26 13:48 - 2014-03-26 13:48 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\SystemRequirementsLab
2014-03-26 13:48 - 2014-03-26 13:48 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-03-26 13:41 - 2014-03-26 13:41 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-26 13:40 - 2014-03-26 13:40 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-26 13:40 - 2014-03-26 13:40 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-26 13:40 - 2012-06-28 19:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-26 13:40 - 2012-06-28 19:20 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-26 12:57 - 2010-04-21 12:39 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-03-26 12:30 - 2010-04-21 12:39 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-26 12:23 - 2010-12-17 14:45 - 00000000 ____D () C:\Windows\System32\appmgmt
2014-03-26 11:57 - 2009-07-13 20:45 - 02326040 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-03-26 10:49 - 2010-09-13 11:47 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1808490395-2128479097-1392372626-1000Core.job
2014-03-26 10:45 - 2013-08-17 05:32 - 00000000 ____D () C:\Windows\System32\MRT
2014-03-26 10:44 - 2010-09-13 11:47 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1808490395-2128479097-1392372626-1000UA
2014-03-26 10:44 - 2010-09-13 11:47 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1808490395-2128479097-1392372626-1000Core
2014-03-26 10:30 - 2013-03-15 22:21 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-26 10:30 - 2013-03-15 22:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-26 01:55 - 2014-03-26 01:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-26 01:55 - 2014-03-26 01:55 - 00000000 ____D () C:\Program Files\iTunes
2014-03-26 01:55 - 2014-03-26 01:55 - 00000000 ____D () C:\Program Files\iPod
2014-03-26 01:55 - 2014-03-26 01:55 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-26 01:49 - 2013-03-12 10:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-26 01:49 - 2013-03-12 10:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-26 01:49 - 2013-03-12 10:48 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-26 01:20 - 2014-03-26 01:20 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-25 23:52 - 2014-03-25 23:52 - 00083664 _____ () C:\Users\Owner\Downloads\cc_20140326_005252.reg
2014-03-25 23:50 - 2011-03-07 21:14 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-25 23:46 - 2010-11-27 19:20 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\DAEMON Tools Lite
2014-03-25 23:46 - 2010-11-27 19:04 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\BitTorrent
2014-03-25 23:36 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\System32\FxsTmp
2014-03-05 08:26 - 2014-03-27 15:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-03-05 08:26 - 2014-03-27 15:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2014-03-02 13:05 - 2010-09-13 04:49 - 90015360 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe

Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\BackupSetup.exe
C:\Users\Owner\AppData\Local\Temp\nsf21CE.exe
C:\Users\Owner\AppData\Local\Temp\nsf3B67.exe
C:\Users\Owner\AppData\Local\Temp\nskB4D4.exe
C:\Users\Owner\AppData\Local\Temp\nsu16E4.exe
C:\Users\Owner\AppData\Local\Temp\nsuA538.exe
C:\Users\Owner\AppData\Local\Temp\nszACA8.exe
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe
C:\Users\Owner\AppData\Local\Temp\SPSetup.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2014-03-26 23:07:38
Restore point made on: 2014-03-27 11:00:05
Restore point made on: 2014-03-27 11:29:17
Restore point made on: 2014-03-27 15:10:59
Restore point made on: 2014-03-27 16:37:34
Restore point made on: 2014-03-27 16:39:01
Restore point made on: 2014-03-27 18:37:55
Restore point made on: 2014-03-27 19:36:25
Restore point made on: 2014-03-27 19:54:39
Restore point made on: 2014-03-27 20:04:31
Restore point made on: 2014-03-27 21:03:13
Restore point made on: 2014-03-27 23:42:28
Restore point made on: 2014-03-27 23:51:13

==================== Memory info ===========================

Percentage of memory in use: 19%
Total physical RAM: 3893.86 MB
Available physical RAM: 3122.99 MB
Total Pagefile: 3892.01 MB
Available Pagefile: 3113.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:447.04 GB) (Free:289.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (RECOVERY) (Fixed) (Total:18.43 GB) (Free:2.64 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive h: () (Removable) (Total:3.74 GB) (Free:3.73 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: D702A12F)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.


LastRegBack: 2013-11-26 05:47

==================== End Of Log ============================

 

------------------------------------------------------------------------------------------------------------------

 

Thank you so much! Hoping to hear from you. 


Edited by restricted, 29 March 2014 - 02:15 AM.


BC AdBot (Login to Remove)

 


#2 restricted

restricted
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Los Angeles, CA
  • Local time:08:36 PM

Posted 28 March 2014 - 01:02 PM

Sorry about my failure to post my DDS logs - had some booting troubles and decided to sleep on it.  Also enabled WIndows Defender firewall as suggested. **3/28/2014 11:16PM (following DDS scan) Used Defogger as suggested. Here are my logs as requested:

 

-------------------------------------------------------------------------------------------------------------------

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16843  BrowserJavaVersion: 10.51.2
Run by Owner at 10:52:12 on 2014-03-28
Microsoft Windows 7 Ultimate   6.1.7601.1.932.81.1033.18.3894.1579 [GMT -7:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\EscSvc64.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Windows\system32\wuauclt.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: MRI_DISABLED - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
mRun: [VitaKeyTSR] C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{587F8A79-F774-43FE-8E26-F91455149F82} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{587F8A79-F774-43FE-8E26-F91455149F82}\5535340275962756C6563737 : DHCPNameServer = 128.125.253.194 208.99.184.12 128.125.7.23
TCP: Interfaces\{587F8A79-F774-43FE-8E26-F91455149F82}\C696E6B6379737 : DHCPNameServer = 128.125.253.143 128.125.253.194 50.59.168.12
TCP: Interfaces\{587F8A79-F774-43FE-8E26-F91455149F82}\C696E6B6379737F5750535F533339323 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{587F8A79-F774-43FE-8E26-F91455149F82}\E4F4E24393 : DHCPNameServer = 128.125.253.143 128.125.253.194 208.99.184.12
TCP: Interfaces\{587F8A79-F774-43FE-8E26-F91455149F82}\E4F4E263 : DHCPNameServer = 128.125.253.143 128.125.253.194 208.99.184.12
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs=  C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll, C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  EgisPwdFilter EgisDSPwdFilter
x64-BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\ievkbd.dll
x64-BHO: EgisPBIE Class: {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\x64\EgisPBIE.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: klogon - C:\Windows\System32\klogon.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z9qm9o3d.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: browser.search.selectedEngine - XFINITY
FF - component: C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt\components\EgisPBFF.dll
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.11.1\nphdplg.dll
FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2011-08-21 13:44; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-7-28 52760]
R1 DVMIO;DeviceVM IO Service;C:\Windows\System32\drivers\dvmio.sys [2009-11-11 20056]
R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2010-6-9 11864]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2010-4-22 27736]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2014-3-26 89600]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [2010-7-1 352976]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-2-26 127984]
R2 DvmMDES;DeviceVM Meta Data Export Service;C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-3-31 338168]
R2 EgisTec Service;EgisTec Service;C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe [2010-2-4 689008]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-6-9 555392]
R2 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2012-8-26 135824]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-12-16 102968]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-3-6 49464]
R2 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-1-18 20480]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-19 13336]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-3-27 3921880]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-3-27 1042272]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-3-27 171416]
R2 UCManSvc;UCManSvc;C:\Program Files (x86)\SoftDenchi\UCManSvc.exe [2012-11-1 186512]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-3-31 428640]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-19 2320920]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-2-23 2192176]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-9-24 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-9-24 271872]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-11-2 22544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-3-28 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-3-28 701512]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2011-2-20 51712]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-3-31 341856]
S3 LVUVC64;Logitech Webcam 250(UVC);C:\Windows\System32\drivers\LVUVC64.sys [2010-11-9 4184672]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-3-27 25928]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 rcmirror;rcmirror;C:\Windows\System32\drivers\rcmirror.sys [2010-1-18 4608]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-3-26 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-1-23 349800]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-26 56832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-13 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2014-03-28 10:50:26 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE475460-4FBA-4A4B-AA0C-04BC04790892}\mpengine.dll
2014-03-28 10:34:29 10285968 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{499E600A-22ED-4602-90BB-92AD744ACCC6}\mpengine.dll
2014-03-28 10:01:07 -------- d-----w- C:\FRST
2014-03-28 08:00:04 -------- d-----w- C:\Users\Owner\AppData\Local\SearchProtect
2014-03-28 07:44:41 -------- d--h--w- C:\dvmexp
2014-03-28 07:35:28 -------- d-----w- C:\AdwCleaner
2014-03-28 07:10:57 -------- d-----w- C:\Program Files\HitmanPro
2014-03-28 07:10:13 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes
2014-03-28 07:10:00 -------- d-----w- C:\ProgramData\HitmanPro
2014-03-28 07:09:46 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-28 07:01:55 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8FBE8CC9-4ADC-4BFB-B8C6-E6BF4AEBC916}\offreg.dll
2014-03-28 06:13:17 119512 ----a-w- C:\Windows\System32\drivers\48230029.sys
2014-03-28 05:06:20 -------- d-----w- C:\ProgramData\Sophos
2014-03-28 05:03:54 73728 ----a-r- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-03-28 05:03:54 73728 ----a-r- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-03-28 05:03:54 73728 ----a-r- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2014-03-28 05:03:28 -------- d-----w- C:\Program Files (x86)\Sophos
2014-03-28 02:49:26 -------- d-----w- C:\Windows\Migration
2014-03-28 00:38:14 6574592 ----a-w- C:\Windows\System32\mstscax.dll
2014-03-28 00:38:14 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-03-28 00:09:36 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2014-03-27 23:56:40 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-03-27 23:56:35 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-27 23:26:21 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-03-27 23:26:21 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-03-27 23:26:21 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-03-27 23:26:20 -------- d-----w- C:\ProgramData\Malwarebytes
2014-03-27 23:26:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-27 09:27:12 -------- d-----w- C:\Windows\pss
2014-03-27 01:58:09 -------- d-----w- C:\Users\Owner\AppData\Local\TuneUp Software
2014-03-27 01:50:42 -------- d-----w- C:\Users\Owner\AppData\Roaming\TuneUp Software
2014-03-27 01:46:28 -------- d-----w- C:\ProgramData\TuneUp Software
2014-03-27 01:27:29 -------- d-sh--w- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-26 23:33:41 -------- d-----w- C:\Users\Owner\Intel
2014-03-26 23:06:20 1499136 ----a-w- C:\Windows\System32\stapo64.dll
2014-03-26 22:36:18 -------- d-----w- C:\Program Files\ATI
2014-03-26 22:35:59 -------- d-----w- C:\Program Files\ATI Technologies
2014-03-26 22:11:06 -------- d-----w- C:\Users\Owner\AppData\Local\SlimWare Utilities Inc
2014-03-26 21:48:05 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2014-03-26 21:41:13 -------- d-----w- C:\ProgramData\Oracle
2014-03-26 21:40:43 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-26 20:31:40 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-03-26 20:31:40 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-03-26 20:31:39 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-03-26 20:31:38 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-03-26 19:10:26 15360 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-03-26 19:10:21 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2014-03-26 19:10:12 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2014-03-26 19:10:11 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2014-03-26 19:10:10 3174912 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-03-26 19:10:10 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2014-03-26 19:05:09 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8FBE8CC9-4ADC-4BFB-B8C6-E6BF4AEBC916}\mpengine.dll
2014-03-26 19:03:10 600064 ----a-w- C:\Windows\System32\vbscript.dll
2014-03-26 19:03:10 523776 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-03-26 18:35:59 148992 ----a-w- C:\Program Files\Internet Explorer\jsdebuggeride.dll
2014-03-26 09:55:06 -------- d-----w- C:\Program Files\iPod
2014-03-26 09:55:05 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-26 09:55:05 -------- d-----w- C:\Program Files\iTunes
2014-03-26 09:55:05 -------- d-----w- C:\Program Files (x86)\iTunes
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2014-03-26 09:20:59 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2014-03-26 08:06:07 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-03-26 08:06:07 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-03-26 08:06:07 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-03-26 08:06:07 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-03-26 08:03:26 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-03-26 08:03:26 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-03-26 08:01:30 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2014-03-26 08:01:30 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2014-03-26 08:00:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-03-26 08:00:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-03-26 07:59:14 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-03-26 07:59:14 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-03-26 07:59:14 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-03-26 07:59:14 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-03-26 07:59:13 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-03-26 07:59:13 366592 ----a-w- C:\Windows\System32\qdvd.dll
2014-03-26 07:58:21 484864 ----a-w- C:\Windows\System32\wer.dll
2014-03-26 07:58:21 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-03-26 07:58:21 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-03-26 07:58:20 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-03-26 07:58:20 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2014-03-26 07:58:20 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-03-26 07:58:20 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-03-26 07:58:20 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-03-26 07:58:20 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-03-26 07:58:20 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-03-26 07:58:20 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-03-26 07:58:20 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2014-03-26 07:57:55 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-03-26 07:56:43 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-03-26 07:56:31 335360 ----a-w- C:\Windows\System32\msieftp.dll
2014-03-26 07:56:31 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2014-03-26 07:56:31 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2014-03-26 07:56:31 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2014-03-26 07:54:49 202752 ----a-w- C:\Windows\System32\scrrun.dll
2014-03-26 07:54:49 168960 ----a-w- C:\Windows\System32\wscript.exe
2014-03-26 07:54:49 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2014-03-26 07:54:49 156160 ----a-w- C:\Windows\System32\cscript.exe
2014-03-26 07:54:49 150016 ----a-w- C:\Windows\System32\wshom.ocx
2014-03-26 07:54:49 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2014-03-26 07:54:49 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2014-03-26 07:54:49 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2014-03-26 07:54:48 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-03-26 07:54:48 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-26 07:54:44 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-26 07:54:44 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
.
==================== Find3M  ====================
.
2014-03-26 09:49:36 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-26 09:49:36 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-23 08:13:41 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-23 08:11:59 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-23 08:11:52 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-23 08:11:52 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-23 06:54:46 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-23 06:53:22 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-23 06:53:18 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-23 06:53:18 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-23 06:35:36 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-23 06:31:25 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-23 05:39:39 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-02-23 05:35:24 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-01-17 23:24:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2014-01-17 23:24:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
.
============= FINISH: 10:53:24.37 ===============

Attached Files


Edited by restricted, 29 March 2014 - 02:15 AM.


#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:36 PM

Posted 02 April 2014 - 06:05 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/529091 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 restricted

restricted
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Los Angeles, CA
  • Local time:08:36 PM

Posted 02 April 2014 - 01:38 PM

Hello! Yes, I still need help. I have confirmed that I still need assistance through the link provided.  :)

 

Problems are the same as described in the original post.

 

Here is my updated DDS log (generated while running Windows normally, with antivirus/anti-malware and internet disabled as instructed):

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16843  BrowserJavaVersion: 10.51.2
Run by Owner at 11:32:39 on 2014-04-02
Microsoft Windows 7 Ultimate   6.1.7601.1.932.81.1033.18.3894.1765 [GMT -7:00]
.
AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\EscSvc64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Windows\system32\taskeng.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: MRI_DISABLED - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
uRun: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
mRun: [VitaKeyTSR] C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
TCP: NameServer = 68.105.28.12 68.105.29.12 68.105.28.11 192.168.1.1
TCP: Interfaces\{587F8A79-F774-43FE-8E26-F91455149F82} : DHCPNameServer = 68.105.28.12 68.105.29.12 68.105.28.11 192.168.1.1
TCP: Interfaces\{587F8A79-F774-43FE-8E26-F91455149F82}\5535340275962756C6563737 : DHCPNameServer = 128.125.253.194 208.99.184.12 128.125.7.23
TCP: Interfaces\{587F8A79-F774-43FE-8E26-F91455149F82}\C696E6B6379737 : DHCPNameServer = 128.125.253.143 128.125.253.194 50.59.168.12
TCP: Interfaces\{587F8A79-F774-43FE-8E26-F91455149F82}\C696E6B6379737F5750535F533339323 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{587F8A79-F774-43FE-8E26-F91455149F82}\E4F4E24393 : DHCPNameServer = 128.125.253.143 128.125.253.194 208.99.184.12
TCP: Interfaces\{587F8A79-F774-43FE-8E26-F91455149F82}\E4F4E263 : DHCPNameServer = 128.125.253.143 128.125.253.194 208.99.184.12
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs=  C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll, C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  EgisPwdFilter EgisDSPwdFilter
x64-BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\ievkbd.dll
x64-BHO: EgisPBIE Class: {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\x64\EgisPBIE.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: klogon - C:\Windows\System32\klogon.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z9qm9o3d.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: browser.search.selectedEngine - XFINITY
FF - component: C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt\components\EgisPBFF.dll
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.11.1\nphdplg.dll
FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2011-08-21 13:44; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-7-28 52760]
R1 DVMIO;DeviceVM IO Service;C:\Windows\System32\drivers\dvmio.sys [2009-11-11 20056]
R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2010-6-9 11864]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2010-4-22 27736]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2014-3-26 89600]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-2-26 127984]
R2 DvmMDES;DeviceVM Meta Data Export Service;C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-3-31 338168]
R2 EgisTec Service;EgisTec Service;C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe [2010-2-4 689008]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-6-9 555392]
R2 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2012-8-26 135824]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-12-16 102968]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-3-6 49464]
R2 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-1-18 20480]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-19 13336]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-3-27 3921880]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-3-27 171416]
R2 UCManSvc;UCManSvc;C:\Program Files (x86)\SoftDenchi\UCManSvc.exe [2012-11-1 186512]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-3-31 428640]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-19 2320920]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-2-23 2192176]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-9-24 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-9-24 271872]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-11-2 22544]
S2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [2010-7-1 352976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-3-28 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-3-28 701512]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-3-27 1042272]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2011-2-20 51712]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-3-31 341856]
S3 LVUVC64;Logitech Webcam 250(UVC);C:\Windows\System32\drivers\LVUVC64.sys [2010-11-9 4184672]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-3-27 25928]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 rcmirror;rcmirror;C:\Windows\System32\drivers\rcmirror.sys [2010-1-18 4608]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-3-26 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-1-23 349800]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-26 56832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-13 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2014-04-02 18:29:03 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4104D4D-7559-4EDD-B2AE-4F27543B310E}\offreg.dll
2014-04-01 22:08:57 -------- d-----w- C:\Users\Owner\AppData\Roaming\にとろぷらすきらる
2014-04-01 19:30:37 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4104D4D-7559-4EDD-B2AE-4F27543B310E}\mpengine.dll
2014-03-28 21:52:56 -------- d-----w- C:\Program Files (x86)\ESET
2014-03-28 10:01:07 -------- d-----w- C:\FRST
2014-03-28 08:00:04 -------- d-----w- C:\Users\Owner\AppData\Local\SearchProtect
2014-03-28 07:44:41 -------- d--h--w- C:\dvmexp
2014-03-28 07:35:28 -------- d-----w- C:\AdwCleaner
2014-03-28 07:10:57 -------- d-----w- C:\Program Files\HitmanPro
2014-03-28 07:10:13 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes
2014-03-28 07:10:00 -------- d-----w- C:\ProgramData\HitmanPro
2014-03-28 07:09:46 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-28 06:13:17 119512 ----a-w- C:\Windows\System32\drivers\48230029.sys
2014-03-28 05:06:20 -------- d-----w- C:\ProgramData\Sophos
2014-03-28 05:03:54 73728 ----a-r- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-03-28 05:03:54 73728 ----a-r- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-03-28 05:03:54 73728 ----a-r- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2014-03-28 05:03:28 -------- d-----w- C:\Program Files (x86)\Sophos
2014-03-28 02:49:26 -------- d-----w- C:\Windows\Migration
2014-03-28 00:38:14 6574592 ----a-w- C:\Windows\System32\mstscax.dll
2014-03-28 00:38:14 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-03-28 00:09:36 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2014-03-27 23:56:40 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-03-27 23:56:35 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-27 23:26:21 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-03-27 23:26:21 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-03-27 23:26:21 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-03-27 23:26:20 -------- d-----w- C:\ProgramData\Malwarebytes
2014-03-27 23:26:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-27 09:27:12 -------- d-----w- C:\Windows\pss
2014-03-27 01:58:09 -------- d-----w- C:\Users\Owner\AppData\Local\TuneUp Software
2014-03-27 01:50:42 -------- d-----w- C:\Users\Owner\AppData\Roaming\TuneUp Software
2014-03-27 01:46:28 -------- d-----w- C:\ProgramData\TuneUp Software
2014-03-27 01:27:29 -------- d-sh--w- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-26 23:33:41 -------- d-----w- C:\Users\Owner\Intel
2014-03-26 23:06:20 1499136 ----a-w- C:\Windows\System32\stapo64.dll
2014-03-26 22:36:18 -------- d-----w- C:\Program Files\ATI
2014-03-26 22:35:59 -------- d-----w- C:\Program Files\ATI Technologies
2014-03-26 22:11:06 -------- d-----w- C:\Users\Owner\AppData\Local\SlimWare Utilities Inc
2014-03-26 21:48:05 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2014-03-26 21:41:13 -------- d-----w- C:\ProgramData\Oracle
2014-03-26 21:40:43 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-26 20:31:40 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-03-26 20:31:40 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-03-26 20:31:39 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-03-26 20:31:38 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-03-26 19:10:26 15360 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-03-26 19:10:21 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2014-03-26 19:10:12 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2014-03-26 19:10:11 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2014-03-26 19:10:10 3174912 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-03-26 19:10:10 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2014-03-26 19:03:10 600064 ----a-w- C:\Windows\System32\vbscript.dll
2014-03-26 19:03:10 523776 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-03-26 18:35:59 148992 ----a-w- C:\Program Files\Internet Explorer\jsdebuggeride.dll
2014-03-26 09:55:06 -------- d-----w- C:\Program Files\iPod
2014-03-26 09:55:05 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-26 09:55:05 -------- d-----w- C:\Program Files\iTunes
2014-03-26 09:55:05 -------- d-----w- C:\Program Files (x86)\iTunes
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2014-03-26 09:21:00 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2014-03-26 09:20:59 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2014-03-26 08:06:07 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-03-26 08:06:07 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-03-26 08:06:07 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-03-26 08:06:07 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-03-26 08:03:26 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-03-26 08:03:26 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-03-26 08:01:30 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2014-03-26 08:01:30 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2014-03-26 08:00:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-03-26 08:00:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-03-26 07:59:14 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-03-26 07:59:14 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-03-26 07:59:14 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-03-26 07:59:14 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-03-26 07:59:13 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-03-26 07:59:13 366592 ----a-w- C:\Windows\System32\qdvd.dll
2014-03-26 07:58:21 484864 ----a-w- C:\Windows\System32\wer.dll
2014-03-26 07:58:21 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-03-26 07:58:21 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-03-26 07:58:20 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-03-26 07:58:20 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2014-03-26 07:58:20 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-03-26 07:58:20 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-03-26 07:58:20 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-03-26 07:58:20 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-03-26 07:58:20 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-03-26 07:58:20 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-03-26 07:58:20 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2014-03-26 07:57:55 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-03-26 07:56:43 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-03-26 07:56:31 335360 ----a-w- C:\Windows\System32\msieftp.dll
2014-03-26 07:56:31 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2014-03-26 07:56:31 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2014-03-26 07:56:31 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2014-03-26 07:54:49 202752 ----a-w- C:\Windows\System32\scrrun.dll
2014-03-26 07:54:49 168960 ----a-w- C:\Windows\System32\wscript.exe
2014-03-26 07:54:49 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2014-03-26 07:54:49 156160 ----a-w- C:\Windows\System32\cscript.exe
2014-03-26 07:54:49 150016 ----a-w- C:\Windows\System32\wshom.ocx
2014-03-26 07:54:49 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2014-03-26 07:54:49 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2014-03-26 07:54:49 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2014-03-26 07:54:48 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-03-26 07:54:48 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-26 07:54:44 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-26 07:54:44 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
.
==================== Find3M  ====================
.
2014-03-26 09:49:36 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-26 09:49:36 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-23 08:13:41 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-23 08:11:59 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-23 08:11:52 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-23 08:11:52 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-23 06:54:46 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-23 06:53:22 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-23 06:53:18 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-23 06:53:18 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-23 06:35:36 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-23 06:31:25 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-23 05:39:39 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-02-23 05:35:24 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-01-17 23:24:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2014-01-17 23:24:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
.
============= FINISH: 11:32:53.65 ===============
 

