Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Coworker downloaded a lot of malware onto her office computer


  • This topic is locked This topic is locked
60 replies to this topic

#1 sparklynnprez

sparklynnprez

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 04 December 2014 - 12:33 PM

Hello,

 

My colleague is not as tech savvy as some, and she downloaded a lot of malware onto her office computer. I ran MalwareBytes and it ended up quarantining a lot of stuff. I am not sure if these are things I can delete or not. I am also not sure if I should proceed with other programs like RKill or AdwCleaner. 

 

Here is the log from MalwareBytes -- 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 12/4/2014
Scan Time: 10:50:25 AM
Logfile: malwarebytes log 120214.txt
Administrator: Yes
 
Version: 2.00.3.1025
Malware Database: v2014.12.04.07
Rootkit Database: v2014.12.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Enabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: NAME REDACTED
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 406327
Time Elapsed: 24 min, 45 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 7
PUP.Optional.BetterBrain.A, HKU\S-1-5-21-604601340-2333831010-3733641663-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C2DF6D43-F814-4C32-B021-209A74BAACA5}, Quarantined, [01d680de37451b1b39b75d663ec4d12f], 
PUP.Optional.BetterBrain.A, HKU\S-1-5-21-604601340-2333831010-3733641663-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C2DF6D43-F814-4C32-B021-209A74BAACA5}, Quarantined, [01d680de37451b1b39b75d663ec4d12f], 
PUP.Optional.BetterBrain.A, HKLM\SOFTWARE\WOW6432NODE\BetterBrain_1.10.0.2, Quarantined, [7e5999c57ffd4de946cf65e2ea19e41c], 
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, Quarantined, [4c8bbea0a1db3303a4c563fff90a966a], 
PUP.Optional.BetterBrain.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bbnfd_1_10_0_2, Quarantined, [30a72836e09c8bab759c88bf6b9838c8], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-604601340-2333831010-3733641663-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [af28233be5970f2786e8d1b4ae552bd5], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-604601340-2333831010-3733641663-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [e7f0510db9c3d462cfc2c1da32d2d62a], 
 
Registry Values: 3
PUP.Optional.BetterBrain.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{6311158d-1248-4c22-b80e-0fce899a0c7c}, C:\Program Files (x86)\Mozilla Firefox\extensions\{6311158d-1248-4c22-b80e-0fce899a0c7c}, Quarantined, [9b3c86d8166678be6ca7af9808fba15f]
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir, C:\PROGRA~2\SearchProtect, Quarantined, [4c8bbea0a1db3303a4c563fff90a966a]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-604601340-2333831010-3733641663-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, zr2X2X1G1S1F2V1S2Q0V, Quarantined, [e7f0510db9c3d462cfc2c1da32d2d62a]
 
Registry Data: 1
PUP.Optional.Vosteran.A, HKU\S-1-5-21-604601340-2333831010-3733641663-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://Vosteran.com/?f=1&a=vst_ggfc_14_49_ch_na01&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0Dzz0Dzz0BzyyD0AzyyEtN0D0Tzu0StCtDyCyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2StDyDyC0A0CyC0E0CtGzytBtC0FtG0FyEtD0EtG0A0B0A0DtGtDyCtB0ByCyE0E0A0F0CyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtB0D0E0F0E0BtGyE0C0EtCtGyEzztByEtG0ByE0A0AtGyCtByCyEyEtBzztBtDzzyEtC2Q&cr=178622072&ir=, Good: (www.google.com), Bad: (http://Vosteran.com/?f=1&a=vst_ggfc_14_49_ch_na01&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0Dzz0Dzz0BzyyD0AzyyEtN0D0Tzu0StCtDyCyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2StDyDyC0A0CyC0E0CtGzytBtC0FtG0FyEtD0EtG0A0B0A0DtGtDyCtB0ByCyE0E0A0F0CyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtB0D0E0F0E0BtGyE0C0EtCtGyEzztByEtG0ByE0A0AtGyCtByCyEyEtBzztBtDzzyEtC2Q&cr=178622072&ir=),Replaced,[24b31f3f1b61b87ea5147ce6867fef11]
 
Folders: 10
PUP.Optional.SearchProtect.A, C:\Users\JNAME REDACTED\AppData\Local\SearchProtect, Quarantined, [dbfc83dbccb049ed4140ca5fc63d9967], 
PUP.Optional.SearchProtect.A, C:\Users\NAME REDACTED\AppData\Local\SearchProtect\SearchProtect, Quarantined, [dbfc83dbccb049ed4140ca5fc63d9967], 
PUP.Optional.SearchProtect.A, C:\Users\NAME REDACTEDr\AppData\Local\SearchProtect\SearchProtect\rep, Quarantined, [dbfc83dbccb049ed4140ca5fc63d9967], 
PUP.Optional.SearchProtect.A, C:\Users\NAME REDACTED\AppData\Local\SearchProtect\SearchProtect\STG, Quarantined, [dbfc83dbccb049ed4140ca5fc63d9967], 
PUP.Optional.SearchProtect.A, C:\Users\NAME REDACTED\AppData\Local\SearchProtect\UI, Quarantined, [dbfc83dbccb049ed4140ca5fc63d9967], 
PUP.Optional.SearchProtect.A, C:\Users\NAME REDACTED\AppData\Local\SearchProtect\UI\rep, Quarantined, [dbfc83dbccb049ed4140ca5fc63d9967], 
PUP.Optional.Updater.A, C:\Users\NAME REDACTEDAppData\Roaming\DigitalSites\UpdateProc, Quarantined, [389fb0aee5972f0747245cd50ff4d927], 
PUP.Optional.Vosteran.A, C:\Users\NAME REDACTED\AppData\Roaming\WSE_Vosteran, Quarantined, [6d6a124ce09c8caa34a78bb7956e847c], 
PUP.Optional.Vosteran.A, C:\Users\NAME REDACTEDr\AppData\Roaming\WSE_Vosteran\icons_3.6.6.0, Quarantined, [6d6a124ce09c8caa34a78bb7956e847c], 
PUP.Optional.Vosteran.A, C:\Users\NAME REDACTED\AppData\Roaming\WSE_Vosteran\UpdateProc, Quarantined, [6d6a124ce09c8caa34a78bb7956e847c], 
 
Files: 26
PUP.Optional.DigitalSites.A, C:\Windows\Tasks\Digital Sites.job, No Action By User, [57805707dd9fc076b5bb18ac758f5ba5], 
PUP.Optional.InstalLCore, C:\Users\NAME REDACTEDAppData\Local\Temp\is1242154493\46580551_stp.EXE, Quarantined, [30a7c5996418e452ca095cdfdc2957a9], 
PUP.Optional.InstalLCore, C:\Users\NAME REDACTED\AppData\Local\Temp\is765589038\52614A36_stp.EXE, Quarantined, [09ce9ec0d7a5cb6b71624dee9a6bd828], 
PUP.Optional.BetterBuy.A, C:\Users\NAME REDACTED\AppData\Local\Temp\is765589038\6E4F0D62_stp\betterbrain-setup 1.10.0.2.exe, Quarantined, [fcdb90ce37456dc9d993ae3d13ee6898], 
PUP.Optional.Vosteran.A, C:\Windows\Tasks\WSE_Vosteran.job, Quarantined, [f6e1eb73b2ca61d52a3d3e86c34137c9], 
PUP.Optional.Vosteran.A, C:\Windows\System32\Tasks\WSE_Vosteran, Quarantined, [c5122b33c6b67fb75315ffc5dd2701ff], 
PUP.Optional.Vosteran.A, C:\Users\NAME REDACTED\AppData\Roaming\Mozilla\Firefox\Profiles\qp4g6bpx.default\searchplugins\Vosteran.xml, Quarantined, [3b9c88d6a0dc40f6ee7f2c981ee69769], 
PUP.Optional.DigitalSites.A, C:\Windows\System32\Tasks\Digital Sites, Quarantined, [d700ec7269134aec2a47c5ff41c30ef2], 
PUP.Optional.Vitruvian.A, C:\Users\NAME REDACTED\AppData\Local\Temp\vitruvian-installer-install-v0003, Quarantined, [ce091747afcd290d2fbb4c780afa02fe], 
PUP.Optional.Vitruvian.A, C:\Users\NAME REDACTED\AppData\Local\Temp\vitruvian-installer-processes-v0002, Quarantined, [756263fbf9832f078c5e41837b894cb4], 
PUP.Optional.Vitruvian.A, C:\Users\NAME REDACTED\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001, Quarantined, [f4e3520ccdafb383db0f6c5821e31fe1], 
PUP.Optional.Vitruvian.A, C:\Users\NAME REDACTED\AppData\Local\Temp\vitruvian-installer-softwareregkeys-v0002, Quarantined, [29ae312d0379d46209e100c4798b4db3], 
PUP.Optional.Vitruvian.A, C:\Users\NAME REDACTED\AppData\Local\Temp\vitruvian-installer-uninstall-v0002, Quarantined, [597e4f0fe795bc7a9654e5df24e0ac54], 
PUP.Optional.Vitruvian.A, C:\Users\NAME REDACTEDr\AppData\Local\Temp\vitruvian-installer-vmdetect-v0001, Quarantined, [17c019458def75c1f2f8c1037d874ab6], 
PUP.Optional.SearchProtect.A, C:\Users\NAME REDACTED\AppData\Local\SearchProtect\SearchProtect\rep\Cvc.dat, Quarantined, [dbfc83dbccb049ed4140ca5fc63d9967], 
PUP.Optional.SearchProtect.A, C:\Users\NAME REDACTED\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, Quarantined, [dbfc83dbccb049ed4140ca5fc63d9967], 
PUP.Optional.SearchProtect.A, C:\Users\NAME REDACTED\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, Quarantined, [dbfc83dbccb049ed4140ca5fc63d9967], 
PUP.Optional.SearchProtect.A, C:\Users\NAME REDACTED\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, Quarantined, [dbfc83dbccb049ed4140ca5fc63d9967], 
PUP.Optional.Updater.A, C:\Users\NAME REDACTED\AppData\Roaming\DigitalSites\UpdateProc\info.dat, Quarantined, [389fb0aee5972f0747245cd50ff4d927], 
PUP.Optional.Updater.A, C:\Users\NAME REDACTED\AppData\Roaming\DigitalSites\UpdateProc\prod.dat, Quarantined, [389fb0aee5972f0747245cd50ff4d927], 
PUP.Optional.Updater.A, C:\Users\NAME REDACTED\AppData\Roaming\DigitalSites\UpdateProc\STTL.DAT, Quarantined, [389fb0aee5972f0747245cd50ff4d927], 
PUP.Optional.Updater.A, C:\Users\NAME REDACTED\AppData\Roaming\DigitalSites\UpdateProc\TTL.DAT, Quarantined, [389fb0aee5972f0747245cd50ff4d927], 
PUP.Optional.Vosteran.A, C:\Users\NAME REDACTED\AppData\Roaming\WSE_Vosteran\UpdateProc\info.dat, Quarantined, [6d6a124ce09c8caa34a78bb7956e847c], 
PUP.Optional.Vosteran.A, C:\Users\NAME REDACTED\AppData\Roaming\WSE_Vosteran\UpdateProc\STTL.DAT, Quarantined, [6d6a124ce09c8caa34a78bb7956e847c], 
PUP.Optional.Vosteran.A, C:\Users\NAME REDACTED\AppData\Roaming\WSE_Vosteran\UpdateProc\TTL.DAT, Quarantined, [6d6a124ce09c8caa34a78bb7956e847c], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


BC AdBot (Login to Remove)

 


m

#2 pystryker

pystryker

  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:52 PM

Posted 04 December 2014 - 09:44 PM

Hello and welcome to Bleeping Computer! My nickname is Pystryker :) , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you
  • If you are receiving help for this issue at another forum, please let me know so I can close this thread.
  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
  • Please read through my instructions carefully and completely before executing them. I will lay the instructions out in a step by step order to make them easy to follow.
  • Please make sure that all the programs I ask you to download are downloaded to and run from your Desktop.
  • Please make sure you (if you are able) to print out these instructions so that you will be able to refer to them while working on your machine. Part of the solution(s) to your problem may involve us working in Safe Mode and you will need them to go by.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • Please make sure you reply within 3 days to my responses, if there is no reply within 3 days, the topic will be closed and you will need to request the topic be reopened.
  • Before we get started, please remember we will do our best to get your machine repaired. However, there are some cases where the only solution is a reformat and reinstall of the operating system. This is a worst case scenario though.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If possible, please have your original Windows installation disks handy, just in case.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
  • Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
  • Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)
Now, let's get started, shall we? :thumbsup:



Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Place a check in the box marked Addition.txt

    farbarmainpanel_zps77bf9e25.jpg
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

FRST Log

Addition.txt Log

I close my topics if there is no response after 3 days. Please PM a moderator or myself to reopen your topic.

Please PM me only if I'm helping you with your computer issues and I have not responded in 2 days. Please remember, I'm a volunteer and sometimes life does get in the way. :)

Please stay with me until I declare your machine clean. Absence of symptoms does not ensure your machine is clean.

If you'd like to make a donation via Paypal, please click here.





#3 sparklynnprez

sparklynnprez
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 05 December 2014 - 01:30 PM

Hi! Thanks so much for your help! I really appreciate it. I am keeping my coworker from using this computer until we can resolve the situation.

 

One problem -- her "User" folder has her full name and I am worried about posting my log because I don't want her first and last name attached to the post. Is it OK to redact her name in the logs I post here, or a private way to share them? I have tried to change the folder name but for some reason even though I can change the user's name and the computer name, I can't change the user's name. The situation listed here explains the problem I'm having but I don't think that following the instructions will help us get the malware off of this computer: http://answers.microsoft.com/en-us/windows/forum/windows_7-security/user-account-name-change-doesnt-change/25dfa94a-3efe-4e8b-8e12-9e8d1874572e

 

I will post the logs in my next post. 

 

Thanks!



#4 pystryker

pystryker

  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:52 PM

Posted 05 December 2014 - 01:37 PM

Hello and you're welcome. :) It's perfectly fine to redacted her name from the logs. :thumbsup:

I close my topics if there is no response after 3 days. Please PM a moderator or myself to reopen your topic.

Please PM me only if I'm helping you with your computer issues and I have not responded in 2 days. Please remember, I'm a volunteer and sometimes life does get in the way. :)

Please stay with me until I declare your machine clean. Absence of symptoms does not ensure your machine is clean.

If you'd like to make a donation via Paypal, please click here.





#5 sparklynnprez

sparklynnprez
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 05 December 2014 - 01:39 PM

FRST log: 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014

Ran by NAME REDACTED (administrator) on JVG on 05-12-2014 12:33:32

Running from C:\Users\NAME REDACTED\Desktop

Loaded Profile: NAME REDACTED (Available profiles: NAME REDACTED & Guest)

Platform: Windows 8.1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Adobe Systems Incorporated) C:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

() C:\Creative Suite CS2\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(Intel Corporation) C:\Windows\System32\igfxTray.exe

(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Dropbox, Inc.) C:\Users\NAME REDACTED\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe

(Adobe Sytems Incorporated) C:\Creative Suite CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe

(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe

(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe

(iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-11] (Realtek Semiconductor)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10590208 2013-03-14] (Broadcom Corporation)

HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [526704 2012-12-14] (Broadcom Corporation.)

HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe

HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3039984 2013-03-13] (Synaptics Incorporated)

HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)

HKLM-x32\...\Run: [Adobe Version Cue CS2] => c:\Creative Suite CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-04] (Adobe Sytems Incorporated)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)

HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)

HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.)

HKLM-x32\...\Run: [] => [X]

HKU\S-1-5-21-604601340-2333831010-3733641663-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk

ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe ()

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk

ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

Startup: C:\Users\NAME REDACTED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\NAME REDACTED\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKU\S-1-5-21-604601340-2333831010-3733641663-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKU\S-1-5-21-604601340-2333831010-3733641663-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com

HKU\S-1-5-21-604601340-2333831010-3733641663-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.com/

SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =

SearchScopes: HKU\S-1-5-21-604601340-2333831010-3733641663-1001 -> DefaultScope {878AAD32-30D0-498D-9B01-7D2BD7CAC1C1} URL = http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch_na01&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0Dzz0Dzz0BzyyD0AzyyEtN0D0Tzu0StCtDyCyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2StDyDyC0A0CyC0E0CtGzytBtC0FtG0FyEtD0EtG0A0B0A0DtGtDyCtB0ByCyE0E0A0F0CyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtB0D0E0F0E0BtGyE0C0EtCtGyEzztByEtG0ByE0A0AtGyCtByCyEyEtBzztBtDzzyEtC2Q&cr=178622072&ir=

SearchScopes: HKU\S-1-5-21-604601340-2333831010-3733641663-1001 -> {878AAD32-30D0-498D-9B01-7D2BD7CAC1C1} URL = http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch_na01&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0Dzz0Dzz0BzyyD0AzyyEtN0D0Tzu0StCtDyCyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2StDyDyC0A0CyC0E0CtGzytBtC0FtG0FyEtD0EtG0A0B0A0DtGtDyCtB0ByCyE0E0A0F0CyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtB0D0E0F0E0BtGyE0C0EtCtGyEzztByEtG0ByE0A0AtGyCtByCyEyEtBzztBtDzzyEtC2Q&cr=178622072&ir=

BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:

========

FF ProfilePath: C:\Users\NAME REDACTED\AppData\Roaming\Mozilla\Firefox\Profiles\qp4g6bpx.default

FF SelectedSearchEngine: Vosteran

FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-604601340-2333831010-3733641663-1001: @citrixonline.com/appdetectorplugin -> C:\Users\NAME REDACTED\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

FF user.js: detected! => C:\Users\NAME REDACTED\AppData\Roaming\Mozilla\Firefox\Profiles\qp4g6bpx.default\user.js

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPCltInst11.dll (BroadSoft, Inc.)