Attached Files



#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:36 PM

Posted 03 April 2014 - 08:17 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

--RogueKiller--
  • Download & SAVE to your Desktop For 32bit system or For 64bit system
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
=======

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: Turorial
Link 1
Link 2

IMPORTANT !!! Save ComboFix.exe to your Desktop

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe and follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note: Do not mouse click ComboFix's window while it's running. That may cause it to stall

Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Please paste the logs in your next reply DO NOT ATTACH THEM.
Let me know what problem persists.

#6 restricted

restricted
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Los Angeles, CA
  • Local time:08:36 PM

Posted 03 April 2014 - 02:40 PM

Hello, nasdaq! :hello: Thanks so much for taking the time to help me out - I really appreciate it. Here's how things turned out so far. After these steps, my white screen seems to have gone away for the time being! Loadup is still a bit slow:

 

1) RogueKiller - During the main scan, Windows notified me that "RogueKillerX64.exe has stopped working." I was forced to close the program. I attempted the scan a few more times but the same result occured. Please note that I have a USB keyboard that I was unable to disconnect because I require it for use.

 

2) Combofix - I chose to uninstall Spybot S&D prior to the full scan because Combofix warned me that it was still running even though I disabled it. HP SimplePass Identity Protection stopped working during the scan (I don't really know what that is but I tried to disable it too). Combofix restarted my computer and produced this log report:

 

ComboFix 14-04-03.01 - Owner 3/2014 Thu  12:08:10.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.932.81.1033.18.3894.1791 [GMT -7:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\HP ソリューション センター .lnk
.
.
(((((((((((((((((((((((((   Files Created from 2014-03-03 to 2014-04-03  )))))))))))))))))))))))))))))))
.
.
2014-04-03 19:19 . 2014-04-03 19:19 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A4104D4D-7559-4EDD-B2AE-4F27543B310E}\offreg.dll
2014-04-02 18:34 . 2014-04-02 18:34 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-01 22:08 . 2014-04-01 22:08 -------- d-----w- c:\users\Owner\AppData\Roaming\にとろぷらすきらる
2014-04-01 19:30 . 2014-03-17 17:16 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A4104D4D-7559-4EDD-B2AE-4F27543B310E}\mpengine.dll
2014-03-28 21:52 . 2014-03-28 21:52 -------- d-----w- c:\program files (x86)\ESET
2014-03-28 10:01 . 2014-03-28 10:49 -------- d-----w- C:\FRST
2014-03-28 08:00 . 2014-03-28 08:00 -------- d-----w- c:\users\Owner\AppData\Local\SearchProtect
2014-03-28 07:44 . 2014-03-28 07:44 -------- d-----w- C:\dvmexp
2014-03-28 07:35 . 2014-03-28 07:41 -------- d-----w- C:\AdwCleaner
2014-03-28 07:10 . 2014-03-28 07:10 -------- d-----w- c:\program files\HitmanPro
2014-03-28 07:10 . 2014-03-28 07:10 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2014-03-28 07:10 . 2014-03-28 07:24 -------- d-----w- c:\programdata\HitmanPro
2014-03-28 07:09 . 2014-03-28 07:09 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-03-28 06:13 . 2014-03-28 06:13 119512 ----a-w- c:\windows\system32\drivers\48230029.sys
2014-03-28 05:06 . 2014-03-28 11:10 -------- d-----w- c:\programdata\Sophos
2014-03-28 05:03 . 2014-03-28 05:03 73728 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-03-28 05:03 . 2014-03-28 05:03 73728 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-03-28 05:03 . 2014-03-28 05:03 73728 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2014-03-28 05:03 . 2014-03-28 11:10 -------- d-----w- c:\program files (x86)\Sophos
2014-03-28 02:49 . 2014-03-28 02:49 -------- d-----w- c:\windows\Migration
2014-03-28 00:38 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-03-28 00:38 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-03-27 23:56 . 2014-03-28 03:47 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2014-03-27 23:56 . 2014-04-03 19:02 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2014-03-27 23:26 . 2014-03-05 16:26 63192 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-03-27 23:26 . 2014-03-05 16:26 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-03-27 23:26 . 2013-04-04 21:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-27 23:26 . 2014-03-28 07:09 -------- d-----w- c:\programdata\Malwarebytes
2014-03-27 23:26 . 2014-03-27 23:26 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-03-27 01:58 . 2014-03-27 01:58 -------- d-----w- c:\users\Owner\AppData\Local\TuneUp Software
2014-03-27 01:50 . 2014-03-27 01:50 -------- d-----w- c:\users\Owner\AppData\Roaming\TuneUp Software
2014-03-27 01:46 . 2014-03-27 11:07 -------- d-----w- c:\programdata\TuneUp Software
2014-03-27 01:27 . 2014-03-27 02:04 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-26 23:36 . 2014-03-26 23:36 -------- d-----w- c:\program files\Intel
2014-03-26 23:33 . 2014-03-26 23:33 -------- d-----w- c:\users\Owner\Intel
2014-03-26 23:06 . 2011-03-07 08:52 1499136 ----a-w- c:\windows\system32\stapo64.dll
2014-03-26 22:36 . 2014-03-26 22:36 -------- d-----w- c:\users\Owner\AppData\Roaming\HPAppData
2014-03-26 22:36 . 2014-03-26 22:36 -------- d-----w- c:\program files\ATI
2014-03-26 22:35 . 2014-03-26 22:35 -------- d-----w- c:\program files\ATI Technologies
2014-03-26 22:11 . 2014-03-26 22:11 -------- d-----w- c:\users\Owner\AppData\Local\SlimWare Utilities Inc
2014-03-26 21:48 . 2014-03-26 21:48 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2014-03-26 21:48 . 2014-03-26 21:48 -------- d-----w- c:\users\Owner\AppData\Roaming\SystemRequirementsLab
2014-03-26 21:41 . 2014-03-26 21:41 -------- d-----w- c:\programdata\Oracle
2014-03-26 21:41 . 2014-03-26 21:41 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-03-26 21:40 . 2014-03-26 21:40 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-26 20:31 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-03-26 20:31 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-03-26 20:31 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-03-26 20:31 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-03-26 20:31 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-03-26 19:10 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-03-26 19:10 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2014-03-26 19:10 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2014-03-26 19:10 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll
2014-03-26 19:10 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2014-03-26 19:10 . 2012-08-23 09:51 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2014-03-26 19:03 . 2013-12-21 09:39 600064 ----a-w- c:\windows\system32\vbscript.dll
2014-03-26 19:03 . 2013-12-21 07:56 523776 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-03-26 18:35 . 2014-02-23 08:11 148992 ----a-w- c:\program files\Internet Explorer\jsdebuggeride.dll
2014-03-26 09:55 . 2014-03-26 09:55 -------- d-----w- c:\program files\iPod
2014-03-26 09:55 . 2014-03-26 09:55 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-26 09:55 . 2014-03-26 09:55 -------- d-----w- c:\program files\iTunes
2014-03-26 09:55 . 2014-03-26 09:55 -------- d-----w- c:\program files (x86)\iTunes
2014-03-26 09:21 . 2014-03-26 09:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2014-03-26 09:21 . 2014-03-26 09:20 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2014-03-26 09:21 . 2014-03-26 09:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2014-03-26 09:21 . 2014-03-26 09:20 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2014-03-26 09:21 . 2014-03-26 09:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2014-03-26 09:21 . 2014-03-26 09:20 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2014-03-26 09:21 . 2014-03-26 09:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2014-03-26 09:21 . 2014-03-26 09:20 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2014-03-26 09:21 . 2014-03-26 09:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2014-03-26 09:20 . 2014-03-26 09:20 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2014-03-26 09:20 . 2014-03-26 09:20 -------- d-----w- c:\program files (x86)\QuickTime
2014-03-26 08:06 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-03-26 08:06 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-03-26 08:06 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-03-26 08:06 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
2014-03-26 08:03 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-03-26 08:03 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-03-26 08:01 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-03-26 08:01 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-03-26 08:00 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2014-03-26 08:00 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-03-26 07:59 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-03-26 07:59 . 2013-12-06 02:30 1882112 ----a-w- c:\windows\system32\msxml3.dll
2014-03-26 07:59 . 2013-12-06 02:02 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2014-03-26 07:59 . 2013-12-06 02:02 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-03-26 07:59 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2014-03-26 07:59 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-03-26 07:58 . 2014-02-07 01:23 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-03-26 07:58 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll
2014-03-26 07:58 . 2014-01-29 02:06 381440 ----a-w- c:\windows\SysWow64\wer.dll
2014-03-26 07:58 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-03-26 07:58 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-03-26 07:58 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-03-26 07:58 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-03-26 07:58 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-03-26 07:58 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-03-26 07:58 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-03-26 07:58 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2014-03-26 07:58 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2014-03-26 07:57 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-03-26 07:56 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
2014-03-26 07:56 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2014-03-26 07:56 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-03-26 07:56 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2014-03-26 07:56 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2014-03-26 07:54 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2014-03-26 07:54 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2014-03-26 07:54 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2014-03-26 07:54 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2014-03-26 07:54 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2014-03-26 07:54 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2014-03-26 07:54 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2014-03-26 07:54 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
2014-03-26 07:54 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-26 07:54 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-03-26 07:54 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-26 07:54 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-26 09:49 . 2013-03-12 18:48 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-26 09:49 . 2013-03-12 18:48 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-02 21:05 . 2010-09-13 12:49 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-01-17 23:24 . 2014-01-17 23:24 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2014-01-17 23:24 . 2014-01-17 23:24 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" [2010-09-16 352976]
"VitaKeyTSR"="c:\program files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe" [2010-02-04 379248]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-04-27 284696]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-09 201512]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-09 401192]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2011-10-31 1058400]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-13 43848]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-7-17 102912]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~2\KASPER~1\KASPER~1\sbhook.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ    autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2013-05-08 21:20 41056 ----a-w- c:\program files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech Webcam 250(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys;c:\windows\SYSNATIVE\DRIVERS\rcmirror.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 DVMIO;DeviceVM IO Service;c:\windows\system32\DRIVERS\dvmio.sys;c:\windows\SYSNATIVE\DRIVERS\dvmio.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys;c:\windows\SYSNATIVE\DRIVERS\kl2.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [x]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\swsetup\QuickWeb\QW.SYS\config\DVMExportService.exe;c:\swsetup\QuickWeb\QW.SYS\config\DVMExportService.exe [x]
S2 EgisTec Service;EgisTec Service;c:\program files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe;c:\program files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe [x]
S2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 UCManSvc;UCManSvc;c:\program files (x86)\SoftDenchi\UCManSvc.exe;c:\program files (x86)\SoftDenchi\UCManSvc.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ    hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2014-04-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-12 09:49]
.
2014-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1808490395-2128479097-1392372626-1000Core.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-13 19:46]
.
2014-04-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1808490395-2128479097-1392372626-1000UA.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-13 19:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-03-07 525312]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-20 611896]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2009-12-16 8192]
"HP Quick Launch"="c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-01-18 451072]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-02-20 324096]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-29 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-29 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-29 415256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\x64\sbhook64.dll c:\progra~2\KASPER~1\KASPER~1\x64\kloehk.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11 192.168.1.1
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z9qm9o3d.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: browser.startup.homepage - hxxp://xfinity.comcast.net/?cid=insDate05292013|http://www.comcast.net/xfinity/?cid=insdate05292013&cid=ffpintab|http://xfinitytv.comcast.net/?cid=xfactiv_tv&cid=ffpintab|http://www.comcast.net/qry/goto?app=mail&cid=xfactiv_email&cid=ffpin
FF - prefs.js: browser.search.selectedEngine - XFINITY
FF - ExtSQL: !HIDDEN! 2011-08-21 13:44; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
MSConfigStartUp-NortonOnlineBackupReminder - c:\program files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
AddRemove-{E614A951-1AE0-4248-AB91-4F16C6E1830F} - c:\users\Owner\Documents\LOVEDELIVERY\大正メビウスライン\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1808490395-2128479097-1392372626-1000\Software\NitroplusCHiRAL\0・・v+sSb-*k0・・`0-* ]
"serial"="396306294113"
"execute"="c:\\Program Files (x86)\\NitroplusCHiRAL\\Lamento -BEYOND THE VOID- DVD\\キラル盛\\猫打-にゃんだ-\\猫打-にゃんだ-.exe"
.
[HKEY_USERS\S-1-5-21-1808490395-2128479097-1392372626-1000\Software\おh0・00・・0・0\0・・0^・柤0歡^ *-* *v*e*r*1*.*3*\Sound]
"BGM"="False,10"
"SE"="False,8"
"Voice"="False,77"
"SystemSE"="False,25"
"MusicRoom"="False,80"
"Movie"="False,60"
"Env"="False,24"
"Chara01"="False,80"
"Chara02"="False,79"
"Chara03"="False,80"
"Chara04"="False,80"
"Chara05"="False,80"
"Chara06"="False,80"
"Chara07"="False,80"
"Chara08"="False,80"
"Chara09"="False,80"
"Chara10"="False,80"
"Chara11"="False,80"
"Chara12"="False,80"
"Chara13"="False,80"
"Chara14"="False,80"
"Chara15"="False,80"
.
[HKEY_USERS\S-1-5-21-1808490395-2128479097-1392372626-1000\Software\おh0・00・・0・0\0・・0^・柤0歡^ *-* *v*e*r*1*.*3*\String]
"String00"=""
"String01"="?B"
"String02"=""
"String03"=""
"String04"=""
"String05"=""
"String06"=""
"String07"=""
"String08"=""
"String09"=""
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Completion time: 2014-04-03  12:32:12 - machine was rebooted
ComboFix-quarantined-files.txt  2014-04-03 19:32
.
Pre-Run: 309,918,212,096 bytes free
Post-Run: 309,389,733,888 bytes free
.
- - End Of File - - 4B13D32137152A1F4C32650FC9DA80FB



#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:36 PM

Posted 04 April 2014 - 07:06 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Boot to Safe Mode, Vista - Windows 7
http://www.computerhope.com/issues/chsafe.htm#03
Then run the RogueKiller tool. Post the log if you can.
===

Restart the computer normally.

Read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application.
    tdss1.png
  • Click Change parameters
    settings20121003115955.png
  • Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
    tdss3.png
  • Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  • During the scan it will look similar to the image below:
    tdss4.jpg
  • When it finishes, you will either see a report that no threats were found like below:
    tdss5.jpg
    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  • If any infection or suspected items are found, you will see a window similar to below:
    tdss7.jpg
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
    • Make sure that Cure is selected. Important! - If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed to do so.
  • Click Continue to apply selected actions.
  • A reboot may be required to complete disinfection. A window like the below will appear:
    tdss6.jpg
    Reboot immediately if TDSSKiller states that one is needed.
  • Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run.
  • Paste the log to your next reply, DO NOT ATTACH IT.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

#8 restricted

restricted
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Los Angeles, CA
  • Local time:08:36 PM

Posted 04 April 2014 - 04:52 PM

Hello again, nasdaq! Thanks again for your prompt reply. Hope you're having a good day. :P Here's my progress.

 

1) RogueKiller - I was able to boot into safe mode (still hung a bit at classpnp.sys) and start RogueKiller, but it crashed again with the same error. I noticed the part it crashed for in the status section of the program was the same as in normal mode. It said "Searching for SERVICE -> (CurrentControlSet) KL1."

 

**When I restarted my computer into normal mode, the blank white screen after login has returned.

 

2) TDSSKiller - No results found. Log is the first one below. (Broken into 2 parts due to post limit.)

 

3) aswMBR - Log is the second one below. Attached MBR.dat file as requested.

 

 

TDSSKiller

14:10:40.0128 0x1a70  TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43
14:10:45.0510 0x1a70  ============================================================
14:10:45.0510 0x1a70  Current date / time: 2014/04/04 14:10:45.0510
14:10:45.0510 0x1a70  SystemInfo:
14:10:45.0510 0x1a70  
14:10:45.0510 0x1a70  OS Version: 6.1.7601 ServicePack: 1.0
14:10:45.0510 0x1a70  Product type: Workstation
14:10:45.0510 0x1a70  ComputerName: GILLIAN
14:10:45.0510 0x1a70  UserName: Owner
14:10:45.0510 0x1a70  Windows directory: C:\Windows
14:10:45.0510 0x1a70  System windows directory: C:\Windows
14:10:45.0510 0x1a70  Running under WOW64
14:10:45.0510 0x1a70  Processor architecture: Intel x64
14:10:45.0510 0x1a70  Number of processors: 4
14:10:45.0510 0x1a70  Page size: 0x1000
14:10:45.0510 0x1a70  Boot type: Normal boot
14:10:45.0510 0x1a70  ============================================================
14:10:47.0974 0x1a70  KLMD registered as C:\Windows\system32\drivers\82850843.sys
14:10:48.0302 0x1a70  System UUID: {41437635-5DC7-D508-ED74-E5872224B4D1}
14:10:49.0316 0x1a70  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:10:49.0316 0x1a70  ============================================================
14:10:49.0316 0x1a70  \Device\Harddisk0\DR0:
14:10:49.0316 0x1a70  MBR partitions:
14:10:49.0316 0x1a70  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
14:10:49.0316 0x1a70  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37E12000
14:10:49.0316 0x1a70  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37E76000, BlocksNum 0x24DC000
14:10:49.0316 0x1a70  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
14:10:49.0316 0x1a70  ============================================================
14:10:49.0332 0x1a70  C: <-> \Device\Harddisk0\DR0\Partition2
14:10:49.0378 0x1a70  D: <-> \Device\Harddisk0\DR0\Partition3
14:10:49.0394 0x1a70  E: <-> \Device\Harddisk0\DR0\Partition4
14:10:49.0394 0x1a70  ============================================================
14:10:49.0394 0x1a70  Initialize success
14:10:49.0394 0x1a70  ============================================================
14:11:32.0435 0x1ae4  ============================================================
14:11:32.0435 0x1ae4  Scan started
14:11:32.0435 0x1ae4  Mode: Manual; SigCheck; TDLFS; 
14:11:32.0435 0x1ae4  ============================================================
14:11:32.0435 0x1ae4  KSN ping started
14:11:35.0352 0x1ae4  KSN ping finished: true
14:11:35.0773 0x1ae4  ================ Scan system memory ========================
14:11:35.0773 0x1ae4  System memory - ok
14:11:35.0773 0x1ae4  ================ Scan services =============================
14:11:36.0023 0x1ae4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:11:36.0194 0x1ae4  1394ohci - ok
14:11:36.0257 0x1ae4  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
14:11:36.0303 0x1ae4  Accelerometer - ok
14:11:36.0350 0x1ae4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:11:36.0381 0x1ae4  ACPI - ok
14:11:36.0397 0x1ae4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:11:36.0444 0x1ae4  AcpiPmi - ok
14:11:36.0553 0x1ae4  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:11:36.0600 0x1ae4  AdobeFlashPlayerUpdateSvc - ok
14:11:36.0631 0x1ae4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:11:36.0678 0x1ae4  adp94xx - ok
14:11:36.0709 0x1ae4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:11:36.0740 0x1ae4  adpahci - ok
14:11:36.0771 0x1ae4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:11:36.0803 0x1ae4  adpu320 - ok
14:11:36.0834 0x1ae4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:11:36.0990 0x1ae4  AeLookupSvc - ok
14:11:37.0115 0x1ae4  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
14:11:37.0193 0x1ae4  AESTFilters - ok
14:11:37.0239 0x1ae4  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
14:11:37.0317 0x1ae4  AFD - ok
14:11:37.0349 0x1ae4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:11:37.0380 0x1ae4  agp440 - ok
14:11:37.0395 0x1ae4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:11:37.0458 0x1ae4  ALG - ok
14:11:37.0489 0x1ae4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:11:37.0505 0x1ae4  aliide - ok
14:11:37.0520 0x1ae4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:11:37.0551 0x1ae4  amdide - ok
14:11:37.0598 0x1ae4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:11:37.0661 0x1ae4  AmdK8 - ok
14:11:37.0676 0x1ae4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:11:37.0739 0x1ae4  AmdPPM - ok
14:11:37.0770 0x1ae4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:11:37.0801 0x1ae4  amdsata - ok
14:11:37.0832 0x1ae4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:11:37.0863 0x1ae4  amdsbs - ok
14:11:37.0879 0x1ae4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:11:37.0895 0x1ae4  amdxata - ok
14:11:37.0926 0x1ae4  [ 2EBBB690068EE790C77EE4AE41ED777C, 83BFD12CE4B9ADC28ED4C70DD10762E27CFF8ED77C13A28D8F116B22F0E7F362 ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
14:11:37.0988 0x1ae4  AmUStor - ok
14:11:38.0004 0x1ae4  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
14:11:38.0082 0x1ae4  AppID - ok
14:11:38.0113 0x1ae4  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:11:38.0191 0x1ae4  AppIDSvc - ok
14:11:38.0207 0x1ae4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
14:11:38.0269 0x1ae4  Appinfo - ok
14:11:38.0394 0x1ae4  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:11:38.0409 0x1ae4  Apple Mobile Device - ok
14:11:38.0441 0x1ae4  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:11:38.0503 0x1ae4  AppMgmt - ok
14:11:38.0534 0x1ae4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:11:38.0550 0x1ae4  arc - ok
14:11:38.0581 0x1ae4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:11:38.0612 0x1ae4  arcsas - ok
14:11:38.0721 0x1ae4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:11:38.0784 0x1ae4  aspnet_state - ok
14:11:38.0799 0x1ae4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:11:38.0877 0x1ae4  AsyncMac - ok
14:11:38.0893 0x1ae4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:11:38.0924 0x1ae4  atapi - ok
14:11:39.0002 0x1ae4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:11:39.0096 0x1ae4  AudioEndpointBuilder - ok
14:11:39.0127 0x1ae4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:11:39.0189 0x1ae4  AudioSrv - ok
14:11:39.0267 0x1ae4  [ 946D70667B0119F2BEEAE0849E1D46A2, FC8EEC47319B51F8431FEBCB4F5CCE9F1B757D6B40D503B1F4352DE350D11C2F ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
14:11:39.0283 0x1ae4  AVP - ok
14:11:39.0330 0x1ae4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:11:39.0392 0x1ae4  AxInstSV - ok
14:11:39.0455 0x1ae4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
14:11:39.0517 0x1ae4  b06bdrv - ok
14:11:39.0533 0x1ae4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:11:39.0595 0x1ae4  b57nd60a - ok
14:11:39.0735 0x1ae4  [ 0E7A9264576B40638A3FBC804DE1FF76, D307179E6FA5D39E03175F37D297E4D0DA86CF0FC6EFA6CFCFAA0E8713489BC5 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
14:11:39.0829 0x1ae4  BCM43XX - ok
14:11:39.0845 0x1ae4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:11:39.0891 0x1ae4  BDESVC - ok
14:11:39.0923 0x1ae4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:11:40.0001 0x1ae4  Beep - ok
14:11:40.0047 0x1ae4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:11:40.0125 0x1ae4  BFE - ok
14:11:40.0188 0x1ae4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
14:11:40.0297 0x1ae4  BITS - ok
14:11:40.0375 0x1ae4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:11:40.0422 0x1ae4  blbdrive - ok
14:11:40.0484 0x1ae4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:11:40.0515 0x1ae4  Bonjour Service - ok
14:11:40.0562 0x1ae4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:11:40.0609 0x1ae4  bowser - ok
14:11:40.0640 0x1ae4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:11:40.0749 0x1ae4  BrFiltLo - ok
14:11:40.0765 0x1ae4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:11:40.0796 0x1ae4  BrFiltUp - ok
14:11:40.0827 0x1ae4  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
14:11:40.0921 0x1ae4  BridgeMP - ok
14:11:40.0952 0x1ae4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:11:41.0015 0x1ae4  Browser - ok
14:11:41.0030 0x1ae4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:11:41.0108 0x1ae4  Brserid - ok
14:11:41.0124 0x1ae4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:11:41.0171 0x1ae4  BrSerWdm - ok
14:11:41.0186 0x1ae4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:11:41.0233 0x1ae4  BrUsbMdm - ok
14:11:41.0249 0x1ae4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:11:41.0295 0x1ae4  BrUsbSer - ok
14:11:41.0311 0x1ae4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:11:41.0358 0x1ae4  BTHMODEM - ok
14:11:41.0405 0x1ae4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:11:41.0467 0x1ae4  bthserv - ok
14:11:41.0623 0x1ae4  catchme - ok
14:11:41.0670 0x1ae4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:11:41.0748 0x1ae4  cdfs - ok
14:11:41.0795 0x1ae4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:11:41.0841 0x1ae4  cdrom - ok
14:11:41.0888 0x1ae4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:11:41.0966 0x1ae4  CertPropSvc - ok
14:11:42.0013 0x1ae4  [ 2C24DB5F78F0ACA759803001E6B4F320, 4977EBCCD7026E941E8AD997967378D3080131929B8FE4DBA6F929CEC3AAC728 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
14:11:42.0029 0x1ae4  CinemaNow Service - ok
14:11:42.0044 0x1ae4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:11:42.0091 0x1ae4  circlass - ok
14:11:42.0138 0x1ae4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
14:11:42.0169 0x1ae4  CLFS - ok
14:11:42.0216 0x1ae4  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:11:42.0247 0x1ae4  clr_optimization_v2.0.50727_32 - ok
14:11:42.0294 0x1ae4  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:11:42.0325 0x1ae4  clr_optimization_v2.0.50727_64 - ok
14:11:42.0372 0x1ae4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:11:42.0465 0x1ae4  clr_optimization_v4.0.30319_32 - ok
14:11:42.0481 0x1ae4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:11:42.0528 0x1ae4  clr_optimization_v4.0.30319_64 - ok
14:11:42.0543 0x1ae4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:11:42.0575 0x1ae4  CmBatt - ok
14:11:42.0621 0x1ae4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:11:42.0653 0x1ae4  cmdide - ok
14:11:42.0715 0x1ae4  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
14:11:42.0762 0x1ae4  CNG - ok
14:11:42.0793 0x1ae4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:11:42.0809 0x1ae4  Compbatt - ok
14:11:42.0840 0x1ae4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:11:42.0887 0x1ae4  CompositeBus - ok
14:11:42.0902 0x1ae4  COMSysApp - ok
14:11:42.0933 0x1ae4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:11:42.0949 0x1ae4  crcdisk - ok
14:11:42.0996 0x1ae4  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:11:43.0074 0x1ae4  CryptSvc - ok
14:11:43.0136 0x1ae4  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
14:11:43.0214 0x1ae4  CSC - ok
14:11:43.0261 0x1ae4  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
14:11:43.0370 0x1ae4  CscService - ok
14:11:43.0417 0x1ae4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:11:43.0479 0x1ae4  DcomLaunch - ok
14:11:43.0511 0x1ae4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:11:43.0589 0x1ae4  defragsvc - ok
14:11:43.0620 0x1ae4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:11:43.0698 0x1ae4  DfsC - ok
14:11:43.0729 0x1ae4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:11:43.0791 0x1ae4  Dhcp - ok
14:11:43.0823 0x1ae4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:11:43.0885 0x1ae4  discache - ok
14:11:43.0916 0x1ae4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:11:43.0947 0x1ae4  Disk - ok
14:11:43.0994 0x1ae4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:11:44.0041 0x1ae4  Dnscache - ok
14:11:44.0088 0x1ae4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:11:44.0166 0x1ae4  dot3svc - ok
14:11:44.0197 0x1ae4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:11:44.0275 0x1ae4  DPS - ok
14:11:44.0306 0x1ae4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:11:44.0369 0x1ae4  drmkaud - ok
14:11:44.0384 0x1ae4  [ A298AEA9FCA253E7EFF040A08C7C6376, 3A0B0C375D5C029ACF4BAF7881094D447E20E76C83049DBAD0F5FDB7802A7CDC ] DVMIO           C:\Windows\system32\DRIVERS\dvmio.sys
14:11:44.0415 0x1ae4  DVMIO - ok
14:11:44.0525 0x1ae4  [ B66B5B27C8C9881F90435A1F7FE370C3, DC257C7C971C3A268ED2982B14CDB5E1F61733E535C7BC24A1DFEB517246301F ] DvmMDES         C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
14:11:44.0556 0x1ae4  DvmMDES - ok
14:11:44.0634 0x1ae4  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:11:44.0681 0x1ae4  DXGKrnl - ok
14:11:44.0696 0x1ae4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:11:44.0774 0x1ae4  EapHost - ok
14:11:44.0899 0x1ae4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
14:11:45.0055 0x1ae4  ebdrv - ok
14:11:45.0086 0x1ae4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
14:11:45.0133 0x1ae4  EFS - ok
14:11:45.0227 0x1ae4  [ B15B00955C4A4413B1CB3F056D65148D, 8A010B2DB14AC33636AF1310D5E8FF99A6B883967C168ECC6A3FA9B752B6E192 ] EgisTec Service C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
14:11:45.0273 0x1ae4  EgisTec Service - ok
14:11:45.0320 0x1ae4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:11:45.0383 0x1ae4  ehRecvr - ok
14:11:45.0414 0x1ae4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:11:45.0507 0x1ae4  ehSched - ok
14:11:45.0539 0x1ae4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:11:45.0570 0x1ae4  elxstor - ok
14:11:45.0663 0x1ae4  [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
14:11:45.0679 0x1ae4  EpsonBidirectionalService - detected UnsignedFile.Multi.Generic ( 1 )
14:11:48.0783 0x1ae4  Detect skipped due to KSN trusted
14:11:48.0783 0x1ae4  EpsonBidirectionalService - ok
14:11:48.0877 0x1ae4  [ 757305C7AD34222F4A46D86FE0BEE241, 94540DC1EA19821EACC796EF4FE247005B02E417B30E91383D1260E9D9A8B747 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
14:11:48.0924 0x1ae4  EpsonCustomerParticipation - ok
14:11:48.0955 0x1ae4  [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
14:11:48.0986 0x1ae4  EpsonScanSvc - ok
14:11:49.0033 0x1ae4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:11:49.0080 0x1ae4  ErrDev - ok
14:11:49.0158 0x1ae4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:11:49.0220 0x1ae4  EventSystem - ok
14:11:49.0251 0x1ae4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:11:49.0314 0x1ae4  exfat - ok
14:11:49.0361 0x1ae4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:11:49.0423 0x1ae4  fastfat - ok
14:11:49.0470 0x1ae4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:11:49.0532 0x1ae4  Fax - ok
14:11:49.0548 0x1ae4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:11:49.0626 0x1ae4  fdc - ok
14:11:49.0641 0x1ae4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:11:49.0688 0x1ae4  fdPHost - ok
14:11:49.0704 0x1ae4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:11:49.0766 0x1ae4  FDResPub - ok
14:11:49.0797 0x1ae4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:11:49.0813 0x1ae4  FileInfo - ok
14:11:49.0829 0x1ae4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:11:49.0907 0x1ae4  Filetrace - ok
14:11:49.0953 0x1ae4  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:11:50.0016 0x1ae4  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
14:11:53.0058 0x1ae4  Detect skipped due to KSN trusted
14:11:53.0058 0x1ae4  FLEXnet Licensing Service - ok
14:11:53.0183 0x1ae4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:11:53.0198 0x1ae4  flpydisk - ok
14:11:53.0245 0x1ae4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:11:53.0276 0x1ae4  FltMgr - ok
14:11:53.0354 0x1ae4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
14:11:53.0417 0x1ae4  FontCache - ok
14:11:53.0479 0x1ae4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:11:53.0510 0x1ae4  FontCache3.0.0.0 - ok
14:11:53.0526 0x1ae4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:11:53.0557 0x1ae4  FsDepends - ok
14:11:53.0619 0x1ae4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:11:53.0651 0x1ae4  Fs_Rec - ok
14:11:53.0682 0x1ae4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:11:53.0713 0x1ae4  fvevol - ok
14:11:53.0729 0x1ae4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:11:53.0760 0x1ae4  gagp30kx - ok
14:11:53.0791 0x1ae4  [ E53EE18A21C025DEABCFE0F72FC481BB, 4725BEA1AACDCEA8E2EF45DB6385BBD0261DD89D5582647355D8762DB1447743 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
14:11:53.0822 0x1ae4  GameConsoleService - ok
14:11:53.0869 0x1ae4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:11:53.0885 0x1ae4  GEARAspiWDM - ok
14:11:53.0947 0x1ae4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:11:54.0025 0x1ae4  gpsvc - ok
14:11:54.0056 0x1ae4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:11:54.0119 0x1ae4  hcw85cir - ok
14:11:54.0150 0x1ae4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:11:54.0212 0x1ae4  HdAudAddService - ok
14:11:54.0243 0x1ae4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:11:54.0275 0x1ae4  HDAudBus - ok
14:11:54.0306 0x1ae4  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
14:11:54.0337 0x1ae4  HECIx64 - ok
14:11:54.0353 0x1ae4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:11:54.0384 0x1ae4  HidBatt - ok
14:11:54.0415 0x1ae4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:11:54.0446 0x1ae4  HidBth - ok
14:11:54.0477 0x1ae4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:11:54.0524 0x1ae4  HidIr - ok
14:11:54.0555 0x1ae4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
14:11:54.0649 0x1ae4  hidserv - ok
14:11:54.0680 0x1ae4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:11:54.0727 0x1ae4  HidUsb - ok
14:11:54.0758 0x1ae4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:11:54.0836 0x1ae4  hkmsvc - ok
14:11:54.0883 0x1ae4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:11:54.0930 0x1ae4  HomeGroupListener - ok
14:11:54.0977 0x1ae4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:11:55.0023 0x1ae4  HomeGroupProvider - ok
14:11:55.0086 0x1ae4  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:11:55.0101 0x1ae4  HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
14:11:57.0972 0x1ae4  Detect skipped due to KSN trusted
14:11:57.0972 0x1ae4  HP Support Assistant Service - ok
14:11:58.0034 0x1ae4  [ A2DE0A67C77EBC6DFAD3D55232790ADD, 12374AD692CE8FA2462DA590D31BF847B61EBC3EFBC0690C1A746AFFA6C13C3A ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
14:11:58.0065 0x1ae4  HP Wireless Assistant Service - ok
14:11:58.0081 0x1ae4  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
14:11:58.0112 0x1ae4  hpdskflt - ok
14:11:58.0206 0x1ae4  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:11:58.0237 0x1ae4  hpqcxs08 - ok
14:11:58.0268 0x1ae4  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:11:58.0284 0x1ae4  hpqddsvc - ok
14:11:58.0362 0x1ae4  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
14:11:58.0393 0x1ae4  hpqwmiex - ok
14:11:58.0440 0x1ae4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:11:58.0455 0x1ae4  HpSAMD - ok
14:11:58.0518 0x1ae4  [ D4F91CF4DE215D6F14A06087D46725E4, 656E78AB0CD5B3DA396F937CF05863F80C9E430EDED6F68A88F39604A052921B ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
14:11:58.0549 0x1ae4  HPSLPSVC - ok
14:11:58.0596 0x1ae4  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\Windows\system32\Hpservice.exe
14:11:58.0611 0x1ae4  hpsrv - ok
14:11:58.0689 0x1ae4  [ F46DEEEF47977B6C1783A1F09C0697A8, F11134B1E4EA5F5BB7A78658D0CF7881232AA791933EA1D4DC2960DBE2CA270C ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
14:11:58.0721 0x1ae4  HPSupportSolutionsFrameworkService - ok
14:11:58.0752 0x1ae4  [ B6492D01712A22FF3FEA25A999DBD321, DA0BB9F4EC5352409F492378168C5A256186B1E76463C72ADE06C63F46363BEF ] HPWMISVC        C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
14:11:58.0767 0x1ae4  HPWMISVC - detected UnsignedFile.Multi.Generic ( 1 )
14:12:01.0638 0x1ae4  Detect skipped due to KSN trusted
14:12:01.0638 0x1ae4  HPWMISVC - ok
14:12:01.0700 0x1ae4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:12:01.0778 0x1ae4  HTTP - ok
14:12:01.0809 0x1ae4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:12:01.0825 0x1ae4  hwpolicy - ok
14:12:01.0872 0x1ae4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:12:01.0903 0x1ae4  i8042prt - ok
14:12:01.0950 0x1ae4  [ A5F72BB0D024E7E463344105BE613AE4, 22B1DED17118C85ACC1F57996FA13428FFE8C96051FAF5212A7E37430F4C62E8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:12:01.0997 0x1ae4  iaStor - ok
14:12:02.0043 0x1ae4  [ 1E7999FE262B0A5FB84485C3A9AD06F1, EF42B436B35AD0A1FCCE4DD23DF1D6934A79E49FCD8AF90787A643B2290932F8 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
14:12:02.0059 0x1ae4  IAStorDataMgrSvc - ok
14:12:02.0106 0x1ae4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:12:02.0153 0x1ae4  iaStorV - ok
14:12:02.0215 0x1ae4  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
14:12:02.0262 0x1ae4  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
14:12:05.0117 0x1ae4  Detect skipped due to KSN trusted
14:12:05.0117 0x1ae4  IDriverT - ok
14:12:05.0179 0x1ae4  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:12:05.0241 0x1ae4  idsvc - ok
14:12:05.0709 0x1ae4  [ 1BE8D9CA4F2363B8E8015621878E0043, 695B5F88A6F6943156D033DAA86188F50308AD71FCF26CF0AEDF7E23F774FB56 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:12:06.0193 0x1ae4  igfx - ok
14:12:06.0224 0x1ae4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:12:06.0240 0x1ae4  iirsp - ok
14:12:06.0302 0x1ae4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:12:06.0380 0x1ae4  IKEEXT - ok
14:12:06.0411 0x1ae4  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
14:12:06.0474 0x1ae4  Impcd - ok
14:12:06.0521 0x1ae4  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
14:12:06.0567 0x1ae4  IntcDAud - ok
14:12:06.0599 0x1ae4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:12:06.0630 0x1ae4  intelide - ok
14:12:06.0661 0x1ae4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:12:06.0692 0x1ae4  intelppm - ok
14:12:06.0723 0x1ae4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:12:06.0786 0x1ae4  IPBusEnum - ok
14:12:06.0817 0x1ae4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:12:06.0895 0x1ae4  IpFilterDriver - ok
14:12:06.0942 0x1ae4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:12:06.0989 0x1ae4  iphlpsvc - ok
14:12:07.0035 0x1ae4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:12:07.0082 0x1ae4  IPMIDRV - ok
14:12:07.0098 0x1ae4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:12:07.0145 0x1ae4  IPNAT - ok
14:12:07.0207 0x1ae4  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:12:07.0238 0x1ae4  iPod Service - ok
14:12:07.0254 0x1ae4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:12:07.0347 0x1ae4  IRENUM - ok
14:12:07.0363 0x1ae4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:12:07.0394 0x1ae4  isapnp - ok
14:12:07.0425 0x1ae4  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
14:12:07.0457 0x1ae4  iScsiPrt - ok
14:12:07.0488 0x1ae4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:12:07.0503 0x1ae4  kbdclass - ok
14:12:07.0566 0x1ae4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:12:07.0597 0x1ae4  kbdhid - ok
14:12:07.0628 0x1ae4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
14:12:07.0644 0x1ae4  KeyIso - ok
14:12:07.0691 0x1ae4  [ 8D7120743A0973CEAB548B475C9D4289, 2DE1EA589A4D51D1A79C983B5E130F59203E0F1B2253AC29681D8D86F71EF2CB ] KL1             C:\Windows\system32\DRIVERS\kl1.sys
14:12:07.0722 0x1ae4  KL1 - ok
14:12:07.0737 0x1ae4  [ CD146D8E525D6EEBDCAF24120A8AB9CE, ABA62BC21894D7DB0B63C0B5D7DB2BE9686F919F3167135151BE4F1C3CAB9E04 ] kl2             C:\Windows\system32\DRIVERS\kl2.sys
14:12:07.0753 0x1ae4  kl2 - ok
14:12:07.0800 0x1ae4  [ 177505577604C94C4BE7B9316A90ADA1, 2D2550DE5D45E5EFA734DBB769474B0A5C9B67DB5F516787B3B872F5E42B57D9 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
14:12:07.0831 0x1ae4  KLIF - ok
14:12:07.0862 0x1ae4  [ 2A64B3A9EED93A2E96537B67C079FC96, C0DF19AE51393BD310E6483C917E1221645A55776D77774CECA6F33D16CFF9B9 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
14:12:07.0878 0x1ae4  KLIM6 - ok
14:12:07.0909 0x1ae4  [ 9468D07E91BA136D82415F5DFC1FE168, EF9AA5CD94093E06023A42501557B2C4684806DBBC07D2F77F9AE2F3C6EA2430 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
14:12:07.0940 0x1ae4  klmouflt - ok
14:12:07.0971 0x1ae4  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:12:08.0003 0x1ae4  KSecDD - ok
14:12:08.0018 0x1ae4  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:12:08.0049 0x1ae4  KSecPkg - ok
14:12:08.0065 0x1ae4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:12:08.0127 0x1ae4  ksthunk - ok
14:12:08.0190 0x1ae4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:12:08.0283 0x1ae4  KtmRm - ok
14:12:08.0330 0x1ae4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
14:12:08.0424 0x1ae4  LanmanServer - ok
14:12:08.0471 0x1ae4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:12:08.0549 0x1ae4  LanmanWorkstation - ok
14:12:08.0595 0x1ae4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:12:08.0658 0x1ae4  lltdio - ok
14:12:08.0673 0x1ae4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:12:08.0751 0x1ae4  lltdsvc - ok
14:12:08.0767 0x1ae4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:12:08.0798 0x1ae4  lmhosts - ok
14:12:08.0845 0x1ae4  [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:12:08.0876 0x1ae4  LMS - ok
14:12:08.0907 0x1ae4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:12:08.0939 0x1ae4  LSI_FC - ok
14:12:08.0954 0x1ae4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:12:08.0985 0x1ae4  LSI_SAS - ok
14:12:09.0017 0x1ae4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:12:09.0032 0x1ae4  LSI_SAS2 - ok
14:12:09.0048 0x1ae4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:12:09.0079 0x1ae4  LSI_SCSI - ok
14:12:09.0095 0x1ae4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:12:09.0173 0x1ae4  luafv - ok
14:12:09.0188 0x1ae4  [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:12:09.0204 0x1ae4  LVPr2M64 - ok
14:12:09.0219 0x1ae4  [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:12:09.0219 0x1ae4  LVPr2Mon - ok
14:12:09.0282 0x1ae4  [ EF586B959F747E74C76603FF16AE417B, 751AAB31D7B5542C06F1E9145AC2DCB073EAF7FE5FDE100ED404564D21317417 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
14:12:09.0297 0x1ae4  LVRS64 - ok
14:12:09.0469 0x1ae4  [ EDF73BFA1BD24D74D1D64DC0ED28A7CD, BD8D9D15C83EF1C9467A137764E128D80CFE58A2B728CDB57CB272D426702318 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
14:12:09.0609 0x1ae4  LVUVC64 - ok
14:12:09.0672 0x1ae4  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
14:12:09.0703 0x1ae4  MBAMProtector - ok
14:12:09.0734 0x1ae4  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:12:09.0781 0x1ae4  MBAMScheduler - ok
14:12:09.0812 0x1ae4  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:12:09.0875 0x1ae4  MBAMService - ok
14:12:09.0906 0x1ae4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:12:09.0953 0x1ae4  Mcx2Svc - ok
14:12:09.0984 0x1ae4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:12:10.0015 0x1ae4  megasas - ok
14:12:10.0046 0x1ae4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:12:10.0062 0x1ae4  MegaSR - ok
14:12:10.0093 0x1ae4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:12:10.0171 0x1ae4  MMCSS - ok
14:12:10.0202 0x1ae4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:12:10.0280 0x1ae4  Modem - ok
14:12:10.0296 0x1ae4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:12:10.0343 0x1ae4  monitor - ok
14:12:10.0374 0x1ae4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:12:10.0389 0x1ae4  mouclass - ok
14:12:10.0405 0x1ae4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:12:10.0436 0x1ae4  mouhid - ok
14:12:10.0467 0x1ae4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:12:10.0483 0x1ae4  mountmgr - ok
14:12:10.0514 0x1ae4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:12:10.0530 0x1ae4  mpio - ok
14:12:10.0545 0x1ae4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:12:10.0639 0x1ae4  mpsdrv - ok
14:12:10.0686 0x1ae4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:12:10.0795 0x1ae4  MpsSvc - ok
14:12:10.0826 0x1ae4  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:12:10.0873 0x1ae4  MRxDAV - ok
14:12:10.0904 0x1ae4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:12:10.0951 0x1ae4  mrxsmb - ok
14:12:10.0982 0x1ae4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:12:11.0013 0x1ae4  mrxsmb10 - ok
14:12:11.0029 0x1ae4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:12:11.0076 0x1ae4  mrxsmb20 - ok
14:12:11.0107 0x1ae4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:12:11.0123 0x1ae4  msahci - ok
14:12:11.0216 0x1ae4  [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D, FEA8FB1B8752660EC6174542B24D234A61EBFF8318A5855B3E5C91DB86856CAB ] MSCSPTISRV      C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