FF Extension: SalEesCHeckeerr - C:\Users\NAME REDACTED\AppData\Roaming\Mozilla\Firefox\Profiles\qp4g6bpx.default\Extensions\cwzbuye@uaotb.net [2014-05-28]

FF Extension: Firefox Old Version Update Hotfix - C:\Users\NAME REDACTED\AppData\Roaming\Mozilla\Firefox\Profiles\qp4g6bpx.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-08-25]

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com

FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-05-27]

FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com

FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-05-27]

FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com

FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-05-27]

FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com

FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-05-27]

FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com

FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-05-27]

 

Chrome:

=======

CHR HomePage: Profile 1 -> https://www.google.com/

CHR StartupUrls: Profile 1 -> "hxxp://Vosteran.com/?f=7&a=vst_ggfc_14_49_ch_na01&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0Dzz0Dzz0BzyyD0AzyyEtN0D0Tzu0StCtDyCyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2StDyDyC0A0CyC0E0CtGzytBtC0FtG0FyEtD0EtG0A0B0A0DtGtDyCtB0ByCyE0E0A0F0CyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtB0D0E0F0E0BtGyE0C0EtCtGyEzztByEtG0ByE0A0AtGyCtByCyEyEtBzztBtDzzyEtC2Q&cr=178622072&ir="

CHR DefaultSuggestURL: Profile 1 -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}

CHR Profile: C:\Users\NAME REDACTED\AppData\Local\Google\Chrome\User Data\Profile 1

CHR Extension: (Google Docs) - C:\Users\NAME REDACTED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-04]

CHR Extension: (Google Drive) - C:\Users\NAME REDACTED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-04]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\NAME REDACTED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-04]

CHR Extension: (YouTube) - C:\Users\NAME REDACTED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-04]

CHR Extension: (Google Search) - C:\Users\NAME REDACTED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-04]

CHR Extension: (Kaspersky URL Advisor) - C:\Users\NAME REDACTED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-12-04]

CHR Extension: (Google Wallet) - C:\Users\NAME REDACTED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-04]

CHR Extension: (Gmail) - C:\Users\NAME REDACTED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-04]

CHR Extension: (Anti-Banner) - C:\Users\NAME REDACTED\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-12-04]

CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path

CHR HKU\S-1-5-21-604601340-2333831010-3733641663-1001\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path

CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2014-03-26]

CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path

CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2014-03-26]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-15] (Adobe Systems) [File not signed]

R2 Adobe Version Cue CS2; c:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-04] (Adobe Systems Incorporated) [File not signed]

R2 avp; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2014-03-26] (Kaspersky Lab ZAO)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)

S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)

R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation)

S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2012-09-19] (Sony Corporation) [File not signed]

R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)

S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)

R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)

R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation) [File not signed]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6971056 2013-03-14] (Broadcom Corporation)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-03-26] (Kaspersky Lab ZAO)

S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-03-26] (Kaspersky Lab)

S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-26] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-26] (Kaspersky Lab ZAO)

R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-03-26] (Kaspersky Lab ZAO)

R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-03-26] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2014-03-26] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)

R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-26] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-03-26] (Kaspersky Lab ZAO)

S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-08-20] ()

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-13] (Synaptics Incorporated)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-12-05 12:33 - 2014-12-05 12:34 - 00027585 _____ () C:\Users\NAME REDACTED\Desktop\FRST.txt

2014-12-05 12:32 - 2014-12-05 12:33 - 00000000 ____D () C:\FRST

2014-12-05 12:32 - 2014-12-05 12:32 - 02117632 _____ (Farbar) C:\Users\NAME REDACTED\Desktop\FRST64.exe

2014-12-05 12:31 - 2014-12-05 12:31 - 02117632 _____ (Farbar) C:\Users\NAME REDACTED\Downloads\FRST64.exe

2014-12-05 12:31 - 2014-12-05 12:31 - 02117632 _____ (Farbar) C:\Users\NAME REDACTED\Downloads\FRST64 (1).exe

2014-12-04 10:14 - 2014-12-04 10:14 - 00022528 _____ () C:\Users\NAME REDACTED\AppData\Local\dsisetup2619328432.exe

2014-12-04 10:14 - 2014-12-04 10:14 - 00000001 _____ () C:\Users\NAME REDACTED\AppData\Local\DSI.DAT

2014-12-04 09:57 - 2014-12-04 09:57 - 00880784 _____ (Google Inc.) C:\Users\NAME REDACTED\Downloads\ChromeSetup (2).exe

2014-12-04 09:51 - 2014-12-04 09:51 - 00880784 _____ (Google Inc.) C:\Users\NAME REDACTED\Downloads\ChromeSetup (1).exe

2014-12-03 15:53 - 2014-12-03 15:53 - 00020992 _____ () C:\Users\NAME REDACTED\Desktop\Incentive Requests for Snap 2014-07.xls

2014-12-03 15:47 - 2014-12-03 15:47 - 00042496 _____ () C:\Users\NAME REDACTED\Downloads\Suma Social Marketing Focus Group AV Quote 12-16-14 (1).xls

2014-12-02 16:17 - 2014-12-02 16:17 - 00038912 _____ () C:\Users\NAME REDACTED\Desktop\SUMA Expense Report_ revised 6-9-14.xls

2014-12-02 16:00 - 2014-12-02 16:00 - 00000489 _____ () C:\Users\NAME REDACTED\Downloads\AgendaDate.ics

2014-12-02 11:14 - 2014-12-04 10:14 - 00000126 _____ () C:\Users\NAME REDACTED\AppData\Roaming\WB.CFG

2014-12-02 10:53 - 2014-12-02 10:53 - 00000000 __SHD () C:\Users\NAME REDACTED\AppData\Local\EmieBrowserModeList

2014-12-02 10:14 - 2014-12-04 11:16 - 00000000 ____D () C:\Users\NAME REDACTED\AppData\Roaming\DigitalSites

2014-12-02 10:14 - 2014-12-04 10:14 - 00000334 _____ () C:\WINDOWS\Tasks\Digital Sites.job

2014-12-02 10:13 - 2014-12-02 10:13 - 00803152 _____ ( ) C:\Users\NAME REDACTED\Downloads\FileOpenerSetup (1).exe

2014-12-02 09:30 - 2014-12-02 09:30 - 00042496 _____ () C:\Users\NAME REDACTED\Downloads\Suma Social Marketing Focus Group AV Quote 12-16-14.xls

2014-11-24 10:08 - 2014-11-24 10:08 - 04958773 _____ () C:\Users\NAME REDACTED\Downloads\sarah resized.zip

2014-11-24 09:56 - 2014-11-24 09:56 - 05908292 _____ () C:\Users\NAME REDACTED\Downloads\Sarah resize 2.zip

2014-11-24 09:56 - 2014-11-24 09:56 - 02695206 _____ () C:\Users\NAME REDACTED\Downloads\Sarah last photos.zip

2014-11-24 09:56 - 2014-11-24 09:56 - 02695206 _____ () C:\Users\NAME REDACTED\Downloads\Sarah last photos (1).zip

2014-11-24 09:19 - 2014-11-24 09:19 - 25364154 _____ () C:\Users\NAME REDACTED\Downloads\5th group jpegs.zip

2014-11-19 16:32 - 2014-11-09 17:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2014-11-19 16:32 - 2014-11-09 17:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2014-11-19 16:32 - 2014-11-09 17:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll

2014-11-19 16:32 - 2014-11-09 17:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll

2014-11-18 13:52 - 2014-11-18 13:52 - 00000000 ____D () C:\Users\NAME REDACTED\AppData\Local\iLinc

2014-11-18 13:52 - 2014-11-18 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLinc 11

2014-11-18 13:52 - 2014-11-18 13:52 - 00000000 ____D () C:\Program Files (x86)\iLinc

2014-11-18 13:47 - 2014-11-18 13:47 - 00587193 _____ (BroadSoft, Inc.) C:\Users\NAME REDACTED\Downloads\join-session (1).exe

2014-11-18 11:30 - 2014-11-18 11:30 - 00587193 _____ (BroadSoft, Inc.) C:\Users\NAME REDACTED\Downloads\join-session.exe

2014-11-14 10:50 - 2014-11-14 10:50 - 00431676 _____ () C:\Users\NAME REDACTED\Downloads\fwhandoutsfortuesdaymeeting.zip

2014-11-14 10:44 - 2014-11-14 10:44 - 00301646 _____ () C:\Users\NAME REDACTED\Downloads\refilestoprint (1).zip

2014-11-14 10:31 - 2014-11-14 10:31 - 00552339 _____ () C:\Users\NAME REDACTED\Downloads\refilestoprint.zip

2014-11-13 11:34 - 2014-11-13 11:34 - 00000194 _____ () C:\Users\NAME REDACTED\Downloads\ATT00146 (2).htm

2014-11-13 11:32 - 2014-11-13 11:32 - 04787855 _____ () C:\Users\NAME REDACTED\Downloads\SUMA3B (1).zip

2014-11-13 09:25 - 2014-11-13 09:25 - 04787855 _____ () C:\Users\NAME REDACTED\Downloads\SUMA3B.zip

2014-11-13 09:25 - 2014-11-13 09:25 - 00000194 _____ () C:\Users\NAME REDACTED\Downloads\ATT00146 (1).htm

2014-11-13 09:24 - 2014-11-13 09:24 - 00000194 _____ () C:\Users\NAME REDACTED\Downloads\ATT00146.htm

2014-11-11 14:35 - 2014-10-09 19:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys

2014-11-11 14:35 - 2014-10-09 19:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys

2014-11-11 14:35 - 2014-10-09 19:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2014-11-11 14:35 - 2014-10-08 01:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll

2014-11-11 14:35 - 2014-10-08 01:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll

2014-11-11 14:35 - 2014-10-08 01:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2014-11-11 14:35 - 2014-10-08 01:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll

2014-11-11 14:35 - 2014-10-08 00:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2014-11-11 14:35 - 2014-10-08 00:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll

2014-11-11 14:35 - 2014-10-08 00:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll

2014-11-11 14:35 - 2014-10-08 00:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2014-11-11 14:35 - 2014-10-08 00:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2014-11-11 14:35 - 2014-10-07 23:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2014-11-11 14:35 - 2014-09-27 01:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll

2014-11-11 14:35 - 2014-09-26 23:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll

2014-11-11 14:35 - 2014-09-26 21:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2014-11-11 14:35 - 2014-09-26 21:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll

2014-11-11 14:35 - 2014-09-26 21:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2014-11-11 14:34 - 2014-10-18 03:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2014-11-11 14:34 - 2014-10-18 02:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2014-11-11 14:34 - 2014-10-18 02:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2014-11-11 14:34 - 2014-10-18 01:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2014-11-11 14:34 - 2014-10-18 00:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll

2014-11-11 14:34 - 2014-10-18 00:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2014-11-11 14:34 - 2014-10-18 00:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe

2014-11-11 14:34 - 2014-10-18 00:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll

2014-11-11 14:34 - 2014-10-18 00:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2014-11-11 14:34 - 2014-10-18 00:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2014-11-11 14:34 - 2014-10-18 00:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2014-11-11 14:34 - 2014-10-18 00:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2014-11-11 14:34 - 2014-10-18 00:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll

2014-11-11 14:34 - 2014-10-18 00:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe

2014-11-11 14:34 - 2014-10-18 00:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2014-11-11 14:34 - 2014-10-18 00:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2014-11-11 14:34 - 2014-10-17 01:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2014-11-11 14:34 - 2014-10-17 00:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2014-11-11 14:34 - 2014-10-12 20:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe

2014-11-11 14:34 - 2014-10-10 18:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2014-11-11 14:34 - 2014-10-10 18:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2014-11-11 14:34 - 2014-10-08 01:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll

2014-11-11 14:34 - 2014-10-08 01:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll

2014-11-11 14:34 - 2014-10-08 00:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll

2014-11-11 14:34 - 2014-10-07 23:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2014-11-11 14:34 - 2014-10-07 23:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2014-11-11 14:33 - 2014-10-30 23:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-11-11 14:33 - 2014-10-30 21:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-11-11 14:33 - 2014-09-21 22:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll

2014-11-11 14:33 - 2014-09-21 21:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys

2014-11-11 14:33 - 2014-09-21 21:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys

2014-11-11 14:33 - 2014-09-21 20:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys

2014-11-11 14:33 - 2014-09-18 18:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll

2014-11-11 14:33 - 2014-09-02 16:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll

2014-11-11 14:33 - 2014-09-02 16:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll

2014-11-11 14:32 - 2014-11-04 17:38 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2014-11-11 14:32 - 2014-11-03 18:10 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2014-11-11 14:32 - 2014-10-30 23:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe

2014-11-11 14:32 - 2014-10-30 23:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe

2014-11-11 14:32 - 2014-10-30 23:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe

2014-11-11 14:32 - 2014-10-30 23:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll

2014-11-11 14:32 - 2014-10-30 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe

2014-11-11 14:32 - 2014-10-30 23:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2014-11-11 14:32 - 2014-10-30 23:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll

2014-11-11 14:32 - 2014-10-30 23:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2014-11-11 14:32 - 2014-10-30 23:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll

2014-11-11 14:32 - 2014-10-30 23:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-11-11 14:32 - 2014-10-30 23:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec

2014-11-11 14:32 - 2014-10-30 23:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2014-11-11 14:32 - 2014-10-30 22:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-11-11 14:32 - 2014-10-30 22:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2014-11-11 14:32 - 2014-10-30 22:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll

2014-11-11 14:32 - 2014-10-30 22:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll

2014-11-11 14:32 - 2014-10-30 22:53 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2014-11-11 14:32 - 2014-10-30 22:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll

2014-11-11 14:32 - 2014-10-30 22:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2014-11-11 14:32 - 2014-10-30 22:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe

2014-11-11 14:32 - 2014-10-30 22:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe

2014-11-11 14:32 - 2014-10-30 22:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-11-11 14:32 - 2014-10-30 22:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2014-11-11 14:32 - 2014-10-30 22:49 - 00537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2014-11-11 14:32 - 2014-10-30 22:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll

2014-11-11 14:32 - 2014-10-30 22:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-11-11 14:32 - 2014-10-30 22:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll

2014-11-11 14:32 - 2014-10-30 22:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll

2014-11-11 14:32 - 2014-10-30 22:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx

2014-11-11 14:32 - 2014-10-30 22:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll

2014-11-11 14:32 - 2014-10-30 22:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll

2014-11-11 14:32 - 2014-10-30 22:24 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2014-11-11 14:32 - 2014-10-30 22:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-11-11 14:32 - 2014-10-30 22:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll

2014-11-11 14:32 - 2014-10-30 22:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2014-11-11 14:32 - 2014-10-30 22:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-11-11 14:32 - 2014-10-30 22:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll

2014-11-11 14:32 - 2014-10-30 22:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2014-11-11 14:32 - 2014-10-30 22:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2014-11-11 14:32 - 2014-10-30 22:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-11-11 14:32 - 2014-10-30 22:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-11-11 14:32 - 2014-10-30 22:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-11-11 14:32 - 2014-10-30 22:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-11-11 14:32 - 2014-10-30 21:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-11-11 14:32 - 2014-10-30 21:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-11-11 14:32 - 2014-10-30 21:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2014-11-11 14:32 - 2014-10-30 21:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll

2014-11-11 14:32 - 2014-10-30 21:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-11-11 14:32 - 2014-10-30 21:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe

2014-11-11 14:32 - 2014-10-30 21:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe

2014-11-11 14:32 - 2014-10-30 21:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe

2014-11-11 14:32 - 2014-10-30 21:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll

2014-11-11 14:32 - 2014-10-30 21:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe

2014-11-11 14:32 - 2014-10-30 21:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2014-11-11 14:32 - 2014-10-30 21:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll

2014-11-11 14:32 - 2014-10-30 21:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll

2014-11-11 14:32 - 2014-10-30 21:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec

2014-11-11 14:32 - 2014-10-30 21:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll

2014-11-11 14:32 - 2014-10-30 21:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll

2014-11-11 14:32 - 2014-10-30 21:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-11-11 14:32 - 2014-10-30 21:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-11-11 14:32 - 2014-10-30 21:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2014-11-11 14:32 - 2014-10-30 21:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll

2014-11-11 14:32 - 2014-10-30 21:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll

2014-11-11 14:32 - 2014-10-30 21:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll

2014-11-11 14:32 - 2014-10-30 21:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll

2014-11-11 14:32 - 2014-10-30 21:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2014-11-11 14:32 - 2014-10-30 21:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe

2014-11-11 14:32 - 2014-10-30 21:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2014-11-11 14:32 - 2014-10-30 21:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll

2014-11-11 14:32 - 2014-10-30 21:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-11-11 14:32 - 2014-10-30 20:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll

2014-11-11 14:32 - 2014-10-30 20:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll

2014-11-11 14:32 - 2014-10-30 20:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll

2014-11-11 14:32 - 2014-10-30 20:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx

2014-11-11 14:32 - 2014-10-30 20:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll

2014-11-11 14:32 - 2014-10-30 20:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll

2014-11-11 14:32 - 2014-10-30 20:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-11-11 14:32 - 2014-10-30 20:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2014-11-11 14:32 - 2014-10-30 20:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-11-11 14:32 - 2014-10-30 20:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll

2014-11-11 14:32 - 2014-10-30 20:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-11-11 14:32 - 2014-10-30 20:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2014-11-11 14:32 - 2014-10-30 20:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2014-11-11 14:32 - 2014-10-30 20:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-11-11 14:32 - 2014-10-30 20:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-11-11 14:32 - 2014-10-30 20:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-11-11 14:32 - 2014-10-30 20:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-11-11 14:32 - 2014-10-30 20:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2014-11-11 14:32 - 2014-10-30 20:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll

2014-11-11 14:32 - 2014-10-30 20:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-11-11 14:32 - 2014-10-30 20:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-11-11 14:32 - 2014-10-30 20:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-11-11 14:32 - 2014-10-22 23:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll

2014-11-11 14:32 - 2014-10-22 23:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll

2014-11-11 14:32 - 2014-10-07 00:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2014-11-11 14:32 - 2014-10-07 00:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2014-11-11 14:32 - 2014-10-07 00:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2014-11-11 14:32 - 2014-10-07 00:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2014-11-11 14:32 - 2014-10-07 00:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll

2014-11-11 14:32 - 2014-10-06 21:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2014-11-11 14:32 - 2014-10-06 21:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll

2014-11-11 14:32 - 2014-10-06 21:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2014-11-11 14:32 - 2014-10-06 21:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-11-11 14:32 - 2014-10-06 19:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2014-11-11 14:32 - 2014-10-06 19:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2014-11-11 14:32 - 2014-08-30 18:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2014-11-11 14:32 - 2014-08-30 16:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2014-11-11 14:32 - 2014-08-27 20:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2014-11-11 14:32 - 2014-08-22 23:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2014-11-11 14:32 - 2014-08-22 23:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2014-11-11 14:31 - 2014-09-10 00:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

2014-11-11 14:31 - 2014-09-07 21:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2014-11-11 14:31 - 2014-09-07 21:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2014-11-11 14:31 - 2014-09-07 16:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml

2014-11-11 14:31 - 2014-09-04 16:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2014-11-11 14:31 - 2014-09-04 16:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2014-11-11 14:31 - 2014-09-03 21:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2014-11-11 14:31 - 2014-09-03 20:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2014-11-11 14:31 - 2014-09-03 19:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll

2014-11-11 14:31 - 2014-09-03 18:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll

2014-11-11 14:31 - 2014-08-30 18:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS

2014-11-11 14:31 - 2014-08-30 16:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll

2014-11-11 14:31 - 2014-08-30 15:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll

2014-11-11 14:31 - 2014-08-30 15:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2014-11-11 14:31 - 2014-08-30 14:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll

2014-11-11 14:31 - 2014-08-30 14:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2014-11-11 14:31 - 2014-08-27 18:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll

2014-11-11 14:31 - 2014-08-27 18:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll

2014-11-11 14:31 - 2014-08-22 23:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-11-11 14:31 - 2014-08-22 23:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-11-11 14:31 - 2014-08-22 22:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2014-11-11 14:31 - 2014-08-01 18:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll

2014-11-11 14:31 - 2014-08-01 18:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-12-05 12:27 - 2014-02-10 11:15 - 00000654 _____ () C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-604601340-2333831010-3733641663-1001.job

2014-12-05 12:23 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-12-05 09:10 - 2013-10-09 16:36 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-12-05 08:57 - 2014-01-15 13:11 - 00000932 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-12-04 11:41 - 2014-01-13 11:14 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-604601340-2333831010-3733641663-1001

2014-12-04 11:28 - 2014-05-27 14:33 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-12-04 11:24 - 2014-03-18 04:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-12-04 11:20 - 2014-01-15 14:02 - 00000000 ___RD () C:\Users\NAME REDACTED\Dropbox

2014-12-04 11:19 - 2014-01-15 13:51 - 00000000 ____D () C:\Users\NAME REDACTED\AppData\Roaming\Skype

2014-12-04 11:19 - 2014-01-15 13:15 - 00000000 ____D () C:\Users\NAME REDACTED\AppData\Roaming\Dropbox

2014-12-04 11:18 - 2014-09-08 10:43 - 00000000 __RDO () C:\Users\NAME REDACTED\OneDrive

2014-12-04 11:18 - 2014-01-15 13:11 - 00000928 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-12-04 11:17 - 2014-09-05 11:58 - 01456438 _____ () C:\WINDOWS\WindowsUpdate.log

2014-12-04 11:17 - 2014-03-18 03:54 - 00023362 _____ () C:\WINDOWS\PFRO.log

2014-12-04 11:17 - 2013-08-22 08:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-12-04 11:17 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2014-12-04 10:34 - 2014-05-27 14:32 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2014-12-04 10:34 - 2014-05-27 14:32 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-12-04 10:34 - 2014-05-27 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-12-04 10:34 - 2014-05-27 14:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-12-04 10:25 - 2014-01-30 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter

2014-12-04 09:57 - 2014-01-15 13:12 - 00002275 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-12-04 09:52 - 2014-01-15 13:11 - 00003904 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2014-12-04 09:52 - 2014-01-15 13:11 - 00003668 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2014-12-03 10:54 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-12-02 10:14 - 2014-01-15 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-11-26 10:24 - 2012-07-26 01:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-11-26 09:29 - 2014-09-05 11:37 - 00000000 ____D () C:\Users\NAME REDACTED

2014-11-24 10:31 - 2013-08-22 08:46 - 00328325 _____ () C:\WINDOWS\setupact.log

2014-11-20 14:51 - 2013-08-22 09:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-11-20 14:51 - 2013-08-22 09:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-11-19 16:36 - 2014-01-15 13:40 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-11-19 16:32 - 2014-01-15 13:40 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-11-14 16:21 - 2014-01-15 13:16 - 00001071 _____ () C:\Users\NAME REDACTED\Desktop\Dropbox.lnk

2014-11-14 16:21 - 2014-01-15 13:16 - 00000000 ____D () C:\Users\NAME REDACTED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-11-14 11:04 - 2014-01-15 17:17 - 00000426 _____ () C:\WINDOWS\BRWMARK.INI

2014-11-13 13:30 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-11-13 09:15 - 2014-09-05 14:28 - 00003962 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5769D41B-206C-4531-BB64-1FE907E75D7F}

2014-11-13 09:06 - 2013-08-22 08:44 - 00502008 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-11-12 16:40 - 2014-09-09 15:09 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2014-11-12 16:40 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-11-12 16:40 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

2014-11-12 16:40 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-12 16:40 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-12 16:40 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Windows Defender

2014-11-12 16:40 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2014-11-12 09:34 - 2014-01-15 10:34 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-11-11 14:55 - 2014-02-10 11:15 - 00003672 _____ () C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-604601340-2333831010-3733641663-1001

2014-11-10 17:13 - 2014-06-18 14:01 - 00000000 ____D () C:\Users\NAME REDACTED\AppData\Roaming\vlc

 

Some content of TEMP:

====================

C:\Users\NAME REDACTED\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpopilqs.dll

C:\Users\NAME REDACTED\AppData\Local\Temp\ICReinstall_FileOpenerSetup.exe

C:\Users\NAME REDACTED\AppData\Local\Temp\optprosetup.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-12-05 09:19

 

==================== End Of Log ============================



#6 sparklynnprez

sparklynnprez
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 05 December 2014 - 01:41 PM

Addition:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2014

Ran by NAME REDACTED at 2014-12-05 12:34:33

Running from C:\Users\NAME REDACTED\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

ACID Music Studio 9.0 (HKLM-x32\...\{78EB80B0-18A0-11E2-9761-F04DA23A5C58}) (Version: 9.0.35 - Sony)

Adobe Acrobat 7.0 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 7.0 Professional - English, Français, Deutsch - V) (Version: 7.0.0 - Adobe Systems)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)

Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version:  - )

Adobe Reader XI (11.0.08)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)

Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)

Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ArtRage Studio (HKLM-x32\...\{5A9FE63F-F201-4D55-9F5F-06DDB239AC4F}) (Version: 3.5.5 - Ambient Design)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.125 - Broadcom Corporation)

CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)

Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)

CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2529 - CyberLink Corp.)

CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6201.52 - CyberLink Corp.)

Dropbox (HKU\S-1-5-21-604601340-2333831010-3733641663-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)

DVD Architect Studio 5.0 (HKLM-x32\...\{42C509F1-C451-11E1-AEC9-F04DA23A5C58}) (Version: 5.0.161 - Sony)

Edraw Max 7.6 (HKLM-x32\...\Edraw Max_is1) (Version:  - EdrawSoft)

ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden

FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

FTP Utility (HKLM-x32\...\InstallShield_{A5EC243A-AAB4-4AF0-85A5-07F9F4618353}) (Version: 1.00.0000 - KONICA MINOLTA)

FTP Utility (x32 Version: 1.00.0000 - KONICA MINOLTA) Hidden

Google Chrome (HKLM-x32\...\{E1AA8B0F-1176-36F1-8A91-AA19CF39C2F6}) (Version: 65.169.76 - Google, Inc.)

Google Drive (HKLM-x32\...\{418BAAD1-754D-48B4-B078-46EF4F25AF42}) (Version: 1.15.6556.8063 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

GoToMeeting 7.0.3.1963 (HKU\S-1-5-21-604601340-2333831010-3733641663-1001\...\GoToMeeting) (Version: 7.0.3.1963 - CitrixOnline)

iLinc 11 Client (HKLM-x32\...\iLincClient.11) (Version:  - )

ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)

Intel® PROSet/Wireless NFC Software (HKLM\...\Intel® PROSet/Wireless NFC Software) (Version: 1.0.1.003 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)

Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)

Java 7 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)

Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)

join.me (HKU\S-1-5-21-604601340-2333831010-3733641663-1001\...\JoinMe) (Version: 1.14.0.132 - LogMeIn, Inc.)

Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)

Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden

KONICA MINOLTA magicolor 5650 (HKLM\...\KONICA MINOLTA magicolor 5650 Installer) (Version:  - KONICA MINOLTA)

Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)

Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{1C8AC59F-6464-11E2-A0C0-F04DA23A5C58}) (Version: 12.0.756 - Sony)

Mozilla Firefox 26.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden

PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)

PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.02.14060 - Sony Corporation)

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

Reader for PC (HKLM-x32\...\{25340F94-F74E-4CCF-ABDF-ECBCF03911BE}) (Version: 2.0.00.07121 - Sony Corporation)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)

Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28135 - Realtek Semiconductor Corp.)

Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden

ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)

Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Sound Forge Audio Studio 10.0 (HKLM-x32\...\{7A263871-BEEC-11E1-AC53-F04DA23A5C58}) (Version: 10.0.178 - Sony)

SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden

SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden

Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.4.0.1 - Synaptics Incorporated)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation)

VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden

VAIO Care (HKLM\...\{1C22618A-FEFA-4F20-B67D-F1311E6804AC}) (Version: 8.4.1.07026 - Sony Corporation)

VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)

VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)

VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.0.03070 - Sony Corporation)

VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)

VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)

VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden

VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)

VAIO Gesture Control (x32 Version: 2.2.0.01230 - Sony Corporation) Hidden

VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)

VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.1.00.14260 - Sony Corporation)

VAIO Image Optimizer (x32 Version: 3.1.00.14260 - Sony Corporation) Hidden

VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)

VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)

VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.1.01.15140 - Sony Corporation)

VAIO Movie Creator (x32 Version: 4.1.01.15140 - Sony Corporation) Hidden

VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)

VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)

VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)

VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden

VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden

VIx64 (Version: 1.0.0 - Sony Corporation) Hidden

VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)

VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden

VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden

VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden

VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden

VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.4900 - Broadcom Corporation)

XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-604601340-2333831010-3733641663-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\NAME REDACTED\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-604601340-2333831010-3733641663-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

CustomCLSID: HKU\S-1-5-21-604601340-2333831010-3733641663-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\NAME REDACTED\AppData\Local\Citrix\GoToMeeting\1350\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

CustomCLSID: HKU\S-1-5-21-604601340-2333831010-3733641663-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NAME REDACTED\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-604601340-2333831010-3733641663-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NAME REDACTED\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-604601340-2333831010-3733641663-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NAME REDACTED\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-604601340-2333831010-3733641663-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NAME REDACTED\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-604601340-2333831010-3733641663-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NAME REDACTED\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-604601340-2333831010-3733641663-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NAME REDACTED\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-604601340-2333831010-3733641663-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NAME REDACTED\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-604601340-2333831010-3733641663-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NAME REDACTED\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

 

==================== Restore Points  =========================

 

18-11-2014 15:30:11 Windows Update

24-11-2014 16:30:10 Windows Update

05-12-2014 15:07:45 Scheduled Checkpoint

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {09309B5D-CA73-42B1-A446-2D45B5342BE1} - System32\Tasks\G2MUpdateTask-S-1-5-21-604601340-2333831010-3733641663-1001 => C:\Users\NAME REDACTED\AppData\Local\Citrix\GoToMeeting\1963\g2mupdate.exe [2014-11-11] (Citrix Online, a division of Citrix Systems, Inc.)

Task: {0B6476E1-DA69-4A8C-B75D-7199FF6CCA2E} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation)

Task: {0CE5D3B0-BAEB-42C3-B6A4-A206B815D179} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)

Task: {101E8BEC-1FEE-42AC-BC81-F53DD78D7BAF} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)

Task: {12A5F641-2EF9-4A8F-8D48-40EDE90DA7EA} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)

Task: {150CC32F-6583-46BB-9A46-1783EE77BE7C} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)

Task: {18160D5F-0E71-411C-A7FD-8BA869821475} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)

Task: {37A51B3D-F197-4BAF-83ED-46107836ED61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-15] (Google Inc.)

Task: {39616B7B-3AF0-4BC5-AC1F-547F47AB926B} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-06-25] (Sony Corporation)

Task: {465D0239-F636-4A92-9348-FC0DB9E51F05} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"

Task: {51375397-DE43-4F97-BC6D-55A47A468277} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-15] (Google Inc.)

Task: {52F1DAD9-2063-4E3C-B1D5-B440EB9305D4} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)

Task: {591A6AB7-1877-4E36-9D5C-3972FE327882} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)

Task: {61F3310F-CF17-4DE9-A25A-7767181A347B} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)

Task: {6287ED99-CA72-4820-9550-06DC40DDB8E4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)

Task: {6DF00277-7FFC-4BC8-91FC-E09C47F08D35} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)

Task: {6DFBB4FE-5ADE-4C8E-BDE0-7A0ABDE4BCF6} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient

Task: {74673705-D560-4822-8A8E-30B59A0A2D25} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)

Task: {7A521510-C054-4137-B09B-432B8460F722} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-03-13] (Synaptics Incorporated)

Task: {89EC458D-AAFD-4DF5-98F5-5BB3084E34EB} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)

Task: {8FDE6A91-142C-4BDB-9BD4-0CD1321DDA8C} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe

Task: {90343407-8BBE-44BB-9661-4E8312099A69} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)

Task: {96611C88-E02D-4598-BD65-FEBD430A4250} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)

Task: {9A481A0D-114F-491E-8BF5-6B0693D08AEF} - \Digital Sites No Task File <==== ATTENTION

Task: {AC0EE110-39F2-46DA-97FC-7A69A09C56EA} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)

Task: {B0E1E558-9DC2-423C-83C2-A3B406E314F9} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)

Task: {B9BB9B9F-A9FB-4A1B-A1E7-A11B33804045} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)

Task: {BC857D4B-DADE-483B-82D2-86FAADFE5536} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)

Task: {BD7BC45B-44B9-443E-A7FD-487FB994C39A} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-03] (Sony Corporation)

Task: {BE2B7263-B65B-4895-ABBC-D3A1894863FE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {C1E7DA0B-6230-43FD-AB9E-E472C2268592} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)

Task: {C1ED30F0-B969-4F96-AF2A-47345C1B8ADA} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)

Task: {DC277629-DEDA-42A8-B719-219A27EB111E} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2013-06-20] (Sony Electronics)

Task: {FA512BB2-80FA-499D-808C-5C2625D1E1A6} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)

Task: C:\WINDOWS\Tasks\Digital Sites.job => C:\Users\JENNIF~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-604601340-2333831010-3733641663-1001.job => C:\Users\NAME REDACTED\AppData\Local\Citrix\GoToMeeting\1963\g2mupdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-01-15 17:25 - 2007-11-08 11:15 - 00015360 _____ () C:\WINDOWS\System32\KOBJKJ_L.dll

2014-01-15 17:25 - 2007-11-16 07:57 - 00017408 _____ () C:\WINDOWS\System32\KOBJKA_L.dll

2012-12-14 15:27 - 2012-12-14 15:27 - 00049520 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll

2005-04-04 18:58 - 2005-04-04 18:58 - 03502080 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe

2005-04-04 18:58 - 2005-04-04 18:58 - 00028791 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\hpi.dll

2005-04-04 18:58 - 2005-04-04 18:58 - 00057453 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\verify.dll

2005-04-04 18:58 - 2005-04-04 18:58 - 00102515 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\java.dll

2005-04-04 18:58 - 2005-04-04 18:58 - 00053364 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\zip.dll

2005-04-04 18:58 - 2005-04-04 18:58 - 00057455 _____ () C:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\net.dll

2005-04-04 18:58 - 2005-04-04 18:58 - 00032880 _____ () C:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\nio.dll

2005-04-04 18:58 - 2005-04-04 18:58 - 00434255 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\bin\ps-rw-vc-v8_58.dll

2005-04-04 18:58 - 2005-04-04 18:58 - 01019904 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\bin\ps-vc-v8_58.dll

2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-06-17 11:35 - 2013-06-17 11:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll

2013-05-08 13:52 - 2013-05-08 13:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll

2014-12-04 11:19 - 2014-12-04 11:19 - 00043008 _____ () c:\Users\NAME REDACTED\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpopilqs.dll

2013-08-23 13:01 - 2013-08-23 13:01 - 25100288 _____ () C:\Users\NAME REDACTED\AppData\Roaming\Dropbox\bin\libcef.dll

2014-12-04 09:57 - 2014-11-25 00:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll

2014-12-04 09:57 - 2014-11-25 00:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll

2014-12-04 09:57 - 2014-11-25 00:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll

2014-12-04 09:57 - 2014-11-25 00:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll

2013-10-09 16:14 - 2013-01-23 03:26 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

2013-11-19 09:21 - 2013-11-19 09:21 - 00347136 _____ () C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\Users\NAME REDACTED\OneDrive:ms-properties

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

 

========================= Accounts: ==========================

 

Administrator (S-1-5-21-604601340-2333831010-3733641663-500 - Administrator - Disabled)

Guest (S-1-5-21-604601340-2333831010-3733641663-501 - Limited - Enabled) => C:\Users\Guest.JVG

NAME REDACTED (S-1-5-21-604601340-2333831010-3733641663-1001 - Administrator - Enabled) => C:\Users\NAME REDACTED

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (12/05/2014 06:08:16 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )

Description: 80070005

 

Error: (12/05/2014 05:52:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 65425313

 

Error: (12/05/2014 05:52:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 65425313

 

Error: (12/05/2014 05:52:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (12/04/2014 11:18:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   11 88.1.168.192.in-addr.arpa. PTR JVG.local.