14:12:11.0247 0x1ae4  MSCSPTISRV - detected UnsignedFile.Multi.Generic ( 1 )
14:12:14.0383 0x1ae4  Detect skipped due to KSN trusted
14:12:14.0383 0x1ae4  MSCSPTISRV - ok
14:12:14.0430 0x1ae4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:12:14.0461 0x1ae4  msdsm - ok
14:12:14.0477 0x1ae4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:12:14.0523 0x1ae4  MSDTC - ok
14:12:14.0555 0x1ae4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:12:14.0601 0x1ae4  Msfs - ok
14:12:14.0617 0x1ae4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:12:14.0695 0x1ae4  mshidkmdf - ok
14:12:14.0726 0x1ae4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:12:14.0742 0x1ae4  msisadrv - ok
14:12:14.0757 0x1ae4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:12:14.0820 0x1ae4  MSiSCSI - ok
14:12:14.0835 0x1ae4  msiserver - ok
14:12:14.0851 0x1ae4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:12:14.0898 0x1ae4  MSKSSRV - ok
14:12:14.0913 0x1ae4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:12:14.0976 0x1ae4  MSPCLOCK - ok
14:12:14.0991 0x1ae4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:12:15.0069 0x1ae4  MSPQM - ok
14:12:15.0101 0x1ae4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:12:15.0147 0x1ae4  MsRPC - ok
14:12:15.0147 0x1ae4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:12:15.0179 0x1ae4  mssmbios - ok
14:12:15.0194 0x1ae4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:12:15.0257 0x1ae4  MSTEE - ok
14:12:15.0272 0x1ae4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:12:15.0303 0x1ae4  MTConfig - ok
14:12:15.0335 0x1ae4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:12:15.0366 0x1ae4  Mup - ok
14:12:15.0381 0x1ae4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:12:15.0475 0x1ae4  napagent - ok
14:12:15.0506 0x1ae4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:12:15.0569 0x1ae4  NativeWifiP - ok
14:12:15.0647 0x1ae4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:12:15.0693 0x1ae4  NDIS - ok
14:12:15.0709 0x1ae4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:12:15.0771 0x1ae4  NdisCap - ok
14:12:15.0771 0x1ae4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:12:15.0834 0x1ae4  NdisTapi - ok
14:12:15.0865 0x1ae4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:12:15.0912 0x1ae4  Ndisuio - ok
14:12:15.0943 0x1ae4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:12:16.0021 0x1ae4  NdisWan - ok
14:12:16.0037 0x1ae4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:12:16.0099 0x1ae4  NDProxy - ok
14:12:16.0130 0x1ae4  [ D4F51E88C71BF8F06EA1BE320B0BB75B, ABDA528F8159290BFDFBAAFC3BDA4484649FF612FD1D9E74284CA7DBA00A4B0D ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:12:16.0161 0x1ae4  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
14:12:19.0219 0x1ae4  Detect skipped due to KSN trusted
14:12:19.0219 0x1ae4  Net Driver HPZ12 - ok
14:12:19.0266 0x1ae4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:12:19.0328 0x1ae4  NetBIOS - ok
14:12:19.0391 0x1ae4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:12:19.0453 0x1ae4  NetBT - ok
14:12:19.0484 0x1ae4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
14:12:19.0500 0x1ae4  Netlogon - ok
14:12:19.0531 0x1ae4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:12:19.0640 0x1ae4  Netman - ok
14:12:19.0671 0x1ae4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:19.0734 0x1ae4  NetMsmqActivator - ok
14:12:19.0734 0x1ae4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:19.0765 0x1ae4  NetPipeActivator - ok
14:12:19.0796 0x1ae4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:12:19.0874 0x1ae4  netprofm - ok
14:12:19.0874 0x1ae4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:19.0890 0x1ae4  NetTcpActivator - ok
14:12:19.0905 0x1ae4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:19.0921 0x1ae4  NetTcpPortSharing - ok
14:12:20.0108 0x1ae4  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
14:12:20.0358 0x1ae4  netw5v64 - ok
14:12:20.0389 0x1ae4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:12:20.0420 0x1ae4  nfrd960 - ok
14:12:20.0451 0x1ae4  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:12:20.0483 0x1ae4  NlaSvc - ok
14:12:20.0498 0x1ae4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:12:20.0576 0x1ae4  Npfs - ok
14:12:20.0607 0x1ae4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:12:20.0654 0x1ae4  nsi - ok
14:12:20.0654 0x1ae4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:12:20.0717 0x1ae4  nsiproxy - ok
14:12:20.0810 0x1ae4  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:12:20.0873 0x1ae4  Ntfs - ok
14:12:20.0888 0x1ae4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:12:20.0951 0x1ae4  Null - ok
14:12:20.0982 0x1ae4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:12:20.0997 0x1ae4  nvraid - ok
14:12:21.0044 0x1ae4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:12:21.0060 0x1ae4  nvstor - ok
14:12:21.0075 0x1ae4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:12:21.0107 0x1ae4  nv_agp - ok
14:12:21.0122 0x1ae4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:12:21.0153 0x1ae4  ohci1394 - ok
14:12:21.0200 0x1ae4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:12:21.0231 0x1ae4  ose - ok
14:12:21.0434 0x1ae4  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:12:21.0606 0x1ae4  osppsvc - ok
14:12:21.0637 0x1ae4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:12:21.0715 0x1ae4  p2pimsvc - ok
14:12:21.0746 0x1ae4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:12:21.0809 0x1ae4  p2psvc - ok
14:12:21.0840 0x1ae4  [ 753A8F339F231D2B857E2CCD51A6E6CA, 59510E69D623B9DA725A8097A44FD210FCF05BB3BA27D5296EA4610359DA0831 ] PACSPTISVR      C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
14:12:21.0887 0x1ae4  PACSPTISVR - detected UnsignedFile.Multi.Generic ( 1 )
14:12:25.0022 0x1ae4  Detect skipped due to KSN trusted
14:12:25.0022 0x1ae4  PACSPTISVR - ok
14:12:25.0069 0x1ae4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:12:25.0100 0x1ae4  Parport - ok
14:12:25.0131 0x1ae4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:12:25.0163 0x1ae4  partmgr - ok
14:12:25.0194 0x1ae4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:12:25.0241 0x1ae4  PcaSvc - ok
14:12:25.0303 0x1ae4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:12:25.0334 0x1ae4  pci - ok
14:12:25.0365 0x1ae4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:12:25.0397 0x1ae4  pciide - ok
14:12:25.0412 0x1ae4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:12:25.0459 0x1ae4  pcmcia - ok
14:12:25.0490 0x1ae4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:12:25.0521 0x1ae4  pcw - ok
14:12:25.0553 0x1ae4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:12:25.0646 0x1ae4  PEAUTH - ok
14:12:25.0724 0x1ae4  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:12:25.0833 0x1ae4  PeerDistSvc - ok
14:12:25.0896 0x1ae4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:12:26.0052 0x1ae4  PerfHost - ok
14:12:26.0114 0x1ae4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
14:12:26.0239 0x1ae4  pla - ok
14:12:26.0286 0x1ae4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:12:26.0348 0x1ae4  PlugPlay - ok
14:12:26.0364 0x1ae4  [ 9A80707D8B6C1806531BFD7399B3CC76, C9996A265B0C461843DECE336314AEDD38D3F0644A8AA4D3F20D3496AD17956B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:12:26.0411 0x1ae4  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
14:12:29.0453 0x1ae4  Detect skipped due to KSN trusted
14:12:29.0453 0x1ae4  Pml Driver HPZ12 - ok
14:12:29.0499 0x1ae4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:12:29.0546 0x1ae4  PNRPAutoReg - ok
14:12:29.0577 0x1ae4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:12:29.0609 0x1ae4  PNRPsvc - ok
14:12:29.0655 0x1ae4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:12:29.0749 0x1ae4  PolicyAgent - ok
14:12:29.0796 0x1ae4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:12:29.0858 0x1ae4  Power - ok
14:12:29.0889 0x1ae4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:12:29.0936 0x1ae4  PptpMiniport - ok
14:12:29.0983 0x1ae4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:12:30.0030 0x1ae4  Processor - ok
14:12:30.0061 0x1ae4  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:12:30.0123 0x1ae4  ProfSvc - ok
14:12:30.0139 0x1ae4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
14:12:30.0170 0x1ae4  ProtectedStorage - ok
14:12:30.0201 0x1ae4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:12:30.0264 0x1ae4  Psched - ok
14:12:30.0295 0x1ae4  [ 5D6C8E778F0218FCD2CCA0EFBC9766CA, 55B9BD7D168790883E748D9C09DA64E4FEEAC36EC172371DCD108F7F148887B3 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
14:12:30.0326 0x1ae4  PxHlpa64 - ok
14:12:30.0404 0x1ae4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:12:30.0467 0x1ae4  ql2300 - ok
14:12:30.0498 0x1ae4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:12:30.0529 0x1ae4  ql40xx - ok
14:12:30.0560 0x1ae4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:12:30.0591 0x1ae4  QWAVE - ok
14:12:30.0607 0x1ae4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:12:30.0669 0x1ae4  QWAVEdrv - ok
14:12:30.0685 0x1ae4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:12:30.0747 0x1ae4  RasAcd - ok
14:12:30.0763 0x1ae4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:12:30.0810 0x1ae4  RasAgileVpn - ok
14:12:30.0841 0x1ae4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:12:30.0903 0x1ae4  RasAuto - ok
14:12:30.0935 0x1ae4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:12:31.0028 0x1ae4  Rasl2tp - ok
14:12:31.0091 0x1ae4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:12:31.0153 0x1ae4  RasMan - ok
14:12:31.0215 0x1ae4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:12:31.0278 0x1ae4  RasPppoe - ok
14:12:31.0293 0x1ae4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:12:31.0371 0x1ae4  RasSstp - ok
14:12:31.0418 0x1ae4  [ 96597C96D5ACF4A3EF0B24D396853879, 25A969C04D9F19BA6A047DA5E349A09A85D78F982E8E29C34B4581AC267E6482 ] rcmirror        C:\Windows\system32\DRIVERS\rcmirror.sys
14:12:31.0465 0x1ae4  rcmirror - ok
14:12:31.0527 0x1ae4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:12:31.0590 0x1ae4  rdbss - ok
14:12:31.0637 0x1ae4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:12:31.0683 0x1ae4  rdpbus - ok
14:12:31.0699 0x1ae4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:12:31.0777 0x1ae4  RDPCDD - ok
14:12:31.0824 0x1ae4  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:12:31.0871 0x1ae4  RDPDR - ok
14:12:31.0886 0x1ae4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:12:32.0011 0x1ae4  RDPENCDD - ok
14:12:32.0058 0x1ae4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:12:32.0167 0x1ae4  RDPREFMP - ok
14:12:32.0214 0x1ae4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:12:32.0292 0x1ae4  RdpVideoMiniport - ok
14:12:32.0339 0x1ae4  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:12:32.0401 0x1ae4  RDPWD - ok
14:12:32.0448 0x1ae4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:12:32.0479 0x1ae4  rdyboost - ok
14:12:32.0604 0x1ae4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:12:32.0682 0x1ae4  RemoteAccess - ok
14:12:32.0713 0x1ae4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:12:32.0807 0x1ae4  RemoteRegistry - ok
14:12:32.0838 0x1ae4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:12:32.0931 0x1ae4  RpcEptMapper - ok
14:12:32.0947 0x1ae4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:12:32.0994 0x1ae4  RpcLocator - ok
14:12:33.0041 0x1ae4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
14:12:33.0134 0x1ae4  RpcSs - ok
14:12:33.0181 0x1ae4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:12:33.0259 0x1ae4  rspndr - ok
14:12:33.0368 0x1ae4  [ 6074829C74C5C72AB65AD2CEE9C1BB47, 7EDF3967350BE9581B93822583D632E9AE6245DC894718F5AB2983EC2447E02E ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:12:33.0399 0x1ae4  RTL8167 - ok
14:12:33.0431 0x1ae4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
14:12:33.0462 0x1ae4  SamSs - ok
14:12:33.0493 0x1ae4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:12:33.0524 0x1ae4  sbp2port - ok
14:12:33.0555 0x1ae4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:12:33.0633 0x1ae4  SCardSvr - ok
14:12:33.0680 0x1ae4  [ 8356DD6C4F1744701B94FE85743A6A78, E803690C7C1FA01533BB0C06C8A9EB8FD2081877FC97EB7F45374D1E89BB96E0 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
14:12:33.0696 0x1ae4  SCDEmu - ok
14:12:33.0743 0x1ae4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:12:33.0821 0x1ae4  scfilter - ok
14:12:33.0914 0x1ae4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
14:12:34.0023 0x1ae4  Schedule - ok
14:12:34.0055 0x1ae4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:12:34.0101 0x1ae4  SCPolicySvc - ok
14:12:34.0179 0x1ae4  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
14:12:34.0226 0x1ae4  sdbus - ok
14:12:34.0273 0x1ae4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:12:34.0335 0x1ae4  SDRSVC - ok
14:12:34.0367 0x1ae4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:12:34.0476 0x1ae4  secdrv - ok
14:12:34.0507 0x1ae4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
14:12:34.0585 0x1ae4  seclogon - ok
14:12:34.0616 0x1ae4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
14:12:34.0679 0x1ae4  SENS - ok
14:12:34.0694 0x1ae4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:12:34.0757 0x1ae4  SensrSvc - ok
14:12:34.0772 0x1ae4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:12:34.0819 0x1ae4  Serenum - ok
14:12:34.0835 0x1ae4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:12:34.0881 0x1ae4  Serial - ok
14:12:34.0913 0x1ae4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:12:34.0959 0x1ae4  sermouse - ok
14:12:34.0991 0x1ae4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:12:35.0069 0x1ae4  SessionEnv - ok
14:12:35.0115 0x1ae4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:12:35.0178 0x1ae4  sffdisk - ok
14:12:35.0209 0x1ae4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:12:35.0225 0x1ae4  sffp_mmc - ok
14:12:35.0240 0x1ae4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:12:35.0287 0x1ae4  sffp_sd - ok
14:12:35.0303 0x1ae4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:12:35.0349 0x1ae4  sfloppy - ok
14:12:35.0427 0x1ae4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:12:35.0521 0x1ae4  SharedAccess - ok
14:12:35.0693 0x1ae4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:12:35.0802 0x1ae4  ShellHWDetection - ok
14:12:35.0927 0x1ae4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:12:35.0958 0x1ae4  SiSRaid2 - ok
14:12:35.0989 0x1ae4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:12:36.0020 0x1ae4  SiSRaid4 - ok
14:12:36.0098 0x1ae4  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:12:36.0145 0x1ae4  SkypeUpdate - ok
14:12:36.0161 0x1ae4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:12:36.0239 0x1ae4  Smb - ok
14:12:36.0285 0x1ae4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:12:36.0301 0x1ae4  SNMPTRAP - ok
14:12:36.0348 0x1ae4  [ 977AAA4398D7D6FA65D973F5B3F54E40, 9E7DD68E62A0BC6A8F512582E7B7BA00CC90CEA65B1F46EA6922C38C2D340021 ] SonicStage Back-End Service C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe
14:12:36.0363 0x1ae4  SonicStage Back-End Service - ok
14:12:36.0379 0x1ae4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:12:36.0395 0x1ae4  spldr - ok
14:12:36.0441 0x1ae4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
14:12:36.0519 0x1ae4  Spooler - ok
14:12:36.0691 0x1ae4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:12:36.0878 0x1ae4  sppsvc - ok
14:12:36.0909 0x1ae4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:12:36.0987 0x1ae4  sppuinotify - ok
14:12:37.0050 0x1ae4  [ 602884696850C86434530790B110E8EB, C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA ] sptd            C:\Windows\System32\Drivers\sptd.sys
14:12:37.0097 0x1ae4  sptd - ok
14:12:37.0143 0x1ae4  [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1, BDCCF36D760B8B92BD8DF54C6F2992D66B76EBA1999623F60F0D68CD91D3CEE1 ] SPTISRV         C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe
14:12:37.0159 0x1ae4  SPTISRV - detected UnsignedFile.Multi.Generic ( 1 )
14:12:40.0029 0x1ae4  Detect skipped due to KSN trusted
14:12:40.0029 0x1ae4  SPTISRV - ok
14:12:40.0092 0x1ae4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:12:40.0154 0x1ae4  srv - ok
14:12:40.0185 0x1ae4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:12:40.0248 0x1ae4  srv2 - ok
14:12:40.0295 0x1ae4  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:12:40.0357 0x1ae4  SrvHsfHDA - ok
14:12:40.0419 0x1ae4  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:12:40.0513 0x1ae4  SrvHsfV92 - ok
14:12:40.0560 0x1ae4  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:12:40.0607 0x1ae4  SrvHsfWinac - ok
14:12:40.0622 0x1ae4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:12:40.0669 0x1ae4  srvnet - ok
14:12:40.0716 0x1ae4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:12:40.0778 0x1ae4  SSDPSRV - ok
14:12:40.0809 0x1ae4  [ 756E371B3B86A3D3039926D32EAC0E8D, 7D3EE49848B90F0815599EC35897E23ECB69BF2686A8F1907E974B4F21419F5D ] SSScsiSV        C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe
14:12:40.0841 0x1ae4  SSScsiSV - ok
14:12:40.0841 0x1ae4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:12:40.0919 0x1ae4  SstpSvc - ok
14:12:41.0012 0x1ae4  [ B2D8B364A831427A5741F6C408FA8AE3, 17BA3A936B26A2E4169F87C5E84DDA1E7892511D6B8A2E39564CCC930F582A64 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
14:12:41.0075 0x1ae4  STacSV - ok
14:12:41.0106 0x1ae4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:12:41.0137 0x1ae4  stexstor - ok
14:12:41.0184 0x1ae4  [ EF5ACDE92BA3F691BBFEF781CB063501, 4E16919DE52D8766FF88921F6B95B4015842F28EA19EAEF1D808BB3161713583 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
14:12:41.0246 0x1ae4  STHDA - ok
14:12:41.0277 0x1ae4  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
14:12:41.0324 0x1ae4  StillCam - ok
14:12:41.0371 0x1ae4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:12:41.0449 0x1ae4  stisvc - ok
14:12:41.0465 0x1ae4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:12:41.0480 0x1ae4  swenum - ok
14:12:41.0527 0x1ae4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:12:41.0621 0x1ae4  swprv - ok
14:12:41.0621 0x1ae4  Synth3dVsc - ok
14:12:41.0652 0x1ae4  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
14:12:41.0683 0x1ae4  SynTP - ok
14:12:41.0777 0x1ae4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
14:12:41.0870 0x1ae4  SysMain - ok
14:12:41.0901 0x1ae4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:12:41.0964 0x1ae4  TabletInputService - ok
14:12:41.0995 0x1ae4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:12:42.0073 0x1ae4  TapiSrv - ok
14:12:42.0104 0x1ae4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
14:12:42.0151 0x1ae4  TBS - ok
14:12:42.0260 0x1ae4  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:12:42.0354 0x1ae4  Tcpip - ok
14:12:42.0432 0x1ae4  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:12:42.0525 0x1ae4  TCPIP6 - ok
14:12:42.0572 0x1ae4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:12:42.0603 0x1ae4  tcpipreg - ok
14:12:42.0635 0x1ae4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:12:42.0681 0x1ae4  TDPIPE - ok
14:12:42.0713 0x1ae4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:12:42.0759 0x1ae4  TDTCP - ok
14:12:42.0791 0x1ae4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:12:42.0853 0x1ae4  tdx - ok
14:12:42.0884 0x1ae4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:12:42.0915 0x1ae4  TermDD - ok
14:12:42.0947 0x1ae4  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
14:12:43.0056 0x1ae4  TermService - ok
14:12:43.0087 0x1ae4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:12:43.0134 0x1ae4  Themes - ok
14:12:43.0165 0x1ae4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:12:43.0227 0x1ae4  THREADORDER - ok
14:12:43.0243 0x1ae4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:12:43.0321 0x1ae4  TrkWks - ok
14:12:43.0399 0x1ae4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:12:43.0477 0x1ae4  TrustedInstaller - ok
14:12:43.0508 0x1ae4  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:12:43.0571 0x1ae4  tssecsrv - ok
14:12:43.0617 0x1ae4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:12:43.0664 0x1ae4  TsUsbFlt - ok
14:12:43.0664 0x1ae4  tsusbhub - ok
14:12:43.0711 0x1ae4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:12:43.0758 0x1ae4  tunnel - ok
14:12:43.0789 0x1ae4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:12:43.0805 0x1ae4  uagp35 - ok
14:12:43.0867 0x1ae4  [ 6ED5BAAF4CF1FE809D2511D001B0A7C6, 0A6439000CB2A237403F9CF8B76530A295341B94D7D335DE352ECCC50BFFD64D ] UCManSvc        C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
14:12:43.0883 0x1ae4  UCManSvc - detected UnsignedFile.Multi.Generic ( 1 )
14:12:46.0972 0x1ae4  Detect skipped due to KSN trusted
14:12:46.0972 0x1ae4  UCManSvc - ok
14:12:47.0018 0x1ae4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:12:47.0096 0x1ae4  udfs - ok
14:12:47.0128 0x1ae4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:12:47.0143 0x1ae4  UI0Detect - ok
14:12:47.0190 0x1ae4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:12:47.0221 0x1ae4  uliagpkx - ok
14:12:47.0268 0x1ae4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
14:12:47.0315 0x1ae4  umbus - ok
14:12:47.0346 0x1ae4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:12:47.0393 0x1ae4  UmPass - ok
14:12:47.0424 0x1ae4  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:12:47.0486 0x1ae4  UmRdpService - ok
14:12:47.0580 0x1ae4  [ 8B802B483CBDE06F62DBC04DC7AFAF8E, 92E20096D2953DF8C4812EED2ED1A8AD1AF9CE20740B3ACDA33A1DC5B4D0E00B ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
14:12:47.0611 0x1ae4  UMVPFSrv - ok
14:12:47.0767 0x1ae4  [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:12:47.0845 0x1ae4  UNS - ok
14:12:47.0861 0x1ae4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:12:47.0939 0x1ae4  upnphost - ok
14:12:47.0970 0x1ae4  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:12:47.0986 0x1ae4  USBAAPL64 - ok
14:12:48.0032 0x1ae4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:12:48.0095 0x1ae4  usbaudio - ok
14:12:48.0126 0x1ae4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:12:48.0173 0x1ae4  usbccgp - ok
14:12:48.0188 0x1ae4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:12:48.0235 0x1ae4  usbcir - ok
14:12:48.0251 0x1ae4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:12:48.0298 0x1ae4  usbehci - ok
14:12:48.0329 0x1ae4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:12:48.0391 0x1ae4  usbhub - ok
14:12:48.0407 0x1ae4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:12:48.0454 0x1ae4  usbohci - ok
14:12:48.0485 0x1ae4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:12:48.0516 0x1ae4  usbprint - ok
14:12:48.0547 0x1ae4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:12:48.0594 0x1ae4  USBSTOR - ok
14:12:48.0625 0x1ae4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:12:48.0656 0x1ae4  usbuhci - ok
14:12:48.0703 0x1ae4  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:12:48.0750 0x1ae4  usbvideo - ok
14:12:48.0781 0x1ae4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:12:48.0859 0x1ae4  UxSms - ok
14:12:48.0875 0x1ae4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
14:12:48.0906 0x1ae4  VaultSvc - ok
14:12:49.0015 0x1ae4  [ 2662F24C7AEE2A32CEBDEC907A5366F1, B6A59DE0AA0E58F239D54DFEC902D1E5E8BAA19642EF1114101787A00272903D ] vcsFPService    C:\Windows\system32\vcsFPService.exe
14:12:49.0078 0x1ae4  vcsFPService - ok
14:12:49.0124 0x1ae4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:12:49.0140 0x1ae4  vdrvroot - ok
14:12:49.0187 0x1ae4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:12:49.0280 0x1ae4  vds - ok
14:12:49.0327 0x1ae4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:12:49.0374 0x1ae4  vga - ok
14:12:49.0390 0x1ae4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:12:49.0468 0x1ae4  VgaSave - ok
14:12:49.0468 0x1ae4  VGPU - ok
14:12:49.0514 0x1ae4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:12:49.0546 0x1ae4  vhdmp - ok
14:12:49.0577 0x1ae4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:12:49.0592 0x1ae4  viaide - ok
14:12:49.0608 0x1ae4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:12:49.0639 0x1ae4  volmgr - ok
14:12:49.0686 0x1ae4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:12:49.0717 0x1ae4  volmgrx - ok
14:12:49.0733 0x1ae4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:12:49.0764 0x1ae4  volsnap - ok
14:12:49.0780 0x1ae4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:12:49.0811 0x1ae4  vsmraid - ok
14:12:49.0889 0x1ae4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:12:49.0998 0x1ae4  VSS - ok
14:12:50.0045 0x1ae4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:12:50.0092 0x1ae4  vwifibus - ok
14:12:50.0123 0x1ae4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:12:50.0170 0x1ae4  vwififlt - ok
14:12:50.0185 0x1ae4  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:12:50.0248 0x1ae4  vwifimp - ok
14:12:50.0279 0x1ae4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:12:50.0357 0x1ae4  W32Time - ok
14:12:50.0404 0x1ae4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:12:50.0450 0x1ae4  WacomPen - ok
14:12:50.0466 0x1ae4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:12:50.0528 0x1ae4  WANARP - ok
14:12:50.0544 0x1ae4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:12:50.0575 0x1ae4  Wanarpv6 - ok
14:12:50.0653 0x1ae4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:12:50.0716 0x1ae4  WatAdminSvc - ok
14:12:50.0794 0x1ae4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:12:50.0872 0x1ae4  wbengine - ok
14:12:50.0887 0x1ae4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:12:50.0934 0x1ae4  WbioSrvc - ok
14:12:50.0981 0x1ae4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:12:51.0028 0x1ae4  wcncsvc - ok
14:12:51.0059 0x1ae4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:12:51.0121 0x1ae4  WcsPlugInService - ok
14:12:51.0152 0x1ae4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:12:51.0168 0x1ae4  Wd - ok
14:12:51.0230 0x1ae4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:12:51.0277 0x1ae4  Wdf01000 - ok
14:12:51.0293 0x1ae4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:12:51.0386 0x1ae4  WdiServiceHost - ok
14:12:51.0386 0x1ae4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:12:51.0418 0x1ae4  WdiSystemHost - ok
14:12:51.0464 0x1ae4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
14:12:51.0496 0x1ae4  WebClient - ok
14:12:51.0511 0x1ae4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:12:51.0589 0x1ae4  Wecsvc - ok
14:12:51.0620 0x1ae4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:12:51.0683 0x1ae4  wercplsupport - ok
14:12:51.0714 0x1ae4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:12:51.0776 0x1ae4  WerSvc - ok
14:12:51.0792 0x1ae4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:12:51.0854 0x1ae4  WfpLwf - ok
14:12:51.0870 0x1ae4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:12:51.0901 0x1ae4  WIMMount - ok
14:12:51.0917 0x1ae4  WinDefend - ok
14:12:51.0917 0x1ae4  WinHttpAutoProxySvc - ok
14:12:51.0979 0x1ae4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:12:52.0057 0x1ae4  Winmgmt - ok
14:12:52.0166 0x1ae4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:12:52.0354 0x1ae4  WinRM - ok
14:12:52.0416 0x1ae4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
14:12:52.0447 0x1ae4  WinUSB - ok
14:12:52.0510 0x1ae4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:12:52.0619 0x1ae4  Wlansvc - ok
14:12:52.0759 0x1ae4  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:12:52.0868 0x1ae4  wlidsvc - ok
14:12:52.0884 0x1ae4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:12:52.0915 0x1ae4  WmiAcpi - ok
14:12:52.0931 0x1ae4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:12:52.0978 0x1ae4  wmiApSrv - ok
14:12:53.0009 0x1ae4  WMPNetworkSvc - ok
14:12:53.0040 0x1ae4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:12:53.0071 0x1ae4  WPCSvc - ok
14:12:53.0118 0x1ae4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:12:53.0149 0x1ae4  WPDBusEnum - ok
14:12:53.0180 0x1ae4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:12:53.0243 0x1ae4  ws2ifsl - ok
14:12:53.0274 0x1ae4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
14:12:53.0336 0x1ae4  wscsvc - ok
14:12:53.0336 0x1ae4  WSearch - ok
14:12:53.0446 0x1ae4  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:12:53.0524 0x1ae4  wuauserv - ok
14:12:53.0586 0x1ae4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:12:53.0633 0x1ae4  WudfPf - ok
14:12:53.0664 0x1ae4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:12:53.0711 0x1ae4  WUDFRd - ok
14:12:53.0742 0x1ae4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:12:53.0804 0x1ae4  wudfsvc - ok
14:12:53.0836 0x1ae4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:12:53.0882 0x1ae4  WwanSvc - ok
14:12:53.0914 0x1ae4  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
14:12:53.0960 0x1ae4  yukonw7 - ok