 

Error: (12/04/2014 11:18:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Received from 192.168.1.88:5353   13 88.1.168.192.in-addr.arpa. PTR JVG-2.local.

 

Error: (12/04/2014 10:14:24 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: dsisetup2619328432.exe, version: 0.0.0.0, time stamp: 0x2a425e19

Faulting module name: dsisetup2619328432.exe, version: 0.0.0.0, time stamp: 0x2a425e19

Exception code: 0xc0000005

Fault offset: 0x00002810

Faulting process id: 0x140c

Faulting application start time: 0xdsisetup2619328432.exe0

Faulting application path: dsisetup2619328432.exe1

Faulting module path: dsisetup2619328432.exe2

Report Id: dsisetup2619328432.exe3

Faulting package full name: dsisetup2619328432.exe4

Faulting package-relative application ID: dsisetup2619328432.exe5

 

Error: (12/04/2014 09:56:12 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)

Description: There was an error with the Windows Location Provider database

 

Error: (12/03/2014 04:30:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1157

 

Error: (12/03/2014 04:30:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1157

 

 

System errors:

=============

Error: (12/05/2014 09:07:44 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)

Description: A corruption was discovered in the file system structure on volume ??.

 

The Master File Table (MFT) contains a corrupted file record.  The file reference number is 0x4000000026426.  The name of the file is "<unable to determine file name>".

 

Error: (12/04/2014 11:20:39 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Energy Server Service service terminated with the following error:

%%268439612

 

Error: (12/04/2014 10:29:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Energy Server Service service terminated with the following error:

%%268439612

 

Error: (12/04/2014 10:25:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Superfetch service terminated with the following error:

%%1062

 

Error: (12/04/2014 09:52:42 AM) (Source: DCOM) (EventID: 10010) (User: JVG)

Description: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}

 

Error: (12/01/2014 10:19:07 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)

Description: A corruption was discovered in the file system structure on volume ??.

 

The exact nature of the corruption is unknown.  The file system structures need to be scanned online.

 

Error: (12/01/2014 10:19:07 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)

Description: A corruption was discovered in the file system structure on volume ??.

 

The exact nature of the corruption is unknown.  The file system structures need to be scanned online.

 

Error: (12/01/2014 10:19:07 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)

Description: A corruption was discovered in the file system structure on volume ??.

 

The exact nature of the corruption is unknown.  The file system structures need to be scanned online.

 

Error: (12/01/2014 10:19:07 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)

Description: A corruption was discovered in the file system structure on volume ??.

 

The exact nature of the corruption is unknown.  The file system structures need to be scanned online.

 

Error: (12/01/2014 10:19:07 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)

Description: A corruption was discovered in the file system structure on volume ??.

 

The Master File Table (MFT) contains a corrupted file record.  The file reference number is 0x4000000026426.  The name of the file is "<unable to determine file name>".

 

 

Microsoft Office Sessions:

=========================

Error: (10/13/2014 03:27:57 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2507 seconds with 720 seconds of active time.  This session ended with a crash.

 

Error: (10/01/2014 01:53:55 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 61 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (05/27/2014 04:02:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3285 seconds with 420 seconds of active time.  This session ended with a crash.

 

Error: (03/31/2014 09:26:08 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5023 seconds with 1260 seconds of active time.  This session ended with a crash.

 

Error: (02/20/2014 08:59:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 30 seconds with 0 seconds of active time.  This session ended with a crash.

 

 

==================== Memory info ===========================

 

Processor: Intel® Core™ i7-3537U CPU @ 2.00GHz

Percentage of memory in use: 26%

Total physical RAM: 8070.8 MB

Available physical RAM: 5916.68 MB

Total Pagefile: 9350.8 MB

Available Pagefile: 6163.65 MB

Total Virtual: 131072 MB

Available Virtual: 131071.79 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:899.57 GB) (Free:760.97 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: 6A9B4987)

 

Partition: GPT Partition Type.

 

==================== End Of Log ============================



#7 sparklynnprez

sparklynnprez
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 05 December 2014 - 05:01 PM

Hi pystryker, 

 

Thanks so much for your help so far! I just wanted to let you know that I will be out of the office until Monday morning and unfortunately I can't take this computer home with me for the weekend. Is that too long for you to wait for a response from me about our next steps? I can see if I can get permission from my boss to bring the computer home if this is the case. I am sorry for the inconvenience. I will be here til 6:30 my time this evening anyway so please let me know.

 

Thanks!



#8 pystryker

pystryker

  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:52 PM

Posted 05 December 2014 - 05:12 PM

Hi :)

It's no problem to do this when you have access to the machine again on Monday. We'll work in a time frame that works best for you. I will be looking over the logs tonight and planning the steps to remove the malware from your machine.

I may post instructions tonight, but it's no problem to do them Monday. :thumbsup:

I close my topics if there is no response after 3 days. Please PM a moderator or myself to reopen your topic.

Please PM me only if I'm helping you with your computer issues and I have not responded in 2 days. Please remember, I'm a volunteer and sometimes life does get in the way. :)

Please stay with me until I declare your machine clean. Absence of symptoms does not ensure your machine is clean.

If you'd like to make a donation via Paypal, please click here.





#9 sparklynnprez

sparklynnprez
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 05 December 2014 - 05:20 PM

Wonderful. Thanks so much! And I have worked with you guys on an issue with my personal computer in the past, so I feel pretty comfortable following along with the instructions you might provide me with. I will work on anything you send me as early as possible on Monday. Thanks again!



#10 pystryker

pystryker

  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:52 PM

Posted 05 December 2014 - 07:16 PM

Wonderful. Thanks so much! And I have worked with you guys on an issue with my personal computer in the past, so I feel pretty comfortable following along with the instructions you might provide me with. I will work on anything you send me as early as possible on Monday. Thanks again!


Hello, you're quite welcome. :)

It looks like MBAM took out some of it. :thumbsup: We'll give it a good scrubbing and run some scans to make sure nothing more serious is lurking.


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Fix with FRST


Please note: You will have to put her name back in any entries where her name is redacted in the box below or the fix will not work. You can edit the fix log afterwards to remove her name before posting the results.
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
Closeprocesses:
HKLM-x32\...\Run: [] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-604601340-2333831010-3733641663-1001 -> DefaultScope {878AAD32-30D0-498D-9B01-7D2BD7CAC1C1} URL = http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch_na01&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0Dzz0Dzz0BzyyD0AzyyEtN0D0Tzu0StCtDyCyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2StDyDyC0A0CyC0E0CtGzytBtC0FtG0FyEtD0EtG0A0B0A0DtGtDyCtB0ByCyE0E0A0F0CyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtB0D0E0F0E0BtGyE0C0EtCtGyEzztByEtG0ByE0A0AtGyCtByCyEyEtBzztBtDzzyEtC2Q&cr=178622072&ir=
SearchScopes: HKU\S-1-5-21-604601340-2333831010-3733641663-1001 -> {878AAD32-30D0-498D-9B01-7D2BD7CAC1C1} URL = http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch_na01&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0Dzz0Dzz0BzyyD0AzyyEtN0D0Tzu0StCtDyCyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2StDyDyC0A0CyC0E0CtGzytBtC0FtG0FyEtD0EtG0A0B0A0DtGtDyCtB0ByCyE0E0A0F0CyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtB0D0E0F0E0BtGyE0C0EtCtGyEzztByEtG0ByE0A0AtGyCtByCyEyEtBzztBtDzzyEtC2Q&cr=178622072&ir=
FF SelectedSearchEngine: Vosteran
FF Extension: SalEesCHeckeerr - C:\Users\NAME REDACTED\AppData\Roaming\Mozilla\Firefox\Profiles\qp4g6bpx.default\Extensions\cwzbuye@uaotb.net [2014-05-28]
CHR StartupUrls: Profile 1 -> "hxxp://Vosteran.com/?f=7&a=vst_ggfc_14_49_ch_na01&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0Dzz0Dzz0BzyyD0AzyyEtN0D0Tzu0StCtDyCyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2StDyDyC0A0CyC0E0CtGzytBtC0FtG0FyEtD0EtG0A0B0A0DtGtDyCtB0ByCyE0E0A0F0CyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtB0D0E0F0E0BtGyE0C0EtCtGyEzztByEtG0ByE0A0AtGyCtByCyEyEtBzztBtDzzyEtC2Q&cr=178622072&ir="
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKU\S-1-5-21-604601340-2333831010-3733641663-1001\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
Task: {9A481A0D-114F-491E-8BF5-6B0693D08AEF} - \Digital Sites No Task File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Digital Sites.job => C:\Users\JENNIF~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Emptytemp:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 2: Junkware Removal Tool


thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3: AdwCleaner


Download ADWcleaner by clicking here. Please save it to your Desktop


adwcleaner2_zps680e0e15.jpg
  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Clean button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
    • Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.
    This report is also saved at C:\AdwCleaner[R0].txt
Step 4:Scan with TDSSKIller


Please download TDSSKiller to the desktop.

Alternate download is here.
  • Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
  • When the main GUI(graphical user interface) window opens, click on Change Parameters
  • Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • A Report will have been created by TDSSKiller in your root directory C:\
  • To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
  • Post the contents of that log in your next reply please.
Note: Do not have TDSSKiller remove anything if found at this point in time!


Things I need to see in your next post:

Please post each of the these logs in a separate reply to this thread.

Fixlog.txt Log

Junkware Removal Tool Log

AdwCleaner Log

TDSSKiller Log

I close my topics if there is no response after 3 days. Please PM a moderator or myself to reopen your topic.

Please PM me only if I'm helping you with your computer issues and I have not responded in 2 days. Please remember, I'm a volunteer and sometimes life does get in the way. :)

Please stay with me until I declare your machine clean. Absence of symptoms does not ensure your machine is clean.

If you'd like to make a donation via Paypal, please click here.





#11 sparklynnprez

sparklynnprez
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 05 December 2014 - 07:37 PM

I'm still here so I will do as much as I can before I break for the weekend! 

 

Here is the Fixitlog. I will post the others as I complete them.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-12-2014

Ran by NAME REDACTED at 2014-12-05 18:30:26 Run:1

Running from C:\Users\NAME REDACTED\Desktop

Loaded Profile: NAME REDACTED (Available profiles: NAME REDACTED & Guest)

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

Start

Closeprocesses:

HKLM-x32\...\Run: [] => [X]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

SearchScopes: HKU\S-1-5-21-604601340-2333831010-3733641663-1001 -> DefaultScope {878AAD32-30D0-498D-9B01-7D2BD7CAC1C1} URL = http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch_na01&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0Dzz0Dzz0BzyyD0AzyyEtN0D0Tzu0StCtDyCyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2StDyDyC0A0CyC0E0CtGzytBtC0FtG0FyEtD0EtG0A0B0A0DtGtDyCtB0ByCyE0E0A0F0CyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtB0D0E0F0E0BtGyE0C0EtCtGyEzztByEtG0ByE0A0AtGyCtByCyEyEtBzztBtDzzyEtC2Q&cr=178622072&ir=

SearchScopes: HKU\S-1-5-21-604601340-2333831010-3733641663-1001 -> {878AAD32-30D0-498D-9B01-7D2BD7CAC1C1} URL = http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch_na01&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0Dzz0Dzz0BzyyD0AzyyEtN0D0Tzu0StCtDyCyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2StDyDyC0A0CyC0E0CtGzytBtC0FtG0FyEtD0EtG0A0B0A0DtGtDyCtB0ByCyE0E0A0F0CyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtB0D0E0F0E0BtGyE0C0EtCtGyEzztByEtG0ByE0A0AtGyCtByCyEyEtBzztBtDzzyEtC2Q&cr=178622072&ir=

FF SelectedSearchEngine: Vosteran

FF Extension: SalEesCHeckeerr - C:\Users\NAME REDACTED\AppData\Roaming\Mozilla\Firefox\Profiles\qp4g6bpx.default\Extensions\cwzbuye@uaotb.net [2014-05-28]

CHR StartupUrls: Profile 1 -> "hxxp://Vosteran.com/?f=7&a=vst_ggfc_14_49_ch_na01&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0Dzz0Dzz0BzyyD0AzyyEtN0D0Tzu0StCtDyCyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2StDyDyC0A0CyC0E0CtGzytBtC0FtG0FyEtD0EtG0A0B0A0DtGtDyCtB0ByCyE0E0A0F0CyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtB0D0E0F0E0BtGyE0C0EtCtGyEzztByEtG0ByE0A0AtGyCtByCyEyEtBzztBtDzzyEtC2Q&cr=178622072&ir="

CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path

CHR HKU\S-1-5-21-604601340-2333831010-3733641663-1001\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path

CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path

Task: {9A481A0D-114F-491E-8BF5-6B0693D08AEF} - \Digital Sites No Task File <==== ATTENTION

Task: C:\WINDOWS\Tasks\Digital Sites.job => C:\Users\JENNIF~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Emptytemp:

CMD: netsh advfirewall reset

CMD: netsh advfirewall set allprofiles state on

CMD: ipconfig /flushdns

End

 

*****************

 

Processes closed successfully.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.

"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.

HKU\S-1-5-21-604601340-2333831010-3733641663-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.

"HKU\S-1-5-21-604601340-2333831010-3733641663-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{878AAD32-30D0-498D-9B01-7D2BD7CAC1C1}" => Key deleted successfully.

"HKCR\CLSID\{878AAD32-30D0-498D-9B01-7D2BD7CAC1C1}" => Key not found.

Firefox SelectedSearchEngine deleted successfully.

C:\Users\NAME REDACTED\AppData\Roaming\Mozilla\Firefox\Profiles\qp4g6bpx.default\Extensions\cwzbuye@uaotb.net => Moved successfully.

Chrome StartupUrls deleted successfully.

"HKLM\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce" => Key deleted successfully.

"HKU\S-1-5-21-604601340-2333831010-3733641663-1001\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce" => Key deleted successfully.

"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A481A0D-114F-491E-8BF5-6B0693D08AEF}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A481A0D-114F-491E-8BF5-6B0693D08AEF}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Digital Sites" => Key deleted successfully.

C:\WINDOWS\Tasks\Digital Sites.job => Moved successfully.

 

=========  netsh advfirewall reset =========

 

Ok.

 

 

========= End of CMD: =========

 

 

=========  netsh advfirewall set allprofiles state on =========

 

Ok.

 

 

========= End of CMD: =========

 

 

=========  ipconfig /flushdns =========

 

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========= End of CMD: =========

 

EmptyTemp: => Removed 1.7 GB temporary data.

 

 

The system needed a reboot.

 

==== End of Fixlog ====



#12 sparklynnprez

sparklynnprez
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 05 December 2014 - 07:44 PM

JRT Log: 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.4.0 (11.29.2014:1)

OS: Windows 8.1 x64

Ran by NAME REDACTED on Fri 12/05/2014 at 18:39:12.22

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] C:\ProgramData\LuckyShoapper

Successfully deleted: [Folder] "C:\Users\NAME REDACTED\AppData\Roaming\pc tech hotline"

Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc tech hotline"

Successfully deleted: [Folder] "C:\Users\NAME REDACTED\documents\optimizer pro"

 

 

 

~~~ FireFox

 

Successfully deleted: [File] C:\Users\NAME REDACTED\AppData\Roaming\mozilla\firefox\profiles\qp4g6bpx.default\user.js

Successfully deleted: [Folder] C:\Users\NAME REDACTED\AppData\Roaming\mozilla\firefox\profiles\qp4g6bpx.default\extensions\staged

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Fri 12/05/2014 at 18:42:41.21

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#13 sparklynnprez

sparklynnprez
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 05 December 2014 - 07:53 PM

I'm about to post the Adw Cleaner log, but quick question - my system rebooted. Do I pause my antivirus before running TDSS too? 

 

Adw Cleaner Log:

 

# AdwCleaner v4.104 - Report created 05/12/2014 at 18:47:57

# Updated 05/12/2014 by Xplode

# Database : 2014-12-03.1 [Live]

# Operating System : Windows 8.1  (64 bits)

# Username : NAME REDACTED - JVG

# Running from : C:\Users\NAME REDACTED\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\iolo

Folder Deleted : C:\ProgramData\e4a67b29a36a295a

Folder Deleted : C:\Users\NAME REDACTED\AppData\Roaming\DigitalSites

Folder Deleted : C:\Users\NAME REDACTED\AppData\Roaming\iolo

Folder Deleted : C:\Users\NAME REDACTED\Documents\Updater

 

***** [ Scheduled Tasks ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\IM

Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\vosteran.com

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17416

 

 

-\\ Mozilla Firefox v26.0 (en-US)

 

 

-\\ Google Chrome v39.0.2171.71

 

[C:\Users\Guest.JVG\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}

[C:\Users\Guest.JVG\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

 

*************************

 

AdwCleaner[R0].txt - [2216 octets] - [05/12/2014 18:46:21]

AdwCleaner[S0].txt - [2092 octets] - [05/12/2014 18:47:57]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2152 octets] ##########



#14 pystryker

pystryker

  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:52 PM

Posted 05 December 2014 - 08:01 PM

Yes, always make sure all anti-virus are shut down until completion of the steps. Even after a reboot. Once all steps are complete, then reactivate them.

I close my topics if there is no response after 3 days. Please PM a moderator or myself to reopen your topic.

Please PM me only if I'm helping you with your computer issues and I have not responded in 2 days. Please remember, I'm a volunteer and sometimes life does get in the way. :)

Please stay with me until I declare your machine clean. Absence of symptoms does not ensure your machine is clean.

If you'd like to make a donation via Paypal, please click here.





#15 sparklynnprez

sparklynnprez
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 05 December 2014 - 08:09 PM

TDSS didn't find anything. Here is the log.

 

19:05:16.0050 0x06a8  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34

19:05:16.0050 0x06a8  UEFI system

19:05:18.0278 0x06a8  ============================================================

19:05:18.0278 0x06a8  Current date / time: 2014/12/05 19:05:18.0278

19:05:18.0278 0x06a8  SystemInfo:

19:05:18.0278 0x06a8 

19:05:18.0278 0x06a8  OS Version: 6.3.9600 ServicePack: 0.0

19:05:18.0278 0x06a8  Product type: Workstation

19:05:18.0278 0x06a8  ComputerName: JVG

19:05:18.0278 0x06a8  UserName: NAME REDACTED

19:05:18.0278 0x06a8  Windows directory: C:\WINDOWS

19:05:18.0278 0x06a8  System windows directory: C:\WINDOWS

19:05:18.0278 0x06a8  Running under WOW64

19:05:18.0278 0x06a8  Processor architecture: Intel x64

19:05:18.0278 0x06a8  Number of processors: 4

19:05:18.0278 0x06a8  Page size: 0x1000

19:05:18.0278 0x06a8  Boot type: Normal boot

19:05:18.0278 0x06a8  ============================================================

19:05:18.0674 0x06a8  KLMD registered as C:\WINDOWS\system32\drivers\06886901.sys

19:05:18.0894 0x06a8  System UUID: {7076D0C4-045C-A3C8-49B5-6B7D706C61BF}

19:05:19.0311 0x06a8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

19:05:19.0317 0x06a8  ============================================================

19:05:19.0318 0x06a8  \Device\Harddisk0\DR0:

19:05:19.0318 0x06a8  GPT partitions:

19:05:19.0318 0x06a8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {F4019732-066E-4E12-8273-346C5641494F}, UniqueGUID: {897BA7B4-19FC-4F48-A651-C1EB5659F466}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000

19:05:19.0319 0x06a8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {AD7C6A74-24B8-44BE-8BDC-C112F9D07C81}, Name: Basic data partition, StartLBA 0x82800, BlocksNum 0x2E1000

19:05:19.0319 0x06a8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {798C27B1-6B4A-4A8C-88D3-1189955BDB73}, Name: EFI system partition, StartLBA 0x363800, BlocksNum 0x82000

19:05:19.0319 0x06a8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {AED90152-8E2B-4A21-9007-C5B2DDC4B507}, Name: Microsoft reserved partition, StartLBA 0x3E5800, BlocksNum 0x40000

19:05:19.0319 0x06a8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6E9CFD87-2709-4F64-AF95-9466B1CB5665}, Name: Basic data partition, StartLBA 0x425800, BlocksNum 0x70722800

19:05:19.0319 0x06a8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E99BD75E-9A79-4E2C-9897-2BE27B86656C}, Name: , StartLBA 0x70B48000, BlocksNum 0xE1000

19:05:19.0319 0x06a8  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F3A7EBA9-4C65-4AA3-8F95-B52FB8C99FBC}, Name: Basic data partition, StartLBA 0x70C29000, BlocksNum 0x3ADD800

19:05:19.0319 0x06a8  MBR partitions:

19:05:19.0319 0x06a8  ============================================================

19:05:19.0334 0x06a8  C: <-> \Device\Harddisk0\DR0\Partition5

19:05:19.0334 0x06a8  ============================================================

19:05:19.0334 0x06a8  Initialize success

19:05:19.0334 0x06a8  ============================================================

19:05:25.0122 0x0984  ============================================================

19:05:25.0122 0x0984  Scan started

19:05:25.0122 0x0984  Mode: Manual; SigCheck; TDLFS;

19:05:25.0122 0x0984  ============================================================

19:05:25.0122 0x0984  KSN ping started

19:05:27.0553 0x0984  KSN ping finished: true

19:05:28.0516 0x0984  ================ Scan system memory ========================

19:05:28.0516 0x0984  System memory - ok

19:05:28.0516 0x0984  ================ Scan services =============================

19:05:28.0734 0x0984  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys

19:05:28.0812 0x0984  1394ohci - ok

19:05:28.0828 0x0984  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys

19:05:28.0859 0x0984  3ware - ok

19:05:28.0922 0x0984  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys

19:05:28.0969 0x0984  ACPI - ok

19:05:28.0984 0x0984  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys

19:05:29.0016 0x0984  acpiex - ok

19:05:29.0031 0x0984  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys

19:05:29.0062 0x0984  acpipagr - ok

19:05:29.0094 0x0984  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys

19:05:29.0109 0x0984  AcpiPmi - ok

19:05:29.0141 0x0984  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys

19:05:29.0156 0x0984  acpitime - ok

19:05:29.0234 0x0984  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

19:05:29.0250 0x0984  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )

19:05:33.0122 0x0984  Detect skipped due to KSN trusted

19:05:33.0122 0x0984  Adobe LM Service - ok

19:05:33.0294 0x0984  [ 41D15EAD554396BF35B7C5246AD47A28, 456835B33E95D083CD0076F06B591D63FB969025940A5CFD87CAB37C658B6855 ] Adobe Version Cue CS2 c:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe

19:05:33.0309 0x0984  Adobe Version Cue CS2 - detected UnsignedFile.Multi.Generic ( 1 )

19:05:35.0805 0x0984  Detect skipped due to KSN trusted

19:05:35.0805 0x0984  Adobe Version Cue CS2 - ok

19:05:35.0899 0x0984  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

19:05:35.0930 0x0984  AdobeARMservice - ok

19:05:35.0992 0x0984  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS

19:05:36.0039 0x0984  ADP80XX - ok

19:05:36.0102 0x0984  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll

19:05:36.0133 0x0984  AeLookupSvc - ok

19:05:36.0195 0x0984  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys

19:05:36.0242 0x0984  AFD - ok

19:05:36.0258 0x0984  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys

19:05:36.0274 0x0984  agp440 - ok

19:05:36.0289 0x0984  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys

19:05:36.0316 0x0984  ahcache - ok

19:05:36.0350 0x0984  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe

19:05:36.0366 0x0984  ALG - ok

19:05:36.0397 0x0984  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys

19:05:36.0413 0x0984  AmdK8 - ok

19:05:36.0429 0x0984  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys

19:05:36.0444 0x0984  AmdPPM - ok

19:05:36.0460 0x0984  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys

19:05:36.0475 0x0984  amdsata - ok

19:05:36.0507 0x0984  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys

19:05:36.0522 0x0984  amdsbs - ok

19:05:36.0538 0x0984  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys

19:05:36.0554 0x0984  amdxata - ok

19:05:36.0585 0x0984  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys

19:05:36.0600 0x0984  AppID - ok

19:05:36.0616 0x0984  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll

19:05:36.0647 0x0984  AppIDSvc - ok

19:05:36.0679 0x0984  [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo         C:\WINDOWS\System32\appinfo.dll

19:05:36.0725 0x0984  Appinfo - ok

19:05:36.0788 0x0984  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:05:36.0804 0x0984  Apple Mobile Device - ok

19:05:36.0882 0x0984  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll

19:05:36.0929 0x0984  AppReadiness - ok

19:05:37.0022 0x0984  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll

19:05:37.0085 0x0984  AppXSvc - ok

19:05:37.0116 0x0984  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys

19:05:37.0116 0x0984  arcsas - ok

19:05:37.0147 0x0984  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys

19:05:37.0147 0x0984  atapi - ok

19:05:37.0163 0x0984  [ 7F70B1044272982AAEA7C16E83424770, A7694D38DF5A0E1040688017DB811EF0788874FE505ADD572DE4D4647073DC12 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll

19:05:37.0179 0x0984  AudioEndpointBuilder - ok

19:05:37.0210 0x0984  [ C0484CA5C7F87E38909746B63C7FC868, 65159639E2300AEA886184E9D47D449350DAF69A8AA2F9DBD6BD8A474BA73177 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll

19:05:37.0225 0x0984  Audiosrv - ok

19:05:37.0304 0x0984  [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] avp             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe

19:05:37.0350 0x0984  avp - ok

19:05:37.0397 0x0984  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll

19:05:37.0429 0x0984  AxInstSV - ok

19:05:37.0491 0x0984  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys

19:05:37.0538 0x0984  b06bdrv - ok

19:05:37.0554 0x0984  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys

19:05:37.0569 0x0984  BasicDisplay - ok

19:05:37.0585 0x0984  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys

19:05:37.0616 0x0984  BasicRender - ok

19:05:37.0663 0x0984  [ 70433F7A216BD0B5EC7DA1202EE53E65, 12F3210EC5546714B34225770242F5CF4AC36032BB49A8E8989620BA274AC505 ] bcbtums         C:\WINDOWS\system32\drivers\bcbtums.sys

19:05:37.0679 0x0984  bcbtums - ok

19:05:37.0710 0x0984  [ 80EF4382B5CB1DB7BF56629131D36AA5, BEC4F3AE3E805688A2DB394046451276FFB1663838778F3B33950C5CE766CDE9 ] BCM42RLY        C:\WINDOWS\system32\drivers\BCM42RLY.sys

19:05:37.0741 0x0984  BCM42RLY - ok

19:05:38.0007 0x0984  [ 68B456A065A973B9066DBA5430010A0D, EDB3DBD07BA0E589DA16E7C77283E64B9603FDA4AD2098EBF1A1F904D693086B ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys

19:05:38.0116 0x0984  BCM43XX - ok

19:05:38.0257 0x0984  [ 18B186BCC56EC611DE519CBA7D4F65B0, 6F2520AAFDAA4208717DCD121527911D580727C5A6B8C4C7F07C4155C4D8662D ] BcmBtRSupport   C:\WINDOWS\system32\BtwRSupportService.exe

19:05:38.0332 0x0984  BcmBtRSupport - ok

19:05:38.0347 0x0984  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys

19:05:38.0363 0x0984  bcmfn2 - ok

19:05:38.0394 0x0984  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll

19:05:38.0425 0x0984  BDESVC - ok

19:05:38.0457 0x0984  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

19:05:38.0488 0x0984  Beep - ok

19:05:38.0582 0x0984  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\WINDOWS\System32\bfe.dll

19:05:38.0628 0x0984  BFE - ok

19:05:38.0691 0x0984  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll

19:05:38.0722 0x0984  BITS - ok

19:05:38.0785 0x0984  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

19:05:38.0816 0x0984  Bonjour Service - ok

19:05:38.0863 0x0984  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys

19:05:38.0879 0x0984  bowser - ok

19:05:38.0925 0x0984  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll

19:05:38.0957 0x0984  BrokerInfrastructure - ok

19:05:38.0988 0x0984  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\WINDOWS\System32\browser.dll

19:05:39.0019 0x0984  Browser - ok

19:05:39.0050 0x0984  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys

19:05:39.0082 0x0984  BthAvrcpTg - ok

19:05:39.0129 0x0984  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys

19:05:39.0160 0x0984  BthEnum - ok

19:05:39.0175 0x0984  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys

19:05:39.0191 0x0984  BthHFEnum - ok

19:05:39.0222 0x0984  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys

19:05:39.0254 0x0984  bthhfhid - ok

19:05:39.0285 0x0984  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys

19:05:39.0300 0x0984  BthLEEnum - ok

19:05:39.0332 0x0984  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys

19:05:39.0347 0x0984  BTHMODEM - ok

19:05:39.0379 0x0984  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys

19:05:39.0394 0x0984  BthPan - ok

19:05:39.0535 0x0984  [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys

19:05:39.0566 0x0984  BTHPORT - ok

19:05:39.0613 0x0984  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll

19:05:39.0613 0x0984  bthserv - ok

19:05:39.0675 0x0984  [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys

19:05:39.0707 0x0984  BTHUSB - ok

19:05:39.0754 0x0984  [ 20C8EB70C0B179DF06A01CA503F4A824, 1C2DADCBC5D85C1D4F6A28B7F374C829E6DCE0EB720EBDA43CF6AC0AC934AA5E ] btwampfl        C:\WINDOWS\system32\DRIVERS\btwampfl.sys

19:05:39.0769 0x0984  btwampfl - ok

19:05:39.0816 0x0984  [ E453A259D395359EC30D0659C505D810, 7263DD22178ADBC124BA7BF284161AD42105B648D4B2114CC070C96A01DBDA9B ] btwaudio        C:\WINDOWS\system32\drivers\btwaudio.sys

19:05:39.0847 0x0984  btwaudio - ok

19:05:39.0863 0x0984  [ 6B126F6A186C09116026DE56CD75EAD2, DA018681AA4A8C76FD73FC5826AE4E48E14B53AE9027F65B1ADF67DB69909E14 ] btwavdt         C:\WINDOWS\System32\drivers\btwavdt.sys

19:05:39.0894 0x0984  btwavdt - ok

19:05:40.0004 0x0984  [ 35412CD4A227EE7A99179A930B1FDF4E, E6349B7646544B5B065112D9C7563F0A95462CA4511CB00B77D91E7C14DAD541 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

19:05:40.0066 0x0984  btwdins - ok

19:05:40.0097 0x0984  [ C3C8974D99F976C927165363855690CD, 2B73E11FE341DE581CFF655E58C5671B83F4331529C30DADCAA9B6BE615D5E1F ] btwl2cap        C:\WINDOWS\system32\DRIVERS\btwl2cap.sys

19:05:40.0113 0x0984  btwl2cap - ok

19:05:40.0160 0x0984  [ AFF619C44E3624A9891830606604B480, C300EC64BB04D6EB019802D5433C1D1BD7A6EC0E5A4AFF5CBB41E3990429804C ] btwrchid        C:\WINDOWS\System32\drivers\btwrchid.sys

19:05:40.0175 0x0984  btwrchid - ok

19:05:40.0321 0x0984  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

19:05:40.0385 0x0984  c2cautoupdatesvc - ok

19:05:40.0494 0x0984  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

19:05:40.0557 0x0984  c2cpnrsvc - ok

19:05:40.0573 0x0984  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys

19:05:40.0573 0x0984  cdfs - ok

19:05:40.0604 0x0984  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys

19:05:40.0604 0x0984  cdrom - ok

19:05:40.0651 0x0984  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll

19:05:40.0682 0x0984  CertPropSvc - ok

19:05:40.0713 0x0984  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys

19:05:40.0729 0x0984  circlass - ok

19:05:40.0776 0x0984  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys

19:05:40.0807 0x0984  CLFS - ok

19:05:40.0838 0x0984  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys

19:05:40.0854 0x0984  CLVirtualDrive - ok

19:05:40.0869 0x0984  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys

19:05:40.0885 0x0984  CmBatt - ok

19:05:40.0932 0x0984  [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys

19:05:40.0979 0x0984  CNG - ok

19:05:40.0994 0x0984  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys

19:05:41.0010 0x0984  CompositeBus - ok

19:05:41.0010 0x0984  COMSysApp - ok

19:05:41.0041 0x0984  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys

19:05:41.0057 0x0984  condrv - ok

19:05:41.0151 0x0984  [ 15FBADDC84ED202E59A4F1B201CC692C, A50092155B18DAD51049A72503002F08C1BB2DFDA239C4D3555360C163F2F782 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

19:05:41.0198 0x0984  cphs - ok

19:05:41.0244 0x0984  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll

19:05:41.0260 0x0984  CryptSvc - ok

19:05:41.0307 0x0984  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys

19:05:41.0338 0x0984  dam - ok

19:05:41.0463 0x0984  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

19:05:41.0526 0x0984  DcomLaunch - ok

19:05:41.0573 0x0984  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll

19:05:41.0588 0x0984  defragsvc - ok

19:05:41.0666 0x0984  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll

19:05:41.0698 0x0984  DeviceAssociationService - ok

19:05:41.0744 0x0984  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll

19:05:41.0776 0x0984  DeviceInstall - ok

19:05:41.0791 0x0984  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys

19:05:41.0807 0x0984  Dfsc - ok

19:05:41.0854 0x0984  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll

19:05:41.0869 0x0984  Dhcp - ok

19:05:41.0901 0x0984  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys

19:05:41.0916 0x0984  disk - ok

19:05:41.0948 0x0984  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys

19:05:41.0963 0x0984  dmvsc - ok

19:05:42.0010 0x0984  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

19:05:42.0041 0x0984  Dnscache - ok

19:05:42.0135 0x0984  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll

19:05:42.0198 0x0984  dot3svc - ok

19:05:42.0229 0x0984  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll

19:05:42.0276 0x0984  DPS - ok

19:05:42.0323 0x0984  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