Edited by restricted, 04 April 2014 - 05:30 PM.


#9 restricted

restricted
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Los Angeles, CA
  • Local time:08:36 PM

Posted 04 April 2014 - 05:10 PM

14:12:53.0976 0x1ae4  ================ Scan global ===============================
14:12:54.0023 0x1ae4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:12:54.0085 0x1ae4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:12:54.0116 0x1ae4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:12:54.0132 0x1ae4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:12:54.0179 0x1ae4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:12:54.0194 0x1ae4  [ Global ] - ok
14:12:54.0194 0x1ae4  ================ Scan MBR ==================================
14:12:54.0194 0x1ae4  [ DBFAA7CA676BF7407F906787DFCC0820 ] \Device\Harddisk0\DR0
14:12:55.0115 0x1ae4  \Device\Harddisk0\DR0 - ok
14:12:55.0115 0x1ae4  ================ Scan VBR ==================================
14:12:55.0115 0x1ae4  [ B7E995369727703B8766DB54D81B84CE ] \Device\Harddisk0\DR0\Partition1
14:12:55.0115 0x1ae4  \Device\Harddisk0\DR0\Partition1 - ok
14:12:55.0130 0x1ae4  [ 7ABAB96E0C2D90015CC93E4F150DF297 ] \Device\Harddisk0\DR0\Partition2
14:12:55.0130 0x1ae4  \Device\Harddisk0\DR0\Partition2 - ok
14:12:55.0162 0x1ae4  [ F5B454EA775222715F26B98E4F99C43C ] \Device\Harddisk0\DR0\Partition3
14:12:55.0162 0x1ae4  \Device\Harddisk0\DR0\Partition3 - ok
14:12:55.0177 0x1ae4  [ 678E12DE72011A7EBD843A49AD57A199 ] \Device\Harddisk0\DR0\Partition4
14:12:55.0177 0x1ae4  \Device\Harddisk0\DR0\Partition4 - ok
14:12:55.0193 0x1ae4  Waiting for KSN requests completion. In queue: 72
14:12:56.0207 0x1ae4  Waiting for KSN requests completion. In queue: 72
14:12:57.0221 0x1ae4  Waiting for KSN requests completion. In queue: 72
14:12:58.0235 0x1ae4  Waiting for KSN requests completion. In queue: 72
14:12:59.0311 0x1ae4  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\wmiav.exe ( 11.0.1.400 ), 0x41000 ( enabled : updated )
14:12:59.0327 0x1ae4  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\wmifw.exe ( 11.0.1.400 ), 0x41010 ( enabled )
14:13:02.0306 0x1ae4  ============================================================
14:13:02.0306 0x1ae4  Scan finished
14:13:02.0306 0x1ae4  ============================================================
14:13:02.0306 0x1ad8  Detected object count: 0
14:13:02.0306 0x1ad8  Actual detected object count: 0
14:13:07.0610 0x0a0c  ============================================================
14:13:07.0610 0x0a0c  Scan started
14:13:07.0610 0x0a0c  Mode: Manual; SigCheck; TDLFS; 
14:13:07.0610 0x0a0c  ============================================================
14:13:07.0610 0x0a0c  KSN ping started
14:13:10.0528 0x0a0c  KSN ping finished: true
14:13:10.0949 0x0a0c  ================ Scan system memory ========================
14:13:10.0949 0x0a0c  System memory - ok
14:13:10.0949 0x0a0c  ================ Scan services =============================
14:13:11.0152 0x0a0c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:13:11.0183 0x0a0c  1394ohci - ok
14:13:11.0230 0x0a0c  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
14:13:11.0245 0x0a0c  Accelerometer - ok
14:13:11.0308 0x0a0c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:13:11.0323 0x0a0c  ACPI - ok
14:13:11.0354 0x0a0c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:13:11.0370 0x0a0c  AcpiPmi - ok
14:13:11.0526 0x0a0c  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:13:11.0542 0x0a0c  AdobeFlashPlayerUpdateSvc - ok
14:13:11.0620 0x0a0c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:13:11.0651 0x0a0c  adp94xx - ok
14:13:11.0698 0x0a0c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:13:11.0729 0x0a0c  adpahci - ok
14:13:11.0776 0x0a0c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:13:11.0791 0x0a0c  adpu320 - ok
14:13:11.0838 0x0a0c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:13:11.0885 0x0a0c  AeLookupSvc - ok
14:13:11.0978 0x0a0c  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
14:13:11.0994 0x0a0c  AESTFilters - ok
14:13:12.0056 0x0a0c  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
14:13:12.0088 0x0a0c  AFD - ok
14:13:12.0134 0x0a0c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:13:12.0150 0x0a0c  agp440 - ok
14:13:12.0181 0x0a0c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:13:12.0197 0x0a0c  ALG - ok
14:13:12.0228 0x0a0c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:13:12.0259 0x0a0c  aliide - ok
14:13:12.0259 0x0a0c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:13:12.0290 0x0a0c  amdide - ok
14:13:12.0306 0x0a0c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:13:12.0337 0x0a0c  AmdK8 - ok
14:13:12.0353 0x0a0c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:13:12.0368 0x0a0c  AmdPPM - ok
14:13:12.0384 0x0a0c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:13:12.0415 0x0a0c  amdsata - ok
14:13:12.0446 0x0a0c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:13:12.0462 0x0a0c  amdsbs - ok
14:13:12.0478 0x0a0c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:13:12.0493 0x0a0c  amdxata - ok
14:13:12.0524 0x0a0c  [ 2EBBB690068EE790C77EE4AE41ED777C, 83BFD12CE4B9ADC28ED4C70DD10762E27CFF8ED77C13A28D8F116B22F0E7F362 ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
14:13:12.0540 0x0a0c  AmUStor - ok
14:13:12.0587 0x0a0c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
14:13:12.0634 0x0a0c  AppID - ok
14:13:12.0665 0x0a0c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:13:12.0712 0x0a0c  AppIDSvc - ok
14:13:12.0758 0x0a0c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
14:13:12.0774 0x0a0c  Appinfo - ok
14:13:12.0883 0x0a0c  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:13:12.0899 0x0a0c  Apple Mobile Device - ok
14:13:12.0930 0x0a0c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:13:12.0961 0x0a0c  AppMgmt - ok
14:13:12.0992 0x0a0c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:13:13.0008 0x0a0c  arc - ok
14:13:13.0039 0x0a0c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:13:13.0055 0x0a0c  arcsas - ok
14:13:13.0148 0x0a0c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:13:13.0164 0x0a0c  aspnet_state - ok
14:13:13.0180 0x0a0c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:13:13.0242 0x0a0c  AsyncMac - ok
14:13:13.0289 0x0a0c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:13:13.0304 0x0a0c  atapi - ok
14:13:13.0367 0x0a0c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:13:13.0429 0x0a0c  AudioEndpointBuilder - ok
14:13:13.0445 0x0a0c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:13:13.0523 0x0a0c  AudioSrv - ok
14:13:13.0585 0x0a0c  [ 946D70667B0119F2BEEAE0849E1D46A2, FC8EEC47319B51F8431FEBCB4F5CCE9F1B757D6B40D503B1F4352DE350D11C2F ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
14:13:13.0616 0x0a0c  AVP - ok
14:13:13.0648 0x0a0c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:13:13.0679 0x0a0c  AxInstSV - ok
14:13:13.0710 0x0a0c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
14:13:13.0741 0x0a0c  b06bdrv - ok
14:13:13.0772 0x0a0c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:13:13.0804 0x0a0c  b57nd60a - ok
14:13:13.0928 0x0a0c  [ 0E7A9264576B40638A3FBC804DE1FF76, D307179E6FA5D39E03175F37D297E4D0DA86CF0FC6EFA6CFCFAA0E8713489BC5 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
14:13:14.0022 0x0a0c  BCM43XX - ok
14:13:14.0053 0x0a0c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:13:14.0084 0x0a0c  BDESVC - ok
14:13:14.0084 0x0a0c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:13:14.0131 0x0a0c  Beep - ok
14:13:14.0178 0x0a0c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:13:14.0225 0x0a0c  BFE - ok
14:13:14.0287 0x0a0c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
14:13:14.0365 0x0a0c  BITS - ok
14:13:14.0381 0x0a0c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:13:14.0396 0x0a0c  blbdrive - ok
14:13:14.0443 0x0a0c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:13:14.0474 0x0a0c  Bonjour Service - ok
14:13:14.0506 0x0a0c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:13:14.0537 0x0a0c  bowser - ok
14:13:14.0568 0x0a0c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:13:14.0584 0x0a0c  BrFiltLo - ok
14:13:14.0599 0x0a0c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:13:14.0630 0x0a0c  BrFiltUp - ok
14:13:14.0646 0x0a0c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
14:13:14.0693 0x0a0c  BridgeMP - ok
14:13:14.0740 0x0a0c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:13:14.0771 0x0a0c  Browser - ok
14:13:14.0802 0x0a0c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:13:14.0833 0x0a0c  Brserid - ok
14:13:14.0849 0x0a0c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:13:14.0880 0x0a0c  BrSerWdm - ok
14:13:14.0880 0x0a0c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:13:14.0911 0x0a0c  BrUsbMdm - ok
14:13:14.0911 0x0a0c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:13:14.0927 0x0a0c  BrUsbSer - ok
14:13:14.0958 0x0a0c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:13:14.0989 0x0a0c  BTHMODEM - ok
14:13:15.0020 0x0a0c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:13:15.0067 0x0a0c  bthserv - ok
14:13:15.0176 0x0a0c  catchme - ok
14:13:15.0192 0x0a0c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:13:15.0254 0x0a0c  cdfs - ok
14:13:15.0270 0x0a0c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:13:15.0286 0x0a0c  cdrom - ok
14:13:15.0332 0x0a0c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:13:15.0379 0x0a0c  CertPropSvc - ok
14:13:15.0410 0x0a0c  [ 2C24DB5F78F0ACA759803001E6B4F320, 4977EBCCD7026E941E8AD997967378D3080131929B8FE4DBA6F929CEC3AAC728 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
14:13:15.0426 0x0a0c  CinemaNow Service - ok
14:13:15.0442 0x0a0c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:13:15.0457 0x0a0c  circlass - ok
14:13:15.0488 0x0a0c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
14:13:15.0504 0x0a0c  CLFS - ok
14:13:15.0551 0x0a0c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:13:15.0582 0x0a0c  clr_optimization_v2.0.50727_32 - ok
14:13:15.0613 0x0a0c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:13:15.0644 0x0a0c  clr_optimization_v2.0.50727_64 - ok
14:13:15.0676 0x0a0c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:13:15.0707 0x0a0c  clr_optimization_v4.0.30319_32 - ok
14:13:15.0722 0x0a0c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:13:15.0754 0x0a0c  clr_optimization_v4.0.30319_64 - ok
14:13:15.0769 0x0a0c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:13:15.0785 0x0a0c  CmBatt - ok
14:13:15.0832 0x0a0c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:13:15.0847 0x0a0c  cmdide - ok
14:13:15.0910 0x0a0c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
14:13:15.0941 0x0a0c  CNG - ok
14:13:15.0956 0x0a0c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:13:15.0972 0x0a0c  Compbatt - ok
14:13:16.0019 0x0a0c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:13:16.0034 0x0a0c  CompositeBus - ok
14:13:16.0050 0x0a0c  COMSysApp - ok
14:13:16.0066 0x0a0c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:13:16.0081 0x0a0c  crcdisk - ok
14:13:16.0128 0x0a0c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:13:16.0159 0x0a0c  CryptSvc - ok
14:13:16.0206 0x0a0c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
14:13:16.0237 0x0a0c  CSC - ok
14:13:16.0284 0x0a0c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
14:13:16.0315 0x0a0c  CscService - ok
14:13:16.0346 0x0a0c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:13:16.0393 0x0a0c  DcomLaunch - ok
14:13:16.0424 0x0a0c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:13:16.0487 0x0a0c  defragsvc - ok
14:13:16.0534 0x0a0c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:13:16.0580 0x0a0c  DfsC - ok
14:13:16.0596 0x0a0c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:13:16.0627 0x0a0c  Dhcp - ok
14:13:16.0643 0x0a0c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:13:16.0690 0x0a0c  discache - ok
14:13:16.0721 0x0a0c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:13:16.0736 0x0a0c  Disk - ok
14:13:16.0783 0x0a0c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:13:16.0799 0x0a0c  Dnscache - ok
14:13:16.0846 0x0a0c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:13:16.0924 0x0a0c  dot3svc - ok
14:13:16.0955 0x0a0c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:13:17.0002 0x0a0c  DPS - ok
14:13:17.0033 0x0a0c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:13:17.0048 0x0a0c  drmkaud - ok
14:13:17.0080 0x0a0c  [ A298AEA9FCA253E7EFF040A08C7C6376, 3A0B0C375D5C029ACF4BAF7881094D447E20E76C83049DBAD0F5FDB7802A7CDC ] DVMIO           C:\Windows\system32\DRIVERS\dvmio.sys
14:13:17.0095 0x0a0c  DVMIO - ok
14:13:17.0173 0x0a0c  [ B66B5B27C8C9881F90435A1F7FE370C3, DC257C7C971C3A268ED2982B14CDB5E1F61733E535C7BC24A1DFEB517246301F ] DvmMDES         C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
14:13:17.0204 0x0a0c  DvmMDES - ok
14:13:17.0267 0x0a0c  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:13:17.0314 0x0a0c  DXGKrnl - ok
14:13:17.0345 0x0a0c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:13:17.0392 0x0a0c  EapHost - ok
14:13:17.0532 0x0a0c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
14:13:17.0672 0x0a0c  ebdrv - ok
14:13:17.0719 0x0a0c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
14:13:17.0735 0x0a0c  EFS - ok
14:13:17.0844 0x0a0c  [ B15B00955C4A4413B1CB3F056D65148D, 8A010B2DB14AC33636AF1310D5E8FF99A6B883967C168ECC6A3FA9B752B6E192 ] EgisTec Service C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
14:13:17.0891 0x0a0c  EgisTec Service - ok
14:13:17.0953 0x0a0c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:13:18.0000 0x0a0c  ehRecvr - ok
14:13:18.0016 0x0a0c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:13:18.0047 0x0a0c  ehSched - ok
14:13:18.0109 0x0a0c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:13:18.0140 0x0a0c  elxstor - ok
14:13:18.0234 0x0a0c  [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
14:13:18.0234 0x0a0c  EpsonBidirectionalService - detected UnsignedFile.Multi.Generic ( 1 )
14:13:18.0234 0x0a0c  Detect skipped due to KSN trusted
14:13:18.0234 0x0a0c  EpsonBidirectionalService - ok
14:13:18.0281 0x0a0c  [ 757305C7AD34222F4A46D86FE0BEE241, 94540DC1EA19821EACC796EF4FE247005B02E417B30E91383D1260E9D9A8B747 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
14:13:18.0312 0x0a0c  EpsonCustomerParticipation - ok
14:13:18.0343 0x0a0c  [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
14:13:18.0374 0x0a0c  EpsonScanSvc - ok
14:13:18.0406 0x0a0c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:13:18.0421 0x0a0c  ErrDev - ok
14:13:18.0468 0x0a0c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:13:18.0546 0x0a0c  EventSystem - ok
14:13:18.0562 0x0a0c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:13:18.0624 0x0a0c  exfat - ok
14:13:18.0640 0x0a0c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:13:18.0686 0x0a0c  fastfat - ok
14:13:18.0749 0x0a0c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:13:18.0796 0x0a0c  Fax - ok
14:13:18.0811 0x0a0c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:13:18.0827 0x0a0c  fdc - ok
14:13:18.0842 0x0a0c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:13:18.0889 0x0a0c  fdPHost - ok
14:13:18.0905 0x0a0c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:13:18.0952 0x0a0c  FDResPub - ok
14:13:18.0967 0x0a0c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:13:18.0998 0x0a0c  FileInfo - ok
14:13:19.0014 0x0a0c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:13:19.0061 0x0a0c  Filetrace - ok
14:13:19.0108 0x0a0c  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:13:19.0139 0x0a0c  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
14:13:19.0139 0x0a0c  Detect skipped due to KSN trusted
14:13:19.0139 0x0a0c  FLEXnet Licensing Service - ok
14:13:19.0154 0x0a0c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:13:19.0170 0x0a0c  flpydisk - ok
14:13:19.0201 0x0a0c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:13:19.0217 0x0a0c  FltMgr - ok
14:13:19.0295 0x0a0c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
14:13:19.0342 0x0a0c  FontCache - ok
14:13:19.0404 0x0a0c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:13:19.0420 0x0a0c  FontCache3.0.0.0 - ok
14:13:19.0451 0x0a0c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:13:19.0466 0x0a0c  FsDepends - ok
14:13:19.0498 0x0a0c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:13:19.0529 0x0a0c  Fs_Rec - ok
14:13:19.0576 0x0a0c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:13:19.0591 0x0a0c  fvevol - ok
14:13:19.0638 0x0a0c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:13:19.0638 0x0a0c  gagp30kx - ok
14:13:19.0700 0x0a0c  [ E53EE18A21C025DEABCFE0F72FC481BB, 4725BEA1AACDCEA8E2EF45DB6385BBD0261DD89D5582647355D8762DB1447743 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
14:13:19.0716 0x0a0c  GameConsoleService - ok
14:13:19.0778 0x0a0c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:13:19.0794 0x0a0c  GEARAspiWDM - ok
14:13:19.0872 0x0a0c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:13:19.0950 0x0a0c  gpsvc - ok
14:13:19.0981 0x0a0c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:13:19.0997 0x0a0c  hcw85cir - ok
14:13:20.0044 0x0a0c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:13:20.0075 0x0a0c  HdAudAddService - ok
14:13:20.0090 0x0a0c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:13:20.0122 0x0a0c  HDAudBus - ok
14:13:20.0153 0x0a0c  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
14:13:20.0153 0x0a0c  HECIx64 - ok
14:13:20.0184 0x0a0c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:13:20.0200 0x0a0c  HidBatt - ok
14:13:20.0231 0x0a0c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:13:20.0262 0x0a0c  HidBth - ok
14:13:20.0278 0x0a0c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:13:20.0293 0x0a0c  HidIr - ok
14:13:20.0324 0x0a0c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
14:13:20.0371 0x0a0c  hidserv - ok
14:13:20.0402 0x0a0c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:13:20.0434 0x0a0c  HidUsb - ok
14:13:20.0465 0x0a0c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:13:20.0512 0x0a0c  hkmsvc - ok
14:13:20.0558 0x0a0c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:13:20.0590 0x0a0c  HomeGroupListener - ok
14:13:20.0621 0x0a0c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:13:20.0652 0x0a0c  HomeGroupProvider - ok
14:13:20.0714 0x0a0c  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:13:20.0714 0x0a0c  HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
14:13:20.0714 0x0a0c  Detect skipped due to KSN trusted
14:13:20.0730 0x0a0c  HP Support Assistant Service - ok
14:13:20.0761 0x0a0c  [ A2DE0A67C77EBC6DFAD3D55232790ADD, 12374AD692CE8FA2462DA590D31BF847B61EBC3EFBC0690C1A746AFFA6C13C3A ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
14:13:20.0777 0x0a0c  HP Wireless Assistant Service - ok
14:13:20.0808 0x0a0c  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
14:13:20.0824 0x0a0c  hpdskflt - ok
14:13:20.0917 0x0a0c  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:13:20.0933 0x0a0c  hpqcxs08 - ok
14:13:20.0980 0x0a0c  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:13:20.0995 0x0a0c  hpqddsvc - ok
14:13:21.0058 0x0a0c  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
14:13:21.0104 0x0a0c  hpqwmiex - ok
14:13:21.0151 0x0a0c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:13:21.0167 0x0a0c  HpSAMD - ok
14:13:21.0229 0x0a0c  [ D4F91CF4DE215D6F14A06087D46725E4, 656E78AB0CD5B3DA396F937CF05863F80C9E430EDED6F68A88F39604A052921B ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
14:13:21.0260 0x0a0c  HPSLPSVC - ok
14:13:21.0292 0x0a0c  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\Windows\system32\Hpservice.exe
14:13:21.0307 0x0a0c  hpsrv - ok
14:13:21.0338 0x0a0c  [ F46DEEEF47977B6C1783A1F09C0697A8, F11134B1E4EA5F5BB7A78658D0CF7881232AA791933EA1D4DC2960DBE2CA270C ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
14:13:21.0354 0x0a0c  HPSupportSolutionsFrameworkService - ok
14:13:21.0385 0x0a0c  [ B6492D01712A22FF3FEA25A999DBD321, DA0BB9F4EC5352409F492378168C5A256186B1E76463C72ADE06C63F46363BEF ] HPWMISVC        C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
14:13:21.0385 0x0a0c  HPWMISVC - detected UnsignedFile.Multi.Generic ( 1 )
14:13:21.0385 0x0a0c  Detect skipped due to KSN trusted
14:13:21.0385 0x0a0c  HPWMISVC - ok
14:13:21.0448 0x0a0c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:13:21.0526 0x0a0c  HTTP - ok
14:13:21.0557 0x0a0c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:13:21.0588 0x0a0c  hwpolicy - ok
14:13:21.0619 0x0a0c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:13:21.0635 0x0a0c  i8042prt - ok
14:13:21.0682 0x0a0c  [ A5F72BB0D024E7E463344105BE613AE4, 22B1DED17118C85ACC1F57996FA13428FFE8C96051FAF5212A7E37430F4C62E8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:13:21.0728 0x0a0c  iaStor - ok
14:13:21.0775 0x0a0c  [ 1E7999FE262B0A5FB84485C3A9AD06F1, EF42B436B35AD0A1FCCE4DD23DF1D6934A79E49FCD8AF90787A643B2290932F8 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
14:13:21.0791 0x0a0c  IAStorDataMgrSvc - ok
14:13:21.0838 0x0a0c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:13:21.0869 0x0a0c  iaStorV - ok
14:13:21.0931 0x0a0c  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
14:13:21.0931 0x0a0c  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
14:13:21.0931 0x0a0c  Detect skipped due to KSN trusted
14:13:21.0931 0x0a0c  IDriverT - ok
14:13:21.0978 0x0a0c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:13:22.0025 0x0a0c  idsvc - ok
14:13:22.0415 0x0a0c  [ 1BE8D9CA4F2363B8E8015621878E0043, 695B5F88A6F6943156D033DAA86188F50308AD71FCF26CF0AEDF7E23F774FB56 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:13:22.0898 0x0a0c  igfx - ok
14:13:22.0961 0x0a0c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:13:22.0976 0x0a0c  iirsp - ok
14:13:23.0054 0x0a0c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:13:23.0117 0x0a0c  IKEEXT - ok
14:13:23.0148 0x0a0c  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
14:13:23.0179 0x0a0c  Impcd - ok
14:13:23.0210 0x0a0c  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
14:13:23.0242 0x0a0c  IntcDAud - ok
14:13:23.0273 0x0a0c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:13:23.0288 0x0a0c  intelide - ok
14:13:23.0320 0x0a0c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:13:23.0351 0x0a0c  intelppm - ok
14:13:23.0382 0x0a0c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:13:23.0444 0x0a0c  IPBusEnum - ok
14:13:23.0491 0x0a0c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:13:23.0538 0x0a0c  IpFilterDriver - ok
14:13:23.0600 0x0a0c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:13:23.0632 0x0a0c  iphlpsvc - ok
14:13:23.0678 0x0a0c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:13:23.0694 0x0a0c  IPMIDRV - ok
14:13:23.0710 0x0a0c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:13:23.0756 0x0a0c  IPNAT - ok
14:13:23.0819 0x0a0c  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:13:23.0850 0x0a0c  iPod Service - ok
14:13:23.0881 0x0a0c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:13:23.0897 0x0a0c  IRENUM - ok
14:13:23.0928 0x0a0c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:13:23.0959 0x0a0c  isapnp - ok
14:13:23.0975 0x0a0c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
14:13:24.0006 0x0a0c  iScsiPrt - ok
14:13:24.0022 0x0a0c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:13:24.0037 0x0a0c  kbdclass - ok
14:13:24.0068 0x0a0c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:13:24.0084 0x0a0c  kbdhid - ok
14:13:24.0100 0x0a0c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
14:13:24.0131 0x0a0c  KeyIso - ok
14:13:24.0162 0x0a0c  [ 8D7120743A0973CEAB548B475C9D4289, 2DE1EA589A4D51D1A79C983B5E130F59203E0F1B2253AC29681D8D86F71EF2CB ] KL1             C:\Windows\system32\DRIVERS\kl1.sys
14:13:24.0178 0x0a0c  KL1 - ok
14:13:24.0193 0x0a0c  [ CD146D8E525D6EEBDCAF24120A8AB9CE, ABA62BC21894D7DB0B63C0B5D7DB2BE9686F919F3167135151BE4F1C3CAB9E04 ] kl2             C:\Windows\system32\DRIVERS\kl2.sys
14:13:24.0209 0x0a0c  kl2 - ok
14:13:24.0240 0x0a0c  [ 177505577604C94C4BE7B9316A90ADA1, 2D2550DE5D45E5EFA734DBB769474B0A5C9B67DB5F516787B3B872F5E42B57D9 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
14:13:24.0271 0x0a0c  KLIF - ok
14:13:24.0287 0x0a0c  [ 2A64B3A9EED93A2E96537B67C079FC96, C0DF19AE51393BD310E6483C917E1221645A55776D77774CECA6F33D16CFF9B9 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
14:13:24.0302 0x0a0c  KLIM6 - ok
14:13:24.0318 0x0a0c  [ 9468D07E91BA136D82415F5DFC1FE168, EF9AA5CD94093E06023A42501557B2C4684806DBBC07D2F77F9AE2F3C6EA2430 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
14:13:24.0318 0x0a0c  klmouflt - ok
14:13:24.0365 0x0a0c  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:13:24.0380 0x0a0c  KSecDD - ok
14:13:24.0412 0x0a0c  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:13:24.0427 0x0a0c  KSecPkg - ok
14:13:24.0443 0x0a0c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:13:24.0490 0x0a0c  ksthunk - ok
14:13:24.0521 0x0a0c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:13:24.0583 0x0a0c  KtmRm - ok
14:13:24.0630 0x0a0c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
14:13:24.0677 0x0a0c  LanmanServer - ok
14:13:24.0724 0x0a0c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:13:24.0770 0x0a0c  LanmanWorkstation - ok
14:13:24.0770 0x0a0c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:13:24.0817 0x0a0c  lltdio - ok
14:13:24.0848 0x0a0c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:13:24.0895 0x0a0c  lltdsvc - ok
14:13:24.0911 0x0a0c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:13:24.0958 0x0a0c  lmhosts - ok
14:13:25.0004 0x0a0c  [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:13:25.0020 0x0a0c  LMS - ok
14:13:25.0051 0x0a0c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:13:25.0067 0x0a0c  LSI_FC - ok
14:13:25.0082 0x0a0c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:13:25.0114 0x0a0c  LSI_SAS - ok
14:13:25.0129 0x0a0c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:13:25.0160 0x0a0c  LSI_SAS2 - ok
14:13:25.0160 0x0a0c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:13:25.0192 0x0a0c  LSI_SCSI - ok
14:13:25.0223 0x0a0c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:13:25.0270 0x0a0c  luafv - ok
14:13:25.0301 0x0a0c  [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:13:25.0316 0x0a0c  LVPr2M64 - ok
14:13:25.0332 0x0a0c  [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:13:25.0348 0x0a0c  LVPr2Mon - ok
14:13:25.0394 0x0a0c  [ EF586B959F747E74C76603FF16AE417B, 751AAB31D7B5542C06F1E9145AC2DCB073EAF7FE5FDE100ED404564D21317417 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
14:13:25.0410 0x0a0c  LVRS64 - ok
14:13:25.0582 0x0a0c  [ EDF73BFA1BD24D74D1D64DC0ED28A7CD, BD8D9D15C83EF1C9467A137764E128D80CFE58A2B728CDB57CB272D426702318 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
14:13:25.0738 0x0a0c  LVUVC64 - ok
14:13:25.0769 0x0a0c  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
14:13:25.0784 0x0a0c  MBAMProtector - ok
14:13:25.0831 0x0a0c  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:13:25.0862 0x0a0c  MBAMScheduler - ok
14:13:25.0894 0x0a0c  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:13:25.0940 0x0a0c  MBAMService - ok
14:13:25.0972 0x0a0c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:13:25.0987 0x0a0c  Mcx2Svc - ok
14:13:26.0018 0x0a0c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:13:26.0034 0x0a0c  megasas - ok
14:13:26.0065 0x0a0c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:13:26.0096 0x0a0c  MegaSR - ok
14:13:26.0112 0x0a0c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:13:26.0159 0x0a0c  MMCSS - ok
14:13:26.0174 0x0a0c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:13:26.0221 0x0a0c  Modem - ok
14:13:26.0237 0x0a0c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:13:26.0268 0x0a0c  monitor - ok
14:13:26.0299 0x0a0c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:13:26.0315 0x0a0c  mouclass - ok
14:13:26.0330 0x0a0c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:13:26.0362 0x0a0c  mouhid - ok
14:13:26.0393 0x0a0c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:13:26.0408 0x0a0c  mountmgr - ok
14:13:26.0424 0x0a0c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:13:26.0455 0x0a0c  mpio - ok
14:13:26.0471 0x0a0c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:13:26.0518 0x0a0c  mpsdrv - ok
14:13:26.0580 0x0a0c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:13:26.0642 0x0a0c  MpsSvc - ok
14:13:26.0674 0x0a0c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:13:26.0705 0x0a0c  MRxDAV - ok
14:13:26.0736 0x0a0c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:13:26.0752 0x0a0c  mrxsmb - ok
14:13:26.0798 0x0a0c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:13:26.0830 0x0a0c  mrxsmb10 - ok
14:13:26.0845 0x0a0c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:13:26.0861 0x0a0c  mrxsmb20 - ok
14:13:26.0908 0x0a0c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:13:26.0923 0x0a0c  msahci - ok
14:13:27.0001 0x0a0c  [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D, FEA8FB1B8752660EC6174542B24D234A61EBFF8318A5855B3E5C91DB86856CAB ] MSCSPTISRV      C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
14:13:27.0017 0x0a0c  MSCSPTISRV - detected UnsignedFile.Multi.Generic ( 1 )
14:13:27.0017 0x0a0c  Detect skipped due to KSN trusted
14:13:27.0017 0x0a0c  MSCSPTISRV - ok
14:13:27.0048 0x0a0c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:13:27.0079 0x0a0c  msdsm - ok
14:13:27.0095 0x0a0c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:13:27.0110 0x0a0c  MSDTC - ok
14:13:27.0142 0x0a0c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:13:27.0188 0x0a0c  Msfs - ok
14:13:27.0204 0x0a0c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:13:27.0251 0x0a0c  mshidkmdf - ok
14:13:27.0282 0x0a0c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:13:27.0298 0x0a0c  msisadrv - ok
14:13:27.0313 0x0a0c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:13:27.0376 0x0a0c  MSiSCSI - ok
14:13:27.0376 0x0a0c  msiserver - ok
14:13:27.0391 0x0a0c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:13:27.0438 0x0a0c  MSKSSRV - ok
14:13:27.0454 0x0a0c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:13:27.0485 0x0a0c  MSPCLOCK - ok
14:13:27.0500 0x0a0c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:13:27.0547 0x0a0c  MSPQM - ok
14:13:27.0625 0x0a0c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:13:27.0656 0x0a0c  MsRPC - ok
14:13:27.0688 0x0a0c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:13:27.0703 0x0a0c  mssmbios - ok
14:13:27.0719 0x0a0c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:13:27.0766 0x0a0c  MSTEE - ok
14:13:27.0781 0x0a0c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:13:27.0812 0x0a0c  MTConfig - ok
14:13:27.0812 0x0a0c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:13:27.0828 0x0a0c  Mup - ok
14:13:27.0890 0x0a0c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:13:27.0937 0x0a0c  napagent - ok
14:13:27.0968 0x0a0c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:13:28.0000 0x0a0c  NativeWifiP - ok
14:13:28.0062 0x0a0c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:13:28.0109 0x0a0c  NDIS - ok
14:13:28.0124 0x0a0c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:13:28.0156 0x0a0c  NdisCap - ok
14:13:28.0171 0x0a0c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:13:28.0218 0x0a0c  NdisTapi - ok
14:13:28.0249 0x0a0c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:13:28.0296 0x0a0c  Ndisuio - ok
14:13:28.0343 0x0a0c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:13:28.0405 0x0a0c  NdisWan - ok
14:13:28.0436 0x0a0c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:13:28.0483 0x0a0c  NDProxy - ok
14:13:28.0530 0x0a0c  [ D4F51E88C71BF8F06EA1BE320B0BB75B, ABDA528F8159290BFDFBAAFC3BDA4484649FF612FD1D9E74284CA7DBA00A4B0D ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:13:28.0530 0x0a0c  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
14:13:28.0530 0x0a0c  Detect skipped due to KSN trusted
14:13:28.0530 0x0a0c  Net Driver HPZ12 - ok
14:13:28.0546 0x0a0c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:13:28.0608 0x0a0c  NetBIOS - ok
14:13:28.0624 0x0a0c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:13:28.0702 0x0a0c  NetBT - ok
14:13:28.0717 0x0a0c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
14:13:28.0733 0x0a0c  Netlogon - ok
14:13:28.0780 0x0a0c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:13:28.0842 0x0a0c  Netman - ok
14:13:28.0873 0x0a0c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:13:28.0889 0x0a0c  NetMsmqActivator - ok
14:13:28.0889 0x0a0c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:13:28.0920 0x0a0c  NetPipeActivator - ok
14:13:28.0951 0x0a0c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:13:29.0014 0x0a0c  netprofm - ok
14:13:29.0014 0x0a0c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:13:29.0045 0x0a0c  NetTcpActivator - ok
14:13:29.0060 0x0a0c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:13:29.0076 0x0a0c  NetTcpPortSharing - ok
14:13:29.0263 0x0a0c  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
14:13:29.0466 0x0a0c  netw5v64 - ok
14:13:29.0528 0x0a0c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:13:29.0544 0x0a0c  nfrd960 - ok
14:13:29.0575 0x0a0c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:13:29.0606 0x0a0c  NlaSvc - ok
14:13:29.0638 0x0a0c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:13:29.0684 0x0a0c  Npfs - ok
14:13:29.0716 0x0a0c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:13:29.0778 0x0a0c  nsi - ok
14:13:29.0794 0x0a0c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:13:29.0840 0x0a0c  nsiproxy - ok
14:13:29.0934 0x0a0c  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:13:29.0996 0x0a0c  Ntfs - ok
14:13:30.0012 0x0a0c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:13:30.0074 0x0a0c  Null - ok
14:13:30.0090 0x0a0c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:13:30.0121 0x0a0c  nvraid - ok
14:13:30.0152 0x0a0c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:13:30.0184 0x0a0c  nvstor - ok
14:13:30.0199 0x0a0c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:13:30.0215 0x0a0c  nv_agp - ok
14:13:30.0230 0x0a0c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:13:30.0262 0x0a0c  ohci1394 - ok
14:13:30.0308 0x0a0c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:13:30.0324 0x0a0c  ose - ok
14:13:30.0542 0x0a0c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:13:30.0714 0x0a0c  osppsvc - ok
14:13:30.0776 0x0a0c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:13:30.0808 0x0a0c  p2pimsvc - ok
14:13:30.0839 0x0a0c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:13:30.0870 0x0a0c  p2psvc - ok
14:13:30.0917 0x0a0c  [ 753A8F339F231D2B857E2CCD51A6E6CA, 59510E69D623B9DA725A8097A44FD210FCF05BB3BA27D5296EA4610359DA0831 ] PACSPTISVR      C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
14:13:30.0917 0x0a0c  PACSPTISVR - detected UnsignedFile.Multi.Generic ( 1 )
14:13:30.0917 0x0a0c  Detect skipped due to KSN trusted
14:13:30.0917 0x0a0c  PACSPTISVR - ok
14:13:30.0948 0x0a0c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:13:30.0979 0x0a0c  Parport - ok
14:13:31.0010 0x0a0c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:13:31.0026 0x0a0c  partmgr - ok
14:13:31.0042 0x0a0c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:13:31.0073 0x0a0c  PcaSvc - ok
14:13:31.0104 0x0a0c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:13:31.0135 0x0a0c  pci - ok
14:13:31.0166 0x0a0c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:13:31.0182 0x0a0c  pciide - ok
14:13:31.0213 0x0a0c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:13:31.0244 0x0a0c  pcmcia - ok
14:13:31.0260 0x0a0c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:13:31.0276 0x0a0c  pcw - ok
14:13:31.0307 0x0a0c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:13:31.0369 0x0a0c  PEAUTH - ok
14:13:31.0432 0x0a0c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:13:31.0494 0x0a0c  PeerDistSvc - ok
14:13:31.0572 0x0a0c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:13:31.0588 0x0a0c  PerfHost - ok
14:13:31.0666 0x0a0c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
14:13:31.0775 0x0a0c  pla - ok
14:13:31.0822 0x0a0c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:13:31.0853 0x0a0c  PlugPlay - ok
14:13:31.0900 0x0a0c  [ 9A80707D8B6C1806531BFD7399B3CC76, C9996A265B0C461843DECE336314AEDD38D3F0644A8AA4D3F20D3496AD17956B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:13:31.0900 0x0a0c  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
14:13:31.0900 0x0a0c  Detect skipped due to KSN trusted
14:13:31.0900 0x0a0c  Pml Driver HPZ12 - ok
14:13:31.0931 0x0a0c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:13:32.0040 0x0a0c  PNRPAutoReg - ok
14:13:32.0071 0x0a0c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:13:32.0102 0x0a0c  PNRPsvc - ok
14:13:32.0149 0x0a0c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:13:32.0227 0x0a0c  PolicyAgent - ok
14:13:32.0274 0x0a0c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:13:32.0336 0x0a0c  Power - ok
14:13:32.0368 0x0a0c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:13:32.0430 0x0a0c  PptpMiniport - ok
14:13:32.0461 0x0a0c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:13:32.0477 0x0a0c  Processor - ok
14:13:32.0524 0x0a0c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:13:32.0539 0x0a0c  ProfSvc - ok
14:13:32.0586 0x0a0c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
14:13:32.0602 0x0a0c  ProtectedStorage - ok
14:13:32.0648 0x0a0c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:13:32.0711 0x0a0c  Psched - ok
14:13:32.0742 0x0a0c  [ 5D6C8E778F0218FCD2CCA0EFBC9766CA, 55B9BD7D168790883E748D9C09DA64E4FEEAC36EC172371DCD108F7F148887B3 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
14:13:32.0758 0x0a0c  PxHlpa64 - ok
14:13:32.0836 0x0a0c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:13:32.0898 0x0a0c  ql2300 - ok
14:13:32.0914 0x0a0c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:13:32.0945 0x0a0c  ql40xx - ok
14:13:32.0976 0x0a0c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:13:33.0007 0x0a0c  QWAVE - ok
14:13:33.0038 0x0a0c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:13:33.0054 0x0a0c  QWAVEdrv - ok
14:13:33.0070 0x0a0c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:13:33.0132 0x0a0c  RasAcd - ok
14:13:33.0148 0x0a0c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:13:33.0194 0x0a0c  RasAgileVpn - ok
14:13:33.0210 0x0a0c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:13:33.0272 0x0a0c  RasAuto - ok
14:13:33.0319 0x0a0c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:13:33.0366 0x0a0c  Rasl2tp - ok
14:13:33.0413 0x0a0c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:13:33.0460 0x0a0c  RasMan - ok
14:13:33.0491 0x0a0c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:13:33.0538 0x0a0c  RasPppoe - ok
14:13:33.0553 0x0a0c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:13:33.0600 0x0a0c  RasSstp - ok
14:13:33.0631 0x0a0c  [ 96597C96D5ACF4A3EF0B24D396853879, 25A969C04D9F19BA6A047DA5E349A09A85D78F982E8E29C34B4581AC267E6482 ] rcmirror        C:\Windows\system32\DRIVERS\rcmirror.sys
14:13:33.0647 0x0a0c  rcmirror - ok
14:13:33.0694 0x0a0c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:13:33.0756 0x0a0c  rdbss - ok
14:13:33.0772 0x0a0c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:13:33.0803 0x0a0c  rdpbus - ok
14:13:33.0803 0x0a0c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:13:33.0850 0x0a0c  RDPCDD - ok
14:13:33.0896 0x0a0c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:13:33.0912 0x0a0c  RDPDR - ok
14:13:33.0943 0x0a0c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:13:33.0990 0x0a0c  RDPENCDD - ok
14:13:34.0006 0x0a0c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:13:34.0052 0x0a0c  RDPREFMP - ok
14:13:34.0084 0x0a0c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:13:34.0099 0x0a0c  RdpVideoMiniport - ok
14:13:34.0146 0x0a0c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:13:34.0162 0x0a0c  RDPWD - ok