19:05:42.0338 0x0984  drmkaud - ok

19:05:42.0375 0x0984  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll

19:05:42.0438 0x0984  DsmSvc - ok

19:05:42.0547 0x0984  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys

19:05:42.0594 0x0984  DXGKrnl - ok

19:05:42.0625 0x0984  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll

19:05:42.0641 0x0984  Eaphost - ok

19:05:42.0813 0x0984  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys

19:05:42.0891 0x0984  ebdrv - ok

19:05:42.0922 0x0984  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe

19:05:42.0922 0x0984  EFS - ok

19:05:42.0953 0x0984  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys

19:05:42.0985 0x0984  EhStorClass - ok

19:05:43.0000 0x0984  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys

19:05:43.0016 0x0984  EhStorTcgDrv - ok

19:05:43.0032 0x0984  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys

19:05:43.0047 0x0984  ErrDev - ok

19:05:43.0094 0x0984  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll

19:05:43.0125 0x0984  EventSystem - ok

19:05:43.0157 0x0984  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys

19:05:43.0172 0x0984  exfat - ok

19:05:43.0203 0x0984  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys

19:05:43.0203 0x0984  fastfat - ok

19:05:43.0250 0x0984  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe

19:05:43.0266 0x0984  Fax - ok

19:05:43.0297 0x0984  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys

19:05:43.0297 0x0984  fdc - ok

19:05:43.0328 0x0984  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll

19:05:43.0344 0x0984  fdPHost - ok

19:05:43.0344 0x0984  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll

19:05:43.0360 0x0984  FDResPub - ok

19:05:43.0375 0x0984  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll

19:05:43.0391 0x0984  fhsvc - ok

19:05:43.0407 0x0984  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys

19:05:43.0407 0x0984  FileInfo - ok

19:05:43.0438 0x0984  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys

19:05:43.0453 0x0984  Filetrace - ok

19:05:43.0469 0x0984  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys

19:05:43.0469 0x0984  flpydisk - ok

19:05:43.0516 0x0984  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

19:05:43.0563 0x0984  FltMgr - ok

19:05:43.0672 0x0984  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\WINDOWS\system32\FntCache.dll

19:05:43.0719 0x0984  FontCache - ok

19:05:43.0828 0x0984  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

19:05:43.0844 0x0984  FontCache3.0.0.0 - ok

19:05:43.0875 0x0984  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys

19:05:43.0907 0x0984  FsDepends - ok

19:05:43.0938 0x0984  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:05:43.0969 0x0984  Fs_Rec - ok

19:05:44.0032 0x0984  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys

19:05:44.0094 0x0984  fvevol - ok

19:05:44.0110 0x0984  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys

19:05:44.0126 0x0984  FxPPM - ok

19:05:44.0157 0x0984  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys

19:05:44.0173 0x0984  gagp30kx - ok

19:05:44.0204 0x0984  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

19:05:44.0219 0x0984  GEARAspiWDM - ok

19:05:44.0251 0x0984  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys

19:05:44.0282 0x0984  gencounter - ok

19:05:44.0313 0x0984  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys

19:05:44.0344 0x0984  GPIOClx0101 - ok

19:05:44.0443 0x0984  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll

19:05:44.0490 0x0984  gpsvc - ok

19:05:44.0521 0x0984  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

19:05:44.0537 0x0984  gupdate - ok

19:05:44.0537 0x0984  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

19:05:44.0537 0x0984  gupdatem - ok

19:05:44.0568 0x0984  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys

19:05:44.0568 0x0984  HDAudBus - ok

19:05:44.0599 0x0984  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys

19:05:44.0615 0x0984  HidBatt - ok

19:05:44.0615 0x0984  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys

19:05:44.0630 0x0984  HidBth - ok

19:05:44.0646 0x0984  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys

19:05:44.0646 0x0984  hidi2c - ok

19:05:44.0677 0x0984  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys

19:05:44.0693 0x0984  HidIr - ok

19:05:44.0709 0x0984  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll

19:05:44.0740 0x0984  hidserv - ok

19:05:44.0771 0x0984  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys

19:05:44.0802 0x0984  HidUsb - ok

19:05:44.0834 0x0984  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll

19:05:44.0865 0x0984  hkmsvc - ok

19:05:44.0896 0x0984  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll

19:05:44.0943 0x0984  HomeGroupListener - ok

19:05:44.0990 0x0984  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll

19:05:45.0021 0x0984  HomeGroupProvider - ok

19:05:45.0052 0x0984  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys

19:05:45.0068 0x0984  HpSAMD - ok

19:05:45.0146 0x0984  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys

19:05:45.0209 0x0984  HTTP - ok

19:05:45.0240 0x0984  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys

19:05:45.0255 0x0984  hwpolicy - ok

19:05:45.0282 0x0984  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys

19:05:45.0314 0x0984  hyperkbd - ok

19:05:45.0329 0x0984  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys

19:05:45.0361 0x0984  HyperVideo - ok

19:05:45.0376 0x0984  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys

19:05:45.0407 0x0984  i8042prt - ok

19:05:45.0423 0x0984  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys

19:05:45.0439 0x0984  iaLPSSi_GPIO - ok

19:05:45.0470 0x0984  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys

19:05:45.0486 0x0984  iaLPSSi_I2C - ok

19:05:45.0548 0x0984  [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys

19:05:45.0579 0x0984  iaStorA - ok

19:05:45.0626 0x0984  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys

19:05:45.0657 0x0984  iaStorAV - ok

19:05:45.0673 0x0984  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys

19:05:45.0689 0x0984  iaStorV - ok

19:05:45.0751 0x0984  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

19:05:45.0767 0x0984  ICCS - ok

19:05:45.0939 0x0984  [ DEA2F976E7327716AA0038EBF550003A, 5EA4666874F1D03879EA95F28228AC9EA3D7DF0F2E199EEE9B5BC6C81CA290B3 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

19:05:46.0001 0x0984  IconMan_R - ok

19:05:46.0001 0x0984  IEEtwCollectorService - ok

19:05:46.0204 0x0984  [ C38AFE18A40ADF005647090DD3AC24F3, 302810C31B005DD4C9143233AB5B4F332C62AD866A7C7AB0E8F8F81AE1766B11 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys

19:05:46.0267 0x0984  igfx - ok

19:05:46.0314 0x0984  [ 7A510A9AFC7955DEE63F8DC243E31292, 13906F6212F4C116BE224F2A8AFFF089ACFED8F543E26FC6208FF38463366173 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe

19:05:46.0329 0x0984  igfxCUIService1.0.0.0 - ok

19:05:46.0427 0x0984  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll

19:05:46.0505 0x0984  IKEEXT - ok

19:05:46.0536 0x0984  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys

19:05:46.0552 0x0984  intaud_WaveExtensible - ok

19:05:46.0708 0x0984  [ F9A6ACDDD86D3281F765374A0BF37DE0, 988911FC45B14A5E40AD91B49A18DFFF56F81874611ED994624D7200E7FDD834 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys

19:05:46.0770 0x0984  IntcAzAudAddService - ok

19:05:46.0817 0x0984  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys

19:05:46.0817 0x0984  IntcDAud - ok

19:05:46.0942 0x0984  [ B353F1834FCD36D77BE3F74992C147D4, BFBC42B500FC7D6D2B523F988DD54156D2B6132CBE366EB591BF45556959A8E9 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

19:05:46.0989 0x0984  Intel® Capability Licensing Service Interface - ok

19:05:47.0020 0x0984  [ 420142EC02098130910F34191F38D1B1, 8D853F69DFF2D6D66BB1A25644E66DC1E8D841B86674925821B7795FBDC6A683 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

19:05:47.0036 0x0984  Intel® ME Service - ok

19:05:47.0083 0x0984  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys

19:05:47.0098 0x0984  intelide - ok

19:05:47.0145 0x0984  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys

19:05:47.0177 0x0984  intelpep - ok

19:05:47.0208 0x0984  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys

19:05:47.0223 0x0984  intelppm - ok

19:05:47.0255 0x0984  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:05:47.0286 0x0984  IpFilterDriver - ok

19:05:47.0348 0x0984  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll

19:05:47.0380 0x0984  iphlpsvc - ok

19:05:47.0395 0x0984  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys

19:05:47.0411 0x0984  IPMIDRV - ok

19:05:47.0442 0x0984  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys

19:05:47.0442 0x0984  IPNAT - ok

19:05:47.0520 0x0984  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

19:05:47.0552 0x0984  iPod Service - ok

19:05:47.0567 0x0984  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys

19:05:47.0583 0x0984  IRENUM - ok

19:05:47.0614 0x0984  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys

19:05:47.0630 0x0984  isapnp - ok

19:05:47.0661 0x0984  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys

19:05:47.0692 0x0984  iScsiPrt - ok

19:05:47.0724 0x0984  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys

19:05:47.0739 0x0984  iwdbus - ok

19:05:47.0786 0x0984  [ 9B24288D9F247BC5B3DAA71C571A028C, 0A1EF61858F9C1066F299C94C0FC4BB434D7585536294847CA8E21E731B9B931 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

19:05:47.0802 0x0984  jhi_service - ok

19:05:47.0848 0x0984  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys

19:05:47.0864 0x0984  kbdclass - ok

19:05:47.0895 0x0984  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys

19:05:47.0911 0x0984  kbdhid - ok

19:05:47.0927 0x0984  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys

19:05:47.0942 0x0984  kdnic - ok

19:05:47.0974 0x0984  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe

19:05:47.0989 0x0984  KeyIso - ok

19:05:48.0036 0x0984  [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys

19:05:48.0067 0x0984  kl1 - ok

19:05:48.0083 0x0984  [ 2248A9F2B7704271C72E306001C7FBE0, FEC8E10F4FAB332E36C1C5801396174B4CE21186431A2A234CE49695C4674ACA ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys

19:05:48.0099 0x0984  klelam - ok

19:05:48.0130 0x0984  [ BC996B5D96CB7463268DE67E2D99F496, F2763242B69B1290FCAF54B6353BC1469C47D774724249D4CB9BFEC100890970 ] klflt           C:\WINDOWS\system32\DRIVERS\klflt.sys

19:05:48.0145 0x0984  klflt - ok

19:05:48.0177 0x0984  [ E8D6C80D4E11383CEE269F9C27E6464C, 5E9EAD64AE221AE8BF87730A7FDDF8023805184D12A058A147ECD887FA3D3012 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys

19:05:48.0208 0x0984  KLIF - ok

19:05:48.0239 0x0984  [ B6822DEFE601629F19E0A2D7F0D623F2, FD71A2AA3FC4698B5436D185E2F2A3EB6A111AE8F35606E1658E2D18CE744F13 ] KLIM6           C:\WINDOWS\system32\DRIVERS\klim6.sys

19:05:48.0239 0x0984  KLIM6 - ok

19:05:48.0255 0x0984  [ B45DEC5BD71885E833DF3D837CE7C606, 8A81802122EE6BD791E36F9F27D921C9BC4D5B6604C0A79F9F1D806AD44B9869 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys

19:05:48.0255 0x0984  klkbdflt - ok

19:05:48.0270 0x0984  [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys

19:05:48.0270 0x0984  klmouflt - ok

19:05:48.0286 0x0984  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys

19:05:48.0286 0x0984  klpd - ok

19:05:48.0317 0x0984  [ EAAF7E0936CC5474F433B684A2C68CF2, 5E5E5D324000F2209C7E32DC965FBD822850B4E1351887A93B50FB79844BF781 ] klwfp           C:\WINDOWS\system32\DRIVERS\klwfp.sys

19:05:48.0333 0x0984  klwfp - ok

19:05:48.0349 0x0984  [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys

19:05:48.0364 0x0984  kneps - ok

19:05:48.0380 0x0984  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys

19:05:48.0395 0x0984  KSecDD - ok

19:05:48.0424 0x0984  [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys

19:05:48.0440 0x0984  KSecPkg - ok

19:05:48.0455 0x0984  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys

19:05:48.0471 0x0984  ksthunk - ok

19:05:48.0533 0x0984  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll

19:05:48.0565 0x0984  KtmRm - ok

19:05:48.0611 0x0984  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll

19:05:48.0627 0x0984  LanmanServer - ok

19:05:48.0674 0x0984  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll

19:05:48.0690 0x0984  LanmanWorkstation - ok

19:05:48.0752 0x0984  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll

19:05:48.0768 0x0984  lfsvc - ok

19:05:48.0799 0x0984  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys

19:05:48.0830 0x0984  lltdio - ok

19:05:48.0861 0x0984  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll

19:05:48.0908 0x0984  lltdsvc - ok

19:05:48.0924 0x0984  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll

19:05:48.0955 0x0984  lmhosts - ok

19:05:48.0986 0x0984  [ F194FE43BD9C0E949384E16EED7AA52E, 6260DD6DE9E6BBE8AB2CB8FA3A008C921ACDD340A6BF5C6A1C7C4FFE84C5BD79 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

19:05:49.0018 0x0984  LMS - ok

19:05:49.0065 0x0984  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys

19:05:49.0080 0x0984  LSI_SAS - ok

19:05:49.0111 0x0984  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys

19:05:49.0127 0x0984  LSI_SAS2 - ok

19:05:49.0143 0x0984  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys

19:05:49.0158 0x0984  LSI_SAS3 - ok

19:05:49.0190 0x0984  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys

19:05:49.0205 0x0984  LSI_SSS - ok

19:05:49.0252 0x0984  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll

19:05:49.0299 0x0984  LSM - ok

19:05:49.0330 0x0984  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys

19:05:49.0346 0x0984  luafv - ok

19:05:49.0377 0x0984  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys

19:05:49.0393 0x0984  megasas - ok

19:05:49.0440 0x0984  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys

19:05:49.0471 0x0984  megasr - ok

19:05:49.0502 0x0984  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys

19:05:49.0518 0x0984  MEIx64 - ok

19:05:49.0549 0x0984  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll

19:05:49.0580 0x0984  MMCSS - ok

19:05:49.0612 0x0984  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys

19:05:49.0643 0x0984  Modem - ok

19:05:49.0658 0x0984  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys

19:05:49.0690 0x0984  monitor - ok

19:05:49.0705 0x0984  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys

19:05:49.0736 0x0984  mouclass - ok

19:05:49.0752 0x0984  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys

19:05:49.0783 0x0984  mouhid - ok

19:05:49.0815 0x0984  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys

19:05:49.0846 0x0984  mountmgr - ok

19:05:49.0893 0x0984  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

19:05:49.0924 0x0984  MozillaMaintenance - ok

19:05:49.0955 0x0984  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys

19:05:49.0987 0x0984  mpsdrv - ok

19:05:50.0050 0x0984  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll

19:05:50.0097 0x0984  MpsSvc - ok

19:05:50.0128 0x0984  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys

19:05:50.0175 0x0984  MRxDAV - ok

19:05:50.0222 0x0984  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:05:50.0268 0x0984  mrxsmb - ok

19:05:50.0306 0x0984  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys

19:05:50.0336 0x0984  mrxsmb10 - ok

19:05:50.0350 0x0984  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys

19:05:50.0366 0x0984  mrxsmb20 - ok

19:05:50.0397 0x0984  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys

19:05:50.0428 0x0984  MsBridge - ok

19:05:50.0444 0x0984  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe

19:05:50.0476 0x0984  MSDTC - ok

19:05:50.0507 0x0984  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

19:05:50.0522 0x0984  Msfs - ok

19:05:50.0554 0x0984  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys

19:05:50.0554 0x0984  msgpiowin32 - ok

19:05:50.0569 0x0984  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys

19:05:50.0585 0x0984  mshidkmdf - ok

19:05:50.0601 0x0984  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys

19:05:50.0616 0x0984  mshidumdf - ok

19:05:50.0647 0x0984  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys

19:05:50.0663 0x0984  msisadrv - ok

19:05:50.0710 0x0984  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll

19:05:50.0741 0x0984  MSiSCSI - ok

19:05:50.0757 0x0984  msiserver - ok

19:05:50.0772 0x0984  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:05:50.0804 0x0984  MSKSSRV - ok

19:05:50.0835 0x0984  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys

19:05:50.0866 0x0984  MsLldp - ok

19:05:50.0913 0x0984  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:05:50.0929 0x0984  MSPCLOCK - ok

19:05:50.0944 0x0984  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

19:05:50.0960 0x0984  MSPQM - ok

19:05:51.0007 0x0984  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys

19:05:51.0054 0x0984  MsRPC - ok

19:05:51.0069 0x0984  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys

19:05:51.0085 0x0984  mssmbios - ok

19:05:51.0101 0x0984  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys

19:05:51.0116 0x0984  MSTEE - ok

19:05:51.0132 0x0984  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys

19:05:51.0147 0x0984  MTConfig - ok

19:05:51.0163 0x0984  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys

19:05:51.0179 0x0984  Mup - ok

19:05:51.0210 0x0984  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys

19:05:51.0241 0x0984  mvumis - ok

19:05:51.0288 0x0984  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll

19:05:51.0335 0x0984  napagent - ok

19:05:51.0366 0x0984  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys

19:05:51.0397 0x0984  NativeWifiP - ok

19:05:51.0429 0x0984  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll

19:05:51.0429 0x0984  NcaSvc - ok

19:05:51.0460 0x0984  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll

19:05:51.0460 0x0984  NcbService - ok

19:05:51.0476 0x0984  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll

19:05:51.0522 0x0984  NcdAutoSetup - ok

19:05:51.0616 0x0984  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys

19:05:51.0663 0x0984  NDIS - ok

19:05:51.0679 0x0984  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys

19:05:51.0694 0x0984  NdisCap - ok

19:05:51.0710 0x0984  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys

19:05:51.0710 0x0984  NdisImPlatform - ok