14:13:34.0208 0x0a0c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:13:34.0240 0x0a0c  rdyboost - ok
14:13:34.0240 0x0a0c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:13:34.0286 0x0a0c  RemoteAccess - ok
14:13:34.0318 0x0a0c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:13:34.0364 0x0a0c  RemoteRegistry - ok
14:13:34.0364 0x0a0c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:13:34.0411 0x0a0c  RpcEptMapper - ok
14:13:34.0427 0x0a0c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:13:34.0442 0x0a0c  RpcLocator - ok
14:13:34.0505 0x0a0c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
14:13:34.0567 0x0a0c  RpcSs - ok
14:13:34.0598 0x0a0c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:13:34.0661 0x0a0c  rspndr - ok
14:13:34.0708 0x0a0c  [ 6074829C74C5C72AB65AD2CEE9C1BB47, 7EDF3967350BE9581B93822583D632E9AE6245DC894718F5AB2983EC2447E02E ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:13:34.0739 0x0a0c  RTL8167 - ok
14:13:34.0754 0x0a0c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
14:13:34.0770 0x0a0c  SamSs - ok
14:13:34.0801 0x0a0c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:13:34.0817 0x0a0c  sbp2port - ok
14:13:34.0848 0x0a0c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:13:34.0910 0x0a0c  SCardSvr - ok
14:13:34.0942 0x0a0c  [ 8356DD6C4F1744701B94FE85743A6A78, E803690C7C1FA01533BB0C06C8A9EB8FD2081877FC97EB7F45374D1E89BB96E0 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
14:13:34.0957 0x0a0c  SCDEmu - ok
14:13:35.0004 0x0a0c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:13:35.0051 0x0a0c  scfilter - ok
14:13:35.0160 0x0a0c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
14:13:35.0254 0x0a0c  Schedule - ok
14:13:35.0285 0x0a0c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:13:35.0332 0x0a0c  SCPolicySvc - ok
14:13:35.0347 0x0a0c  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
14:13:35.0378 0x0a0c  sdbus - ok
14:13:35.0410 0x0a0c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:13:35.0441 0x0a0c  SDRSVC - ok
14:13:35.0456 0x0a0c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:13:35.0503 0x0a0c  secdrv - ok
14:13:35.0534 0x0a0c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
14:13:35.0597 0x0a0c  seclogon - ok
14:13:35.0612 0x0a0c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
14:13:35.0675 0x0a0c  SENS - ok
14:13:35.0690 0x0a0c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:13:35.0722 0x0a0c  SensrSvc - ok
14:13:35.0737 0x0a0c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:13:35.0753 0x0a0c  Serenum - ok
14:13:35.0768 0x0a0c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:13:35.0800 0x0a0c  Serial - ok
14:13:35.0862 0x0a0c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:13:35.0878 0x0a0c  sermouse - ok
14:13:35.0940 0x0a0c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:13:35.0971 0x0a0c  SessionEnv - ok
14:13:36.0018 0x0a0c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:13:36.0034 0x0a0c  sffdisk - ok
14:13:36.0065 0x0a0c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:13:36.0080 0x0a0c  sffp_mmc - ok
14:13:36.0096 0x0a0c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:13:36.0127 0x0a0c  sffp_sd - ok
14:13:36.0143 0x0a0c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:13:36.0158 0x0a0c  sfloppy - ok
14:13:36.0190 0x0a0c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:13:36.0252 0x0a0c  SharedAccess - ok
14:13:36.0314 0x0a0c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:13:36.0361 0x0a0c  ShellHWDetection - ok
14:13:36.0439 0x0a0c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:13:36.0455 0x0a0c  SiSRaid2 - ok
14:13:36.0486 0x0a0c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:13:36.0502 0x0a0c  SiSRaid4 - ok
14:13:36.0611 0x0a0c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:13:36.0642 0x0a0c  SkypeUpdate - ok
14:13:36.0673 0x0a0c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:13:36.0736 0x0a0c  Smb - ok
14:13:36.0782 0x0a0c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:13:36.0798 0x0a0c  SNMPTRAP - ok
14:13:36.0829 0x0a0c  [ 977AAA4398D7D6FA65D973F5B3F54E40, 9E7DD68E62A0BC6A8F512582E7B7BA00CC90CEA65B1F46EA6922C38C2D340021 ] SonicStage Back-End Service C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe
14:13:36.0845 0x0a0c  SonicStage Back-End Service - ok
14:13:36.0876 0x0a0c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:13:36.0892 0x0a0c  spldr - ok
14:13:36.0954 0x0a0c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
14:13:37.0001 0x0a0c  Spooler - ok
14:13:37.0250 0x0a0c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:13:37.0406 0x0a0c  sppsvc - ok
14:13:37.0438 0x0a0c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:13:37.0484 0x0a0c  sppuinotify - ok
14:13:37.0562 0x0a0c  [ 602884696850C86434530790B110E8EB, C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA ] sptd            C:\Windows\System32\Drivers\sptd.sys
14:13:37.0609 0x0a0c  sptd - ok
14:13:37.0672 0x0a0c  [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1, BDCCF36D760B8B92BD8DF54C6F2992D66B76EBA1999623F60F0D68CD91D3CEE1 ] SPTISRV         C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe
14:13:37.0672 0x0a0c  SPTISRV - detected UnsignedFile.Multi.Generic ( 1 )
14:13:37.0672 0x0a0c  Detect skipped due to KSN trusted
14:13:37.0672 0x0a0c  SPTISRV - ok
14:13:37.0734 0x0a0c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:13:37.0781 0x0a0c  srv - ok
14:13:37.0843 0x0a0c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:13:37.0874 0x0a0c  srv2 - ok
14:13:37.0921 0x0a0c  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:13:37.0952 0x0a0c  SrvHsfHDA - ok
14:13:38.0015 0x0a0c  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:13:38.0093 0x0a0c  SrvHsfV92 - ok
14:13:38.0140 0x0a0c  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:13:38.0186 0x0a0c  SrvHsfWinac - ok
14:13:38.0202 0x0a0c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:13:38.0233 0x0a0c  srvnet - ok
14:13:38.0264 0x0a0c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:13:38.0327 0x0a0c  SSDPSRV - ok
14:13:38.0420 0x0a0c  [ 756E371B3B86A3D3039926D32EAC0E8D, 7D3EE49848B90F0815599EC35897E23ECB69BF2686A8F1907E974B4F21419F5D ] SSScsiSV        C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe
14:13:38.0436 0x0a0c  SSScsiSV - ok
14:13:38.0467 0x0a0c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:13:38.0530 0x0a0c  SstpSvc - ok
14:13:38.0654 0x0a0c  [ B2D8B364A831427A5741F6C408FA8AE3, 17BA3A936B26A2E4169F87C5E84DDA1E7892511D6B8A2E39564CCC930F582A64 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
14:13:38.0701 0x0a0c  STacSV - ok
14:13:38.0732 0x0a0c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:13:38.0748 0x0a0c  stexstor - ok
14:13:38.0826 0x0a0c  [ EF5ACDE92BA3F691BBFEF781CB063501, 4E16919DE52D8766FF88921F6B95B4015842F28EA19EAEF1D808BB3161713583 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
14:13:38.0857 0x0a0c  STHDA - ok
14:13:38.0888 0x0a0c  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
14:13:38.0920 0x0a0c  StillCam - ok
14:13:39.0013 0x0a0c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:13:39.0076 0x0a0c  stisvc - ok
14:13:39.0107 0x0a0c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:13:39.0122 0x0a0c  swenum - ok
14:13:39.0200 0x0a0c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:13:39.0263 0x0a0c  swprv - ok
14:13:39.0263 0x0a0c  Synth3dVsc - ok
14:13:39.0310 0x0a0c  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
14:13:39.0341 0x0a0c  SynTP - ok
14:13:39.0450 0x0a0c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
14:13:39.0544 0x0a0c  SysMain - ok
14:13:39.0606 0x0a0c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:13:39.0637 0x0a0c  TabletInputService - ok
14:13:39.0668 0x0a0c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:13:39.0715 0x0a0c  TapiSrv - ok
14:13:39.0746 0x0a0c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
14:13:39.0793 0x0a0c  TBS - ok
14:13:39.0887 0x0a0c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:13:39.0949 0x0a0c  Tcpip - ok
14:13:39.0996 0x0a0c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:13:40.0058 0x0a0c  TCPIP6 - ok
14:13:40.0105 0x0a0c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:13:40.0121 0x0a0c  tcpipreg - ok
14:13:40.0168 0x0a0c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:13:40.0183 0x0a0c  TDPIPE - ok
14:13:40.0214 0x0a0c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:13:40.0246 0x0a0c  TDTCP - ok
14:13:40.0292 0x0a0c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:13:40.0339 0x0a0c  tdx - ok
14:13:40.0386 0x0a0c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:13:40.0402 0x0a0c  TermDD - ok
14:13:40.0511 0x0a0c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
14:13:40.0604 0x0a0c  TermService - ok
14:13:40.0651 0x0a0c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:13:40.0682 0x0a0c  Themes - ok
14:13:40.0714 0x0a0c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:13:40.0760 0x0a0c  THREADORDER - ok
14:13:40.0792 0x0a0c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:13:40.0854 0x0a0c  TrkWks - ok
14:13:40.0932 0x0a0c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:13:40.0979 0x0a0c  TrustedInstaller - ok
14:13:41.0026 0x0a0c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:13:41.0041 0x0a0c  tssecsrv - ok
14:13:41.0104 0x0a0c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:13:41.0119 0x0a0c  TsUsbFlt - ok
14:13:41.0119 0x0a0c  tsusbhub - ok
14:13:41.0182 0x0a0c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:13:41.0244 0x0a0c  tunnel - ok
14:13:41.0275 0x0a0c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:13:41.0291 0x0a0c  uagp35 - ok
14:13:41.0400 0x0a0c  [ 6ED5BAAF4CF1FE809D2511D001B0A7C6, 0A6439000CB2A237403F9CF8B76530A295341B94D7D335DE352ECCC50BFFD64D ] UCManSvc        C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
14:13:41.0416 0x0a0c  UCManSvc - detected UnsignedFile.Multi.Generic ( 1 )
14:13:41.0416 0x0a0c  Detect skipped due to KSN trusted
14:13:41.0416 0x0a0c  UCManSvc - ok
14:13:41.0462 0x0a0c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:13:41.0525 0x0a0c  udfs - ok
14:13:41.0556 0x0a0c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:13:41.0572 0x0a0c  UI0Detect - ok
14:13:41.0603 0x0a0c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:13:41.0618 0x0a0c  uliagpkx - ok
14:13:41.0650 0x0a0c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
14:13:41.0681 0x0a0c  umbus - ok
14:13:41.0712 0x0a0c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:13:41.0728 0x0a0c  UmPass - ok
14:13:41.0774 0x0a0c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:13:41.0806 0x0a0c  UmRdpService - ok
14:13:41.0899 0x0a0c  [ 8B802B483CBDE06F62DBC04DC7AFAF8E, 92E20096D2953DF8C4812EED2ED1A8AD1AF9CE20740B3ACDA33A1DC5B4D0E00B ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
14:13:41.0930 0x0a0c  UMVPFSrv - ok
14:13:42.0133 0x0a0c  [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:13:42.0211 0x0a0c  UNS - ok
14:13:42.0242 0x0a0c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:13:42.0320 0x0a0c  upnphost - ok
14:13:42.0367 0x0a0c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:13:42.0398 0x0a0c  USBAAPL64 - ok
14:13:42.0476 0x0a0c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:13:42.0492 0x0a0c  usbaudio - ok
14:13:42.0523 0x0a0c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:13:42.0539 0x0a0c  usbccgp - ok
14:13:42.0586 0x0a0c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:13:42.0601 0x0a0c  usbcir - ok
14:13:42.0617 0x0a0c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:13:42.0648 0x0a0c  usbehci - ok
14:13:42.0664 0x0a0c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:13:42.0695 0x0a0c  usbhub - ok
14:13:42.0710 0x0a0c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:13:42.0726 0x0a0c  usbohci - ok
14:13:42.0788 0x0a0c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:13:42.0820 0x0a0c  usbprint - ok
14:13:42.0835 0x0a0c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:13:42.0866 0x0a0c  USBSTOR - ok
14:13:42.0913 0x0a0c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:13:42.0929 0x0a0c  usbuhci - ok
14:13:42.0976 0x0a0c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:13:42.0991 0x0a0c  usbvideo - ok
14:13:43.0038 0x0a0c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:13:43.0085 0x0a0c  UxSms - ok
14:13:43.0100 0x0a0c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
14:13:43.0116 0x0a0c  VaultSvc - ok
14:13:43.0303 0x0a0c  [ 2662F24C7AEE2A32CEBDEC907A5366F1, B6A59DE0AA0E58F239D54DFEC902D1E5E8BAA19642EF1114101787A00272903D ] vcsFPService    C:\Windows\system32\vcsFPService.exe
14:13:43.0381 0x0a0c  vcsFPService - ok
14:13:43.0428 0x0a0c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:13:43.0444 0x0a0c  vdrvroot - ok
14:13:43.0490 0x0a0c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:13:43.0553 0x0a0c  vds - ok
14:13:43.0584 0x0a0c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:13:43.0615 0x0a0c  vga - ok
14:13:43.0631 0x0a0c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:13:43.0678 0x0a0c  VgaSave - ok
14:13:43.0693 0x0a0c  VGPU - ok
14:13:43.0724 0x0a0c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:13:43.0756 0x0a0c  vhdmp - ok
14:13:43.0787 0x0a0c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:13:43.0802 0x0a0c  viaide - ok
14:13:43.0818 0x0a0c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:13:43.0834 0x0a0c  volmgr - ok
14:13:43.0865 0x0a0c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:13:43.0896 0x0a0c  volmgrx - ok
14:13:43.0912 0x0a0c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:13:43.0943 0x0a0c  volsnap - ok
14:13:43.0958 0x0a0c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:13:43.0990 0x0a0c  vsmraid - ok
14:13:44.0146 0x0a0c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:13:44.0255 0x0a0c  VSS - ok
14:13:44.0286 0x0a0c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:13:44.0302 0x0a0c  vwifibus - ok
14:13:44.0317 0x0a0c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:13:44.0333 0x0a0c  vwififlt - ok
14:13:44.0395 0x0a0c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:13:44.0411 0x0a0c  vwifimp - ok
14:13:44.0458 0x0a0c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:13:44.0504 0x0a0c  W32Time - ok
14:13:44.0567 0x0a0c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:13:44.0582 0x0a0c  WacomPen - ok
14:13:44.0645 0x0a0c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:13:44.0692 0x0a0c  WANARP - ok
14:13:44.0692 0x0a0c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:13:44.0738 0x0a0c  Wanarpv6 - ok
14:13:44.0816 0x0a0c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:13:44.0863 0x0a0c  WatAdminSvc - ok
14:13:44.0941 0x0a0c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:13:45.0004 0x0a0c  wbengine - ok
14:13:45.0035 0x0a0c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:13:45.0066 0x0a0c  WbioSrvc - ok
14:13:45.0113 0x0a0c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:13:45.0160 0x0a0c  wcncsvc - ok
14:13:45.0191 0x0a0c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:13:45.0222 0x0a0c  WcsPlugInService - ok
14:13:45.0269 0x0a0c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:13:45.0284 0x0a0c  Wd - ok
14:13:45.0378 0x0a0c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:13:45.0409 0x0a0c  Wdf01000 - ok
14:13:45.0440 0x0a0c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:13:45.0472 0x0a0c  WdiServiceHost - ok
14:13:45.0472 0x0a0c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:13:45.0503 0x0a0c  WdiSystemHost - ok
14:13:45.0550 0x0a0c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
14:13:45.0581 0x0a0c  WebClient - ok
14:13:45.0612 0x0a0c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:13:45.0659 0x0a0c  Wecsvc - ok
14:13:45.0674 0x0a0c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:13:45.0721 0x0a0c  wercplsupport - ok
14:13:45.0737 0x0a0c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:13:45.0784 0x0a0c  WerSvc - ok
14:13:45.0830 0x0a0c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:13:45.0877 0x0a0c  WfpLwf - ok
14:13:45.0893 0x0a0c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:13:45.0893 0x0a0c  WIMMount - ok
14:13:45.0955 0x0a0c  WinDefend - ok
14:13:45.0955 0x0a0c  WinHttpAutoProxySvc - ok
14:13:46.0049 0x0a0c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:13:46.0096 0x0a0c  Winmgmt - ok
14:13:46.0361 0x0a0c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:13:46.0470 0x0a0c  WinRM - ok
14:13:46.0486 0x0a0c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
14:13:46.0517 0x0a0c  WinUSB - ok
14:13:46.0595 0x0a0c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:13:46.0657 0x0a0c  Wlansvc - ok
14:13:46.0876 0x0a0c  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:13:46.0954 0x0a0c  wlidsvc - ok
14:13:47.0141 0x0a0c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:13:47.0156 0x0a0c  WmiAcpi - ok
14:13:47.0188 0x0a0c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:13:47.0219 0x0a0c  wmiApSrv - ok
14:13:47.0266 0x0a0c  WMPNetworkSvc - ok
14:13:47.0297 0x0a0c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:13:47.0328 0x0a0c  WPCSvc - ok
14:13:47.0375 0x0a0c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:13:47.0406 0x0a0c  WPDBusEnum - ok
14:13:47.0453 0x0a0c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:13:47.0500 0x0a0c  ws2ifsl - ok
14:13:47.0531 0x0a0c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
14:13:47.0546 0x0a0c  wscsvc - ok
14:13:47.0562 0x0a0c  WSearch - ok
14:13:47.0687 0x0a0c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:13:47.0780 0x0a0c  wuauserv - ok
14:13:47.0858 0x0a0c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:13:47.0874 0x0a0c  WudfPf - ok
14:13:47.0905 0x0a0c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:13:47.0936 0x0a0c  WUDFRd - ok
14:13:47.0952 0x0a0c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:13:47.0968 0x0a0c  wudfsvc - ok
14:13:47.0999 0x0a0c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:13:48.0030 0x0a0c  WwanSvc - ok
14:13:48.0077 0x0a0c  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
14:13:48.0108 0x0a0c  yukonw7 - ok
14:13:48.0108 0x0a0c  ================ Scan global ===============================
14:13:48.0155 0x0a0c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:13:48.0202 0x0a0c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:13:48.0217 0x0a0c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:13:48.0264 0x0a0c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:13:48.0295 0x0a0c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:13:48.0295 0x0a0c  [ Global ] - ok
14:13:48.0295 0x0a0c  ================ Scan MBR ==================================
14:13:48.0311 0x0a0c  [ DBFAA7CA676BF7407F906787DFCC0820 ] \Device\Harddisk0\DR0
14:13:48.0904 0x0a0c  \Device\Harddisk0\DR0 - ok
14:13:48.0904 0x0a0c  ================ Scan VBR ==================================
14:13:48.0919 0x0a0c  [ B7E995369727703B8766DB54D81B84CE ] \Device\Harddisk0\DR0\Partition1
14:13:48.0919 0x0a0c  \Device\Harddisk0\DR0\Partition1 - ok
14:13:48.0935 0x0a0c  [ 7ABAB96E0C2D90015CC93E4F150DF297 ] \Device\Harddisk0\DR0\Partition2
14:13:48.0935 0x0a0c  \Device\Harddisk0\DR0\Partition2 - ok
14:13:48.0966 0x0a0c  [ F5B454EA775222715F26B98E4F99C43C ] \Device\Harddisk0\DR0\Partition3
14:13:48.0966 0x0a0c  \Device\Harddisk0\DR0\Partition3 - ok
14:13:49.0044 0x0a0c  [ 678E12DE72011A7EBD843A49AD57A199 ] \Device\Harddisk0\DR0\Partition4
14:13:49.0106 0x0a0c  \Device\Harddisk0\DR0\Partition4 - ok
14:13:49.0122 0x0a0c  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\wmiav.exe ( 11.0.1.400 ), 0x41000 ( enabled : updated )
14:13:49.0122 0x0a0c  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\wmifw.exe ( 11.0.1.400 ), 0x41010 ( enabled )
14:13:52.0086 0x0a0c  ============================================================
14:13:52.0086 0x0a0c  Scan finished
14:13:52.0086 0x0a0c  ============================================================
14:13:52.0086 0x18f8  Detected object count: 0
14:13:52.0086 0x18f8  Actual detected object count: 0
14:13:53.0256 0x19f0  Deinitialize success
 

 


Edited by restricted, 04 April 2014 - 05:32 PM.


#10 restricted

restricted
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Los Angeles, CA
  • Local time:08:36 PM

Posted 04 April 2014 - 05:12 PM

aswMBR

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-04-04 14:16:15
-----------------------------
14:16:15.587    OS Version: Windows x64 6.1.7601 Service Pack 1
14:16:15.587    Number of processors: 4 586 0x2502
14:16:15.589    ComputerName: GILLIAN  UserName: Owner
14:16:17.884    Initialize success
14:20:13.226    AVAST engine defs: 14040400
14:20:40.023    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:20:40.026    Disk 0 Vendor: TOSHIBA_ LH00 Size: 476940MB BusType: 3
14:20:40.142    Disk 0 MBR read successfully
14:20:40.145    Disk 0 MBR scan
14:20:40.149    Disk 0 unknown MBR code
14:20:40.157    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          199 MB offset 2048
14:20:40.163    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       457764 MB offset 409600
14:20:40.194    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        18872 MB offset 937910272
14:20:40.214    Disk 0 Partition 4 00     0C    FAT32 LBA MSDOS5.0      103 MB offset 976560128
14:20:40.256    Disk 0 scanning C:\Windows\system32\drivers
14:20:53.881    Service scanning
14:21:21.552    Modules scanning
14:21:21.561    Disk 0 trace - called modules:
14:21:21.592    ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll 
14:21:21.597    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80052e5060]
14:21:21.602    3 CLASSPNP.SYS[fffff880019d143f] -> nt!IofCallDriver -> [0xfffffa8005176b10]
14:21:21.606    5 hpdskflt.sys[fffff88001dd8189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004fe5050]
14:21:23.804    AVAST engine scan C:\Windows
14:21:28.972    AVAST engine scan C:\Windows\system32
14:26:37.018    AVAST engine scan C:\Windows\system32\drivers
14:27:01.862    AVAST engine scan C:\Users\Owner
14:38:38.403    AVAST engine scan C:\ProgramData
14:50:58.331    Scan finished successfully
14:51:57.656    Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
14:51:57.661    The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

Attached Files

  • Attached File  MBR.zip   531bytes   0 downloads

Edited by restricted, 04 April 2014 - 05:20 PM.


#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:36 PM

Posted 05 April 2014 - 08:53 AM

KL1 of related to Kaspersky

S0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2010-06-09] (Kaspersky Lab ZAO)
===

I let that entry alone thinking that it may be a false positive.
I now suggest your fix it.
If required later after all is well then you can reinstall it.
 
start

S5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () <===== ATTENTION Necurs Rootkit?

end

Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) please post it to your reply.
===

If the issue is still not resolved continue.

Run SFC /Scannow

How to:
How to use the System File Checker tool to troubleshoot missing or corrupted system files on Windows Vista or on Windows 7
http://support.microsoft.com/kb/929833
===

If that fails to solve the issue repair windows.

Following steps involve registry editing. Please create new restore point before proceeding!!!
How to:
XP - http://support.microsoft.com/kb/948247
Vista and Seven - http://windows.microsoft.com/en-gb/windows7/create-a-restore-point
Windows 8 - http://www.eightforums.com/tutorials/4690-restore-point-create-windows-8-a.html

Download this program to your desktop.
Tweaking.com - Windows Repair
http://www.bleepingcomputer.com/download/windows-repair-all-in-one-portable/


Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options only.

Reset Registry Permissions
Reset File Permissions
Register System Files
Repair WMI
Repair Windows Firewall
Repair Internet Explorer
Repair MDAC & MS Jet
Remove Policies Set By Infections
Repair Icons
Repair Winsock & DNS Cache
Remove Temp Files
Repair Proxy Settings
Unhide Non System Files
Repair Windows Updates
  • Checkmark Restart System When Finished option
  • click the Start button
  • System should restart after repair
Keep me posted.

#12 restricted

restricted
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Los Angeles, CA
  • Local time:08:36 PM

Posted 05 April 2014 - 05:13 PM

Hi, nasdaq! Thanks so much for your patience and effort with me.  :lol: I have a few questions for you while I perform your next steps:

 

** I noticed that Windows Update has been trying to install an update every time I shut down, but it never seems to work. The "important" update is for Internet Explorer 11 for Windows 7 x64. I don't use IE, but I wanted to let you know in case it is relevant to our issue.

 

 

 

1) S0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2010-06-09] (Kaspersky Lab ZAO)

 

Do I need to uninstall Kaspersky Lab in order to continue with our repairs? I use it as my current antivirus. I don't know how to retrieve my online subscription and I don't have the CD, but I will uninstall it if you need me to do so.

 

 

 

2) S5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () <===== ATTENTION Necurs Rootkit?

 

Unlocker is a known program for me which I chose to install. I went ahead and uninstalled it through the Control Panel and then ran your fix with FRST. However, I think we were unsuccessful. Here is the log:

 

FRST

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014

Ran by Owner at 2014-04-05 13:11:40 Run:2
Running from C:\FRST
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start

S5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () <===== ATTENTION Necurs Rootkit?

end
*****************

UnlockerDriver5 => Service not found.

==== End of Fixlog ====




3) sfc /scannow

The verification completed at 100%. "Windows Resource Protection did not find any integrity violations."



4) Windows Repair

Successfully created System Restore point "Windows Repair (BLEEPING)" through Control Panel.

Successfully backed up registry through the Tweaking.com Windows Repair program.

** Program ran fine, computer rebooted, but the white screen was still there prior to the desktop loading.

 

Wondering if this could be a driver issue. Hope to hear from you soon!



#13 nasdaq

nasdaq

  • Malware Response Team
  • 40,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:36 PM

Posted 06 April 2014 - 08:24 AM


It looks like a driver issue. Windows updates is trying to complete the installation and reset the registry.

Navigate to this Microsoft page and selet the automatic fix
http://support.microsoft.com/kb/971058

Restart the computer normally when done.

How is it now?

#14 restricted

restricted
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Los Angeles, CA
  • Local time:08:36 PM

Posted 06 April 2014 - 02:11 PM

Good morning, nasdaq! :)  I ran the automatic fix you provided and reached these results:

 

2lac56d.png

 

Restarted the computer and ran it again a few more times, but the results were pretty much the same each time. Makes me wonder if the things that are marked "fixed" were even fixed at all...

 

Upon reboot, the white screen was still there. However, as we are making our way through the repairs, the duration of the white screen seems to be getting shorter! Sometimes, it doesn't even appear at all. 

 

Logging in is still slow, but getting a bit faster. Also still getting that "could not connect all network drives" bubble for a few minutes when the desktop loads, before it fixes itself.

 

If you'd like to test for any driver issues as well, please let me know.

 

Looking forward to hearing from you.


Edited by restricted, 06 April 2014 - 02:13 PM.


#15 nasdaq

nasdaq

  • Malware Response Team
  • 40,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:36 PM

Posted 07 April 2014 - 07:45 AM

I suggest you download Microsoft Security Essentials
http://windows.microsoft.com/en-CA/windows/security-essentials-download

Install the application.

Disable Kaspersky and Restart the computer.

When MSE is running you can Delete Kaspersky using the Add/Remove Programs.

Possibly some remnant of the KAV will resist removal you can then run their un-installer tool

Instructions on this page.
Removal tool to uninstall Kaspersky Lab products
http://support.kaspersky.com/common/service.aspx?el=1464


Restart the computer normal and test the result.

If you have any questions before proceeding please ask.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users