19:05:51.0726 0x0984  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:05:51.0741 0x0984  NdisTapi - ok

19:05:51.0772 0x0984  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:05:51.0772 0x0984  Ndisuio - ok

19:05:51.0788 0x0984  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys

19:05:51.0804 0x0984  NdisVirtualBus - ok

19:05:51.0819 0x0984  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:05:51.0835 0x0984  NdisWan - ok

19:05:51.0851 0x0984  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:05:51.0851 0x0984  NdisWanLegacy - ok

19:05:51.0866 0x0984  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

19:05:51.0866 0x0984  NDProxy - ok

19:05:51.0897 0x0984  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys

19:05:51.0913 0x0984  Ndu - ok

19:05:51.0944 0x0984  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

19:05:51.0960 0x0984  NetBIOS - ok

19:05:51.0976 0x0984  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

19:05:51.0991 0x0984  NetBT - ok

19:05:51.0991 0x0984  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe

19:05:52.0007 0x0984  Netlogon - ok

19:05:52.0038 0x0984  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll

19:05:52.0054 0x0984  Netman - ok

19:05:52.0085 0x0984  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll

19:05:52.0101 0x0984  netprofm - ok

19:05:52.0163 0x0984  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:05:52.0195 0x0984  NetTcpPortSharing - ok

19:05:52.0226 0x0984  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys

19:05:52.0257 0x0984  netvsc - ok

19:05:52.0382 0x0984  [ 7B4EB17E7352F4B68502F3142C89CCAD, 7F1F985BF1491134C72D5238B520952B9E7CEB081C2ED46D2036B980AFD26807 ] NetworkSupport  C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe

19:05:52.0413 0x0984  NetworkSupport - ok

19:05:52.0465 0x0984  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll

19:05:52.0496 0x0984  NlaSvc - ok

19:05:52.0512 0x0984  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

19:05:52.0527 0x0984  Npfs - ok

19:05:52.0543 0x0984  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys

19:05:52.0543 0x0984  npsvctrig - ok

19:05:52.0574 0x0984  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll

19:05:52.0574 0x0984  nsi - ok

19:05:52.0590 0x0984  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys

19:05:52.0605 0x0984  nsiproxy - ok

19:05:52.0668 0x0984  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

19:05:52.0715 0x0984  Ntfs - ok

19:05:52.0746 0x0984  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys

19:05:52.0762 0x0984  Null - ok

19:05:52.0793 0x0984  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys

19:05:52.0824 0x0984  nvraid - ok

19:05:52.0840 0x0984  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys

19:05:52.0855 0x0984  nvstor - ok

19:05:52.0871 0x0984  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys

19:05:52.0887 0x0984  nv_agp - ok

19:05:52.0996 0x0984  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

19:05:53.0043 0x0984  odserv - ok

19:05:53.0090 0x0984  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

19:05:53.0105 0x0984  ose - ok

19:05:53.0168 0x0984  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll

19:05:53.0199 0x0984  p2pimsvc - ok

19:05:53.0246 0x0984  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll

19:05:53.0277 0x0984  p2psvc - ok

19:05:53.0293 0x0984  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys

19:05:53.0324 0x0984  Parport - ok

19:05:53.0340 0x0984  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys

19:05:53.0371 0x0984  partmgr - ok

19:05:53.0418 0x0984  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll

19:05:53.0449 0x0984  PcaSvc - ok

19:05:53.0480 0x0984  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys

19:05:53.0512 0x0984  pci - ok

19:05:53.0543 0x0984  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys

19:05:53.0558 0x0984  pciide - ok

19:05:53.0605 0x0984  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys

19:05:53.0637 0x0984  pcmcia - ok

19:05:53.0652 0x0984  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys

19:05:53.0668 0x0984  pcw - ok

19:05:53.0684 0x0984  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys

19:05:53.0699 0x0984  pdc - ok

19:05:53.0762 0x0984  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys

19:05:53.0809 0x0984  PEAUTH - ok

19:05:53.0887 0x0984  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe

19:05:53.0918 0x0984  PerfHost - ok

19:05:54.0059 0x0984  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll

19:05:54.0122 0x0984  pla - ok

19:05:54.0153 0x0984  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll

19:05:54.0168 0x0984  PlugPlay - ok

19:05:54.0231 0x0984  [ 38B0FEA1C0FAFD80C6BB3E8B720E7910, 724893357105A259FFB3513D8737D553F9B5B8FF1EFF18FB4D1803E324390B43 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

19:05:54.0262 0x0984  PMBDeviceInfoProvider - ok

19:05:54.0293 0x0984  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll

19:05:54.0309 0x0984  PNRPAutoReg - ok

19:05:54.0340 0x0984  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll

19:05:54.0372 0x0984  PNRPsvc - ok

19:05:54.0418 0x0984  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll

19:05:54.0450 0x0984  PolicyAgent - ok

19:05:54.0478 0x0984  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll

19:05:54.0478 0x0984  Power - ok

19:05:54.0650 0x0984  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll

19:05:54.0712 0x0984  PrintNotify - ok

19:05:54.0743 0x0984  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys

19:05:54.0775 0x0984  Processor - ok

19:05:54.0822 0x0984  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll

19:05:54.0853 0x0984  ProfSvc - ok

19:05:54.0884 0x0984  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys

19:05:54.0915 0x0984  Psched - ok

19:05:54.0947 0x0984  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll

19:05:54.0993 0x0984  QWAVE - ok

19:05:55.0025 0x0984  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys

19:05:55.0040 0x0984  QWAVEdrv - ok

19:05:55.0072 0x0984  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:05:55.0103 0x0984  RasAcd - ok

19:05:55.0118 0x0984  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

19:05:55.0134 0x0984  RasAuto - ok

19:05:55.0181 0x0984  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll

19:05:55.0212 0x0984  RasMan - ok

19:05:55.0243 0x0984  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:05:55.0259 0x0984  RasPppoe - ok

19:05:55.0290 0x0984  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:05:55.0306 0x0984  rdbss - ok

19:05:55.0337 0x0984  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys

19:05:55.0337 0x0984  rdpbus - ok

19:05:55.0363 0x0984  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys

19:05:55.0379 0x0984  RDPDR - ok

19:05:55.0426 0x0984  [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys

19:05:55.0441 0x0984  RdpVideoMiniport - ok

19:05:55.0457 0x0984  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys

19:05:55.0473 0x0984  rdyboost - ok

19:05:55.0566 0x0984  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys

19:05:55.0613 0x0984  ReFS - ok

19:05:55.0644 0x0984  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

19:05:55.0691 0x0984  RemoteAccess - ok

19:05:55.0738 0x0984  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

19:05:55.0769 0x0984  RemoteRegistry - ok

19:05:55.0801 0x0984  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys

19:05:55.0816 0x0984  RFCOMM - ok

19:05:55.0863 0x0984  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll

19:05:55.0894 0x0984  RpcEptMapper - ok

19:05:55.0926 0x0984  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe

19:05:55.0941 0x0984  RpcLocator - ok

19:05:56.0004 0x0984  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll

19:05:56.0035 0x0984  RpcSs - ok

19:05:56.0066 0x0984  [ D5E76FA33A4109490228F4015564133E, 2C8206F3E8149D8A6DDFAF5EF0341752586C210ABAB8809E1AB42777CB1B6447 ] RSPCIESTOR      C:\WINDOWS\system32\DRIVERS\RtsPStor.sys

19:05:56.0082 0x0984  RSPCIESTOR - ok

19:05:56.0098 0x0984  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys

19:05:56.0113 0x0984  rspndr - ok

19:05:56.0176 0x0984  [ D2768897FCEA8EEFAD3D69BAC9DC4180, 81E23AA9E13C06BD417C34566766A9F98FD3A8F916123F282CB6E52AB1A10A1D ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys

19:05:56.0207 0x0984  RTL8168 - ok

19:05:56.0238 0x0984  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys

19:05:56.0238 0x0984  s3cap - ok

19:05:56.0270 0x0984  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe

19:05:56.0301 0x0984  SamSs - ok

19:05:56.0332 0x0984  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys

19:05:56.0379 0x0984  sbp2port - ok

19:05:56.0410 0x0984  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll

19:05:56.0457 0x0984  SCardSvr - ok

19:05:56.0488 0x0984  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll

19:05:56.0506 0x0984  ScDeviceEnum - ok

19:05:56.0538 0x0984  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys

19:05:56.0553 0x0984  scfilter - ok

19:05:56.0647 0x0984  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll

19:05:56.0709 0x0984  Schedule - ok

19:05:56.0741 0x0984  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll

19:05:56.0756 0x0984  SCPolicySvc - ok

19:05:56.0788 0x0984  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys

19:05:56.0803 0x0984  sdbus - ok

19:05:56.0835 0x0984  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys

19:05:56.0850 0x0984  sdstor - ok

19:05:56.0866 0x0984  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys

19:05:56.0897 0x0984  secdrv - ok

19:05:56.0928 0x0984  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll

19:05:56.0959 0x0984  seclogon - ok

19:05:56.0991 0x0984  [ 1ED7A8574A28357097A5CB4063C96B00, 4E248CA66B7DE930AEC501A85F507AB813FC3CEBCBA347DFF3B05CE6CB8E496B ] semav6thermal64ro C:\Windows\system32\drivers\semav6thermal64ro.sys

19:05:57.0006 0x0984  semav6thermal64ro - ok

19:05:57.0038 0x0984  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll

19:05:57.0069 0x0984  SENS - ok

19:05:57.0100 0x0984  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll

19:05:57.0116 0x0984  SensrSvc - ok

19:05:57.0131 0x0984  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys

19:05:57.0147 0x0984  SerCx - ok

19:05:57.0163 0x0984  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys

19:05:57.0194 0x0984  SerCx2 - ok

19:05:57.0210 0x0984  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys

19:05:57.0225 0x0984  Serenum - ok

19:05:57.0256 0x0984  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys

19:05:57.0272 0x0984  Serial - ok

19:05:57.0288 0x0984  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys

19:05:57.0319 0x0984  sermouse - ok

19:05:57.0381 0x0984  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll

19:05:57.0428 0x0984  SessionEnv - ok

19:05:57.0444 0x0984  [ 415B1326C40A2E1F251A3845B9C7DF31, D7BD668962B71DC3877366EB0C0BD5CDB1FF564A5866EE58DB90838D78227AD6 ] SFEP            C:\WINDOWS\System32\drivers\SFEP.sys

19:05:57.0475 0x0984  SFEP - ok

19:05:57.0491 0x0984  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys

19:05:57.0506 0x0984  sfloppy - ok

19:05:57.0553 0x0984  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

19:05:57.0585 0x0984  SharedAccess - ok

19:05:57.0678 0x0984  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

19:05:57.0741 0x0984  ShellHWDetection - ok

19:05:57.0772 0x0984  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys

19:05:57.0788 0x0984  SiSRaid2 - ok

19:05:57.0803 0x0984  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys

19:05:57.0819 0x0984  SiSRaid4 - ok

19:05:57.0866 0x0984  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

19:05:57.0866 0x0984  SkypeUpdate - ok

19:05:57.0897 0x0984  [ 817B64BE830C64FEA9A5FDE2251F8F8B, 0CF2D24DF4B56B4928167597D44C17835903B0AEB8B6169E6A1CD65CED293C04 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys

19:05:57.0897 0x0984  SmbDrvI - ok

19:05:57.0944 0x0984  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll

19:05:57.0944 0x0984  smphost - ok

19:05:57.0991 0x0984  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe

19:05:58.0022 0x0984  SNMPTRAP - ok

19:05:58.0116 0x0984  [ 56210E78E7ED9CD178DF3B710D0D514C, 641C8CA7264975DA82A532B816723454235CFD247E0311803B472070DBE83320 ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

19:05:58.0147 0x0984  SOHCImp - ok

19:05:58.0194 0x0984  [ F939D397853E433C1D59B96B96497F88, 98FC1EC27B758774A708910AE217AA02B14DA34245A1D6BA072436928FDA972D ] SOHDms          C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

19:05:58.0225 0x0984  SOHDms - ok

19:05:58.0241 0x0984  [ FA4AC5624B245FA03D4CCBA9C48D385E, 3125359763D34EE51EB1125217050DB29045154E76673F7CFED25B6301C7EEBE ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

19:05:58.0256 0x0984  SOHDs - ok

19:05:58.0288 0x0984  [ 3BB48F7E33C2B76184DDF233000C09CD, D1AAE5B0425047CA0C2D376D3E59324D35A90DF9074CD442DFD0ED6E434D3C84 ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe

19:05:58.0288 0x0984  Sony SCSI Helper Service - detected UnsignedFile.Multi.Generic ( 1 )

19:06:00.0790 0x0984  Detect skipped due to KSN trusted

19:06:00.0790 0x0984  Sony SCSI Helper Service - ok

19:06:00.0884 0x0984  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys

19:06:00.0915 0x0984  spaceport - ok

19:06:00.0962 0x0984  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys

19:06:00.0978 0x0984  SpbCx - ok

19:06:01.0103 0x0984  [ C03E480E63A80D73FABE28D24D3B6B47, F8C68DC63A5492587F9343158348ADD99A99AF34DC7ED29E5562EE90C0AB8F25 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

19:06:01.0134 0x0984  SpfService - ok

19:06:01.0196 0x0984  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\WINDOWS\System32\spoolsv.exe

19:06:01.0259 0x0984  Spooler - ok

19:06:01.0525 0x0984  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe

19:06:01.0650 0x0984  sppsvc - ok

19:06:01.0696 0x0984  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys

19:06:01.0696 0x0984  srv - ok

19:06:01.0775 0x0984  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys

19:06:01.0821 0x0984  srv2 - ok

19:06:01.0853 0x0984  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys

19:06:01.0884 0x0984  srvnet - ok

19:06:01.0931 0x0984  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

19:06:01.0978 0x0984  SSDPSRV - ok

19:06:02.0009 0x0984  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll

19:06:02.0040 0x0984  SstpSvc - ok

19:06:02.0071 0x0984  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys

19:06:02.0104 0x0984  stexstor - ok

19:06:02.0167 0x0984  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll

19:06:02.0214 0x0984  stisvc - ok

19:06:02.0260 0x0984  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys

19:06:02.0276 0x0984  storahci - ok

19:06:02.0292 0x0984  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys

19:06:02.0307 0x0984  storflt - ok

19:06:02.0323 0x0984  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys

19:06:02.0339 0x0984  stornvme - ok

19:06:02.0370 0x0984  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll

19:06:02.0385 0x0984  StorSvc - ok

19:06:02.0401 0x0984  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys

19:06:02.0417 0x0984  storvsc - ok

19:06:02.0448 0x0984  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll

19:06:02.0495 0x0984  svsvc - ok

19:06:02.0510 0x0984  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys

19:06:02.0532 0x0984  swenum - ok

19:06:02.0607 0x0984  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll

19:06:02.0638 0x0984  swprv - ok

19:06:02.0685 0x0984  [ AD6575A2637FF1B3C094791D1CFEC0F5, AA89886E1E86A64B6B81D9FF53FE5EA59E7F61C4F7A75E6EB0A04273C46E3576 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys

19:06:02.0732 0x0984  SynTP - ok

19:06:02.0825 0x0984  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll

19:06:02.0888 0x0984  SysMain - ok

19:06:02.0935 0x0984  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll

19:06:02.0966 0x0984  SystemEventsBroker - ok

19:06:02.0997 0x0984  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll

19:06:03.0013 0x0984  TabletInputService - ok

19:06:03.0044 0x0984  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

19:06:03.0075 0x0984  TapiSrv - ok

19:06:03.0216 0x0984  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys

19:06:03.0279 0x0984  Tcpip - ok

19:06:03.0341 0x0984  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:06:03.0388 0x0984  TCPIP6 - ok

19:06:03.0419 0x0984  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys

19:06:03.0419 0x0984  tcpipreg - ok

19:06:03.0466 0x0984  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys

19:06:03.0466 0x0984  tdx - ok

19:06:03.0497 0x0984  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys

19:06:03.0497 0x0984  terminpt - ok

19:06:03.0591 0x0984  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll

19:06:03.0638 0x0984  TermService - ok

19:06:03.0654 0x0984  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll

19:06:03.0685 0x0984  Themes - ok

19:06:03.0732 0x0984  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll

19:06:03.0763 0x0984  THREADORDER - ok

19:06:03.0794 0x0984  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll

19:06:03.0841 0x0984  TimeBroker - ok

19:06:03.0872 0x0984  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys

19:06:03.0904 0x0984  TPM - ok

19:06:03.0935 0x0984  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll

19:06:03.0966 0x0984  TrkWks - ok

19:06:04.0013 0x0984  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe

19:06:04.0044 0x0984  TrustedInstaller - ok

19:06:04.0075 0x0984  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys

19:06:04.0091 0x0984  TsUsbFlt - ok

19:06:04.0123 0x0984  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys

19:06:04.0154 0x0984  TsUsbGD - ok

19:06:04.0186 0x0984  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys

19:06:04.0217 0x0984  tunnel - ok

19:06:04.0248 0x0984  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys

19:06:04.0279 0x0984  uagp35 - ok

19:06:04.0295 0x0984  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys

19:06:04.0326 0x0984  UASPStor - ok

19:06:04.0357 0x0984  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys

19:06:04.0389 0x0984  UCX01000 - ok

19:06:04.0420 0x0984  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys

19:06:04.0451 0x0984  udfs - ok

19:06:04.0467 0x0984  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys

19:06:04.0467 0x0984  UEFI - ok

19:06:04.0514 0x0984  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe

19:06:04.0529 0x0984  UI0Detect - ok

19:06:04.0552 0x0984  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys

19:06:04.0558 0x0984  uliagpkx - ok

19:06:04.0574 0x0984  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys

19:06:04.0589 0x0984  umbus - ok

19:06:04.0605 0x0984  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys

19:06:04.0621 0x0984  UmPass - ok

19:06:04.0652 0x0984  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll

19:06:04.0668 0x0984  UmRdpService - ok

19:06:04.0777 0x0984  [ 83C37EF0E54580BAB3497259516A9431, A5EAC7241774EF738AB3927B11091F0C1E7E987DAF936B76D129EA3E516C6733 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

19:06:04.0808 0x0984  UNS - ok

19:06:04.0855 0x0984  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll

19:06:04.0886 0x0984  upnphost - ok

19:06:04.0933 0x0984  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys

19:06:04.0949 0x0984  usbccgp - ok

19:06:04.0980 0x0984  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys

19:06:04.0996 0x0984  usbcir - ok

19:06:05.0043 0x0984  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys

19:06:05.0074 0x0984  usbehci - ok

19:06:05.0121 0x0984  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys

19:06:05.0152 0x0984  usbhub - ok

19:06:05.0183 0x0984  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys

19:06:05.0214 0x0984  USBHUB3 - ok

19:06:05.0261 0x0984  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys

19:06:05.0277 0x0984  usbohci - ok

19:06:05.0308 0x0984  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys

19:06:05.0339 0x0984  usbprint - ok

19:06:05.0386 0x0984  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS

19:06:05.0418 0x0984  USBSTOR - ok

19:06:05.0464 0x0984  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys

19:06:05.0490 0x0984  usbuhci - ok

19:06:05.0526 0x0984  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys

19:06:05.0557 0x0984  usbvideo - ok

19:06:05.0604 0x0984  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS

19:06:05.0635 0x0984  USBXHCI - ok

19:06:05.0713 0x0984  [ 34349E7B488FA61B639117F6BF1EBF99, A7A7E60511F7D6370473D41867F5323695308CC27D3EEB0286687D3A9E0084E9 ] USER_ESRV_SVC   C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe

19:06:05.0745 0x0984  USER_ESRV_SVC - ok

19:06:05.0791 0x0984  [ 1CA1DC88D9484BCFD6C26560F397539A, 95C2AB45D4682BB4F75F1D03D57CCA944BA570EFEA06E0AB71062C6E6E7C7F4A ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

19:06:05.0823 0x0984  VAIO Event Service - ok

19:06:05.0870 0x0984  [ 0E15735307E1068F2E2169BEB1CA4CC2, BF44F28E473EBBA1910436C17FD14CF9A4DD4AD0716FFD3129D2B6F2300ADCF1 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe

19:06:05.0916 0x0984  VAIO Power Management - ok

19:06:05.0948 0x0984  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe

19:06:05.0963 0x0984  VaultSvc - ok

19:06:06.0073 0x0984  [ DEBA4273293DAE85EE4BE3F433C903D7, 62254F305DDE2D14CE3ABD1FA7B2B1F1FAC3925926D73A217EF863F6D4B25FBF ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

19:06:06.0120 0x0984  VCFw - ok

19:06:06.0135 0x0984  [ EFD47ED6C5824825E214CFE70D26C009, 562FA4E508DF4BD954237CA60978FFF5759E8A08C5DDEB621BC95AAEF89A3CC4 ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe

19:06:06.0151 0x0984  VCService - ok

19:06:06.0182 0x0984  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys

19:06:06.0182 0x0984  vdrvroot - ok

19:06:06.0292 0x0984  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe

19:06:06.0338 0x0984  vds - ok

19:06:06.0354 0x0984  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys

19:06:06.0370 0x0984  VerifierExt - ok

19:06:06.0401 0x0984  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys

19:06:06.0417 0x0984  vhdmp - ok

19:06:06.0448 0x0984  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys

19:06:06.0448 0x0984  viaide - ok

19:06:06.0463 0x0984  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys

19:06:06.0479 0x0984  vmbus - ok

19:06:06.0479 0x0984  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys

19:06:06.0495 0x0984  VMBusHID - ok

19:06:06.0526 0x0984  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll

19:06:06.0542 0x0984  vmicguestinterface - ok

19:06:06.0568 0x0984  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll

19:06:06.0571 0x0984  vmicheartbeat - ok

19:06:06.0587 0x0984  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll

19:06:06.0602 0x0984  vmickvpexchange - ok

19:06:06.0618 0x0984  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll

19:06:06.0634 0x0984  vmicrdv - ok

19:06:06.0649 0x0984  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll

19:06:06.0665 0x0984  vmicshutdown - ok

19:06:06.0680 0x0984  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll

19:06:06.0696 0x0984  vmictimesync - ok

19:06:06.0696 0x0984  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll

19:06:06.0712 0x0984  vmicvss - ok

19:06:06.0727 0x0984  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys

19:06:06.0743 0x0984  volmgr - ok

19:06:06.0790 0x0984  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys

19:06:06.0821 0x0984  volmgrx - ok

19:06:06.0884 0x0984  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys

19:06:06.0915 0x0984  volsnap - ok

19:06:06.0946 0x0984  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys

19:06:06.0977 0x0984  vpci - ok

19:06:06.0993 0x0984  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys

19:06:07.0024 0x0984  vsmraid - ok

19:06:07.0102 0x0984  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe

19:06:07.0149 0x0984  VSS - ok

19:06:07.0180 0x0984  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys

19:06:07.0227 0x0984  VSTXRAID - ok

19:06:07.0368 0x0984  [ C460F38BCA36929693892DEC77857114, 230362A5B8F7BCA5484C62D219E3EF3CF2C0732669BBBA48DE8DB3282C4F87C9 ] VUAgent         C:\Program Files\Sony\VAIO Update\vuagent.exe

19:06:07.0430 0x0984  VUAgent - ok

19:06:07.0477 0x0984  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys

19:06:07.0493 0x0984  vwifibus - ok

19:06:07.0524 0x0984  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys

19:06:07.0556 0x0984  vwififlt - ok

19:06:07.0571 0x0984  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys

19:06:07.0587 0x0984  vwifimp - ok

19:06:07.0649 0x0984  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll

19:06:07.0712 0x0984  W32Time - ok

19:06:07.0727 0x0984  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys

19:06:07.0743 0x0984  WacomPen - ok

19:06:07.0868 0x0984  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe

19:06:07.0915 0x0984  wbengine - ok

19:06:07.0962 0x0984  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll

19:06:07.0977 0x0984  WbioSrvc - ok

19:06:08.0009 0x0984  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll

19:06:08.0056 0x0984  Wcmsvc - ok

19:06:08.0118 0x0984  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll

19:06:08.0149 0x0984  wcncsvc - ok

19:06:08.0165 0x0984  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll

19:06:08.0196 0x0984  WcsPlugInService - ok

19:06:08.0227 0x0984  [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys

19:06:08.0243 0x0984  WdBoot - ok

19:06:08.0274 0x0984  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys

19:06:08.0290 0x0984  WDC_SAM - ok

19:06:08.0368 0x0984  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys

19:06:08.0415 0x0984  Wdf01000 - ok

19:06:08.0462 0x0984  [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys

19:06:08.0493 0x0984  WdFilter - ok

19:06:08.0524 0x0984  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll

19:06:08.0571 0x0984  WdiServiceHost - ok

19:06:08.0579 0x0984  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll

19:06:08.0602 0x0984  WdiSystemHost - ok

19:06:08.0618 0x0984  [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys

19:06:08.0633 0x0984  WdNisDrv - ok

19:06:08.0665 0x0984  WdNisSvc - ok

19:06:08.0712 0x0984  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\WINDOWS\System32\webclnt.dll

19:06:08.0758 0x0984  WebClient - ok

19:06:08.0790 0x0984  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll

19:06:08.0821 0x0984  Wecsvc - ok

19:06:08.0837 0x0984  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll

19:06:08.0852 0x0984  WEPHOSTSVC - ok

19:06:08.0868 0x0984  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll

19:06:08.0883 0x0984  wercplsupport - ok

19:06:08.0915 0x0984  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll

19:06:08.0930 0x0984  WerSvc - ok

19:06:08.0962 0x0984  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys

19:06:08.0977 0x0984  WFPLWFS - ok

19:06:08.0993 0x0984  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll

19:06:09.0008 0x0984  WiaRpc - ok

19:06:09.0040 0x0984  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys

19:06:09.0055 0x0984  WIMMount - ok

19:06:09.0055 0x0984  WinDefend - ok

19:06:09.0118 0x0984  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll

19:06:09.0165 0x0984  WinHttpAutoProxySvc - ok

19:06:09.0228 0x0984  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

19:06:09.0275 0x0984  Winmgmt - ok

19:06:09.0415 0x0984  [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll

19:06:09.0478 0x0984  WinRM - ok

19:06:09.0572 0x0984  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll

19:06:09.0634 0x0984  WlanSvc - ok

19:06:09.0712 0x0984  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll

19:06:09.0775 0x0984  wlidsvc - ok

19:06:09.0822 0x0984  [ 73B8665D4C3111E4AFF871955BDEB2DB, D919425768589D6BC5806CD559599D7775BF03BABC19D406E2E8F5C35BFA6F44 ] wltrysvc        C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE

19:06:09.0822 0x0984  wltrysvc - detected UnsignedFile.Multi.Generic ( 1 )

19:06:12.0487 0x0984  Detect skipped due to KSN trusted

19:06:12.0487 0x0984  wltrysvc - ok

19:06:12.0550 0x0984  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys

19:06:12.0581 0x0984  WmiAcpi - ok

19:06:12.0624 0x0984  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe

19:06:12.0671 0x0984  wmiApSrv - ok

19:06:12.0687 0x0984  WMPNetworkSvc - ok

19:06:12.0749 0x0984  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys

19:06:12.0781 0x0984  Wof - ok

19:06:12.0890 0x0984  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll

19:06:12.0984 0x0984  workfolderssvc - ok

19:06:13.0000 0x0984  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys

19:06:13.0015 0x0984  wpcfltr - ok

19:06:13.0046 0x0984  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll

19:06:13.0078 0x0984  WPCSvc - ok

19:06:13.0109 0x0984  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll

19:06:13.0156 0x0984  WPDBusEnum - ok

19:06:13.0187 0x0984  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys

19:06:13.0218 0x0984  WpdUpFltr - ok

19:06:13.0250 0x0984  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys

19:06:13.0296 0x0984  ws2ifsl - ok

19:06:13.0343 0x0984  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll

19:06:13.0406 0x0984  wscsvc - ok

19:06:13.0421 0x0984  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys

19:06:13.0453 0x0984  WSDPrintDevice - ok

19:06:13.0468 0x0984  WSearch - ok

19:06:13.0656 0x0984  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll

19:06:13.0843 0x0984  WSService - ok

19:06:14.0015 0x0984  [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll

19:06:14.0187 0x0984  wuauserv - ok

19:06:14.0219 0x0984  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys

19:06:14.0266 0x0984  WudfPf - ok

19:06:14.0297 0x0984  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys

19:06:14.0328 0x0984  WUDFRd - ok

19:06:14.0344 0x0984  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

19:06:14.0375 0x0984  WUDFSensorLP - ok

19:06:14.0406 0x0984  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll

19:06:14.0437 0x0984  wudfsvc - ok

19:06:14.0453 0x0984  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

19:06:14.0484 0x0984  WUDFWpdFs - ok

19:06:14.0531 0x0984  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll

19:06:14.0594 0x0984  WwanSvc - ok

19:06:14.0617 0x0984  ================ Scan global ===============================

19:06:14.0644 0x0984  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll

19:06:14.0691 0x0984  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll

19:06:14.0722 0x0984  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll

19:06:14.0785 0x0984  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe

19:06:14.0816 0x0984  [ Global ] - ok

19:06:14.0816 0x0984  ================ Scan MBR ==================================

19:06:14.0832 0x0984  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

19:06:14.0926 0x0984  \Device\Harddisk0\DR0 - ok

19:06:14.0926 0x0984  ================ Scan VBR ==================================

19:06:14.0926 0x0984  [ BBDCB3EBFA358AC6F66655F66DA4CC02 ] \Device\Harddisk0\DR0\Partition1

19:06:14.0972 0x0984  \Device\Harddisk0\DR0\Partition1 - ok

19:06:14.0988 0x0984  [ 718186B8CDC023BBF8C13D0B3FB46246 ] \Device\Harddisk0\DR0\Partition2

19:06:15.0066 0x0984  \Device\Harddisk0\DR0\Partition2 - ok

19:06:15.0082 0x0984  [ 02D0A9C0F04A9F2273A18D72A62EEA47 ] \Device\Harddisk0\DR0\Partition3

19:06:15.0144 0x0984  \Device\Harddisk0\DR0\Partition3 - ok

19:06:15.0176 0x0984  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4

19:06:15.0176 0x0984  \Device\Harddisk0\DR0\Partition4 - ok

19:06:15.0191 0x0984  [ 693C2B3CF2B33E263C74A12D4B43A5AA ] \Device\Harddisk0\DR0\Partition5

19:06:15.0254 0x0984  \Device\Harddisk0\DR0\Partition5 - ok

19:06:15.0301 0x0984  [ 4650ACD4014994C2C30F1F5985D4EDB8 ] \Device\Harddisk0\DR0\Partition6

19:06:15.0301 0x0984  \Device\Harddisk0\DR0\Partition6 - ok

19:06:15.0316 0x0984  [ 052D492BD0D0094AD912E50F97938A7D ] \Device\Harddisk0\DR0\Partition7

19:06:15.0332 0x0984  \Device\Harddisk0\DR0\Partition7 - ok

19:06:15.0347 0x0984  ================ Scan generic autorun ======================

19:06:15.0472 0x0984  [ AAA55BD633DBDB39746CC2394A04187F, 2F22135FCE51B31047A231DB9B22F9FB1F29CED67E32660B56F7FA68BBCD5235 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

19:06:15.0532 0x0984  RtHDVBg - ok

19:06:15.0853 0x0984  [ 693B9E5DF7A394D70D2AA96958854C67, F1FB4CE517DC7FB8788D991F354B7429EF756B15953C38B859FDACAFD356DC21 ] C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe

19:06:16.0243 0x0984  Broadcom Wireless Manager UI - detected UnsignedFile.Multi.Generic ( 1 )

19:06:18.0737 0x0984  Detect skipped due to KSN trusted

19:06:18.0737 0x0984  Broadcom Wireless Manager UI - ok

19:06:18.0815 0x0984  [ 5018884304BC23A3870F6BF92B840FD0, 66C105881A3F1A83654E53A71E047AF82C587458C437EB6851EB57A352B3FBE2 ] C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe

19:06:18.0862 0x0984  Bluetooth - ok

19:06:18.0909 0x0984  [ E85BD90950497619C39D1F5068228CF4, BA5CD7035EC1ACDB214EB8D534B00EA409739DD2DDD01D92D98A1B3925FB428E ] C:\Windows\system32\igfxtray.exe

19:06:18.0924 0x0984  IgfxTray - ok

19:06:18.0924 0x0984  HotKeysCmds - ok

19:06:18.0940 0x0984  Persistence - ok

19:06:18.0971 0x0984  [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\Windows\system32\rundll32.exe

19:06:19.0003 0x0984  Logitech Download Assistant - ok

19:06:19.0003 0x0984  SynTPEnh - ok

19:06:19.0112 0x0984  [ 6A8E8AFD57BE1CC887B5812C5FE560DE, A3D9FC62C9CC3D5DD794B7D1184D665F858E176463B8663FA92AB151B6E86360 ] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe

19:06:19.0143 0x0984  PMBVolumeWatcher - ok

19:06:19.0253 0x0984  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

19:06:19.0315 0x0984  Adobe ARM - ok

19:06:19.0378 0x0984  [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

19:06:19.0393 0x0984  APSDaemon - ok

19:06:19.0534 0x0984  [ 98FAFD82E4F0674D2D7BB3C8FD141D32, 4F44F6B17E40268B8EE0251E6D913157CA1E7CE4C9D9B434262E74F136453A10 ] c:\Creative Suite CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe

19:06:19.0596 0x0984  Adobe Version Cue CS2 - detected UnsignedFile.Multi.Generic ( 1 )

19:06:22.0089 0x0984  Detect skipped due to KSN trusted

19:06:22.0089 0x0984  Adobe Version Cue CS2 - ok

19:06:22.0199 0x0984  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe

19:06:22.0230 0x0984  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )

19:06:25.0053 0x0984  Detect skipped due to KSN trusted

19:06:25.0053 0x0984  QuickTime Task - ok

19:06:25.0147 0x0984  [ 846965AE55A2662B1576C0F392DD1D6E, 0ADE383991FDC5A49DD15A27CB52CF75ABF518F0335E92003C0FF75DB417BBDC ] C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe

19:06:25.0178 0x0984  SSBkgdUpdate - ok

19:06:25.0241 0x0984  [ 27249F2A900032F3C2DFAB8DE8F16399, 88F85055FC6A6C3872A9A3697F92E26EEB51655F5D53F49EE22768829839808A ] C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe

19:06:25.0256 0x0984  PaperPort PTD - ok

19:06:25.0287 0x0984  [ BE72C212B14FC8F872A70C6C311D0529, 9C6A8060FD4505925894D8FD08EFCDE16BEEAAC70264519135B261C026333CAA ] C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe

19:06:25.0303 0x0984  IndexSearch - ok

19:06:25.0334 0x0984  [ A4A66195EB0ECD574A32AAA92DC0A7BD, 4E30D565917158316A541BB29D73BF5F3A01DAB1240363276DE0C5D59B2BFFFE ] C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe

19:06:25.0366 0x0984  PPort11reminder - ok

19:06:25.0428 0x0984  [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe

19:06:25.0444 0x0984  iTunesHelper - ok

19:06:25.0537 0x0984  [ FBD06A45DB2D543EFD932768029EC5F2, 19A9CE22FFAC083F202B97F467B08767EC7B3E6591FDDF8A7CC15BCA695DF6DF ] C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

19:06:25.0602 0x0984  Acrobat Assistant 7.0 - detected UnsignedFile.Multi.Generic ( 1 )

19:06:28.0261 0x0984  Detect skipped due to KSN trusted

19:06:28.0261 0x0984  Acrobat Assistant 7.0 - ok

19:06:28.0339 0x0984  Skype - ok

19:06:28.0339 0x0984  Skype - ok

19:06:28.0355 0x0984  Waiting for KSN requests completion. In queue: 5

19:06:29.0361 0x0984  Waiting for KSN requests completion. In queue: 5

19:06:30.0361 0x0984  Waiting for KSN requests completion. In queue: 5

19:06:31.0381 0x0984  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x42000 ( disabled : updated )

19:06:31.0381 0x0984  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )

19:06:31.0381 0x0984  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x42010 ( disabled )

19:06:31.0397 0x0984  Win FW state via NFP2: enabled

19:06:33.0965 0x0984  ============================================================

19:06:33.0965 0x0984  Scan finished

19:06:33.0965 0x0984  ============================================================

19:06:33.0981 0x11a8  Detected object count: 0

19:06:33.0981 0x11a8  Actual detected object count: 0

19:06:54.0367 0x1b04  Deinitialize success






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